Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:03-06-2016 Uruchomiony przez Jan (administrator) KOMP (04-06-2016 20:07:40) Uruchomiony z C:\Users\Jan\Desktop\FRST Załadowane profile: Jan (Dostępne profile: Jan) Platform: Windows 10 Pro (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe () C:\Program Files (x86)\ASUSTek Computer Inc\ASUS USB-N14\WPSHWPBC.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe (MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe (Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe () C:\ProgramData\Quoteex\Quoteex.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe () C:\Program Files (x86)\ASUS USB-N13 Wireless LAN Driver\WPSService20.exe (Chris Pietschmann (hxxp://pietschsoft.com)) D:\Program Files (x86)\Virtual Router\VirtualRouterService.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Users\Jan\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (MY.COM B.V.) C:\Users\Jan\AppData\Local\MyComGames\MyComGames.exe (GOG.com) D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe (GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Akamai Technologies, Inc.) C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe (GOG.com) D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe (Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\SpotifyCrashService.exe (Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (GOG.com) D:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe (Chris Pietschmann (hxxp://pietschsoft.com)) D:\Program Files (x86)\Virtual Router\VirtualRouterClient.exe (Curse) C:\Users\Jan\AppData\Local\Apps\2.0\NGZ843XX.OT3\Z51CGDYJ.RTP\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe (GOG.com) D:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe (GOG.com) D:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe (MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Corporation) C:\Windows\System32\systeminfo.exe (Microsoft Corporation) C:\Windows\System32\find.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8783616 2016-03-09] (Realtek Semiconductor) HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1014736 2014-11-26] (MSI) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2313408 2016-04-07] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.) HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-11-01] (Google Inc.) HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\Run: [Steam] => e:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [3985976 2016-05-13] (GOG.com) HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\Run: [MyComGames] => C:\Users\Jan\AppData\Local\MyComGames\MyComGames.exe [4912016 2016-05-26] (MY.COM B.V.) HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\Run: [Spotify Web Helper] => C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-05-30] (Spotify Ltd) HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\Run: [GameCenterMailRu] => "C:\Users\Jan\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe" -autostart HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\Run: [Spotify] => C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe [6859888 2016-05-30] (Spotify Ltd) HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\Policies\Explorer: [] HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\MountPoints2: {4e3a7389-830b-11e5-be70-d8cb8a53b9b7} - "H:\setup.exe" HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\MountPoints2: {5527f336-8569-11e5-be76-d8cb8a53b9b7} - "I:\setup.exe" HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\...\MountPoints2: {92f152a8-ccd3-11e5-be97-d8cb8a53b9b7} - "G:\setup.exe" AppInit_DLLs: C:\ProgramData\Quoteex\Scot-Eco.dll => C:\ProgramData\Quoteex\Scot-Eco.dll [363008 2016-05-27] () AppInit_DLLs-x32: C:\ProgramData\Quoteex\ZaamFax.dll => C:\ProgramData\Quoteex\ZaamFax.dll [257536 2016-05-27] () ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-04-01] () ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-11-01] ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Virtual Router Manager.lnk [2016-02-08] ShortcutTarget: Virtual Router Manager.lnk -> C:\Windows\Installer\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}\_118D1A4EFFA6998C3492EB.exe () Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-01-30] () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{50a18a15-61de-47e5-b74b-54274d9bb6db}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{6c3bbde1-8d1c-40ba-80e0-13e2f1314041}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{d0ffe2d8-e4ff-4b26-9276-6db8a7d5f9c6}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYrBgWCryBANtUuGpSxEqSPHrobnmFnREutApeddew96XPV9Oz-WTfphKNI1RnE9b7OeJrCR4TjM8fT_Vd1FP43gWis5e157U-kiimFXPKpErYpUxGyq6OinOY66imQMNzhIUzqmFbE65iNIQPxLCP-cb0kMg,,&q={searchTerms} HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYrBgWCryBANtUuGpSxEqSPHrobnmFnREutApeddew96XPV9Oz-WTfphKNI1RnE9b7Ck6nlBtn_wO8kGv5YuedJgifiQJCyvrutovnZJhs4_j_6x6Jv-3e5Q4Ee6hS9oQToUv6iYXTod-I2oVNjww6Q4eJB0w,, HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYrBgWCryBANtUuGpSxEqSPHrobnmFnREutApeddew96XPV9Oz-WTfphKNI1RnE9b7OeJrCR4TjM8fT_Vd1FP43gWis5e157U-kiimFXPKpErYpUxGyq6OinOY66imQMNzhIUzqmFbE65iNIQPxLCP-cb0kMg,,&q={searchTerms} HKU\S-1-5-21-4005203590-2278095804-2477096586-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYrBgWCryBANtUuGpSxEqSPHrobnmFnREutApeddew96XPV9Oz-WTfphKNI1RnE9b7OeJrCR4TjM8fT_Vd1FP43gWis5e157U-kiimFXPKpErYpUxGyq6OinOY66imQMNzhIUzqmFbE65iNIQPxLCP-cb0kMg,,&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKU\S-1-5-21-4005203590-2278095804-2477096586-1001 -> DefaultScope {ielnksrch} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-04-12] (Microsoft Corporation) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-04-12] (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => Brak pliku BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-10] (Oracle Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-10] (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.) Toolbar: HKU\S-1-5-21-4005203590-2278095804-2477096586-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-11-24] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-11-24] (Microsoft Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-15] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-11-24] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-04-07] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-10] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-10] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-11-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-05-20] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-05-20] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-04-07] (Adobe Systems) FF Plugin HKU\S-1-5-21-4005203590-2278095804-2477096586-1001: @mail.ru/GameCenter -> C:\Users\Jan\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll [Brak pliku] FF Plugin HKU\S-1-5-21-4005203590-2278095804-2477096586-1001: @my.com/Games -> C:\Users\Jan\AppData\Local\MyComGames\NPMyComDetector.dll [2016-01-28] (MY.COM B.V.) FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon [2016-04-11] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon Chrome: ======= CHR HomePage: Default -> hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYrBgWCryBANtUuGpSxEqSPHrobnmFnREutApeddew96XPV9Oz-WTfphKNI1RnE9b7OY7gDUyrMyQszB-yIghIsElFsu8duvlGBQEFCNhlJB5vcusY32JmBVAjg-BMAimcCt7wmqJSCDzMb5PhEaA4bTLGSWQ,, CHR StartupUrls: Default -> "hxxp://www.google.com" CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-04] CHR Extension: (Dokumenty Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-04] CHR Extension: (Dysk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04] CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-04] CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-02] CHR Extension: (Google Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04] CHR Extension: (Arkusze Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-04] CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Norton Identity Safe) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-11-04] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05] CHR Extension: (Bazz Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinhfkamckbogjgmbmdkdebbbpnmlaef [2016-05-27] CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-04] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-14] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-14] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [694464 2016-04-07] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated) R2 ASUS_WPSHWPBC; C:\Program Files (x86)\ASUSTek Computer Inc\ASUS USB-N14\WPSHWPBC.exe [318976 2013-01-17] () [Brak podpisu cyfrowego] R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1314848 2016-01-19] () R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009264 2016-05-17] (Microsoft Corporation) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark) R3 GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [246328 2016-05-13] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6167096 2016-05-13] (GOG.com) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation) R2 HiPatchService; d:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-05-20] (Hi-Rez Studios) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] () S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.) R2 mitsijm2016; C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe [968480 2014-09-30] (Autodesk, Inc.) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162768 2014-11-26] (MSI) S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.6.0.142\NIS.exe [289080 2016-02-26] (Symantec Corporation) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3844640 2015-11-22] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [Brak podpisu cyfrowego] R2 Quoteex; C:\ProgramData\\Quoteex\\Quoteex.exe [941568 2016-05-27] () [Brak podpisu cyfrowego] R2 Virtual Router; D:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com)) [Brak podpisu cyfrowego] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 WPSService20; C:\Program Files (x86)\ASUS USB-N13 Wireless LAN Driver\WPSService20.exe [96768 2014-05-06] () [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [82608 2014-04-10] (Qualcomm Atheros, Inc.) S3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\BASHDefs\20160125.001\BHDrvx64.sys [1665608 2015-10-22] (Symantec Corporation) S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1606000.08E\ccSetx64.sys [173808 2015-09-24] (Symantec Corporation) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-04] (Disc Soft Ltd) S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-05-04] (LogMeIn Inc.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-11-04] (REALiX(tm)) S3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\IPSDefs\20160129.001\IDSvia64.sys [767224 2015-12-04] (Symantec Corporation) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] () R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] () S3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.) R3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [156744 2016-01-20] (Qualcomm Atheros, Inc.) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185600 2016-03-09] (Intel Corporation) S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160129.019\ENG64.SYS [138488 2015-10-16] (Symantec Corporation) S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160129.019\EX64.SYS [2148080 2015-10-16] (Symantec Corporation) R3 netr28ux; C:\Windows\system32\DRIVERS\netr28ux.sys [2209936 2014-08-14] (MediaTek Inc.) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3850968 2015-10-08] (Realtek Semiconductor Corporation ) R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [196152 2016-06-04] (Duplex Secure Ltd) S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation) S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1606000.08E\SRTSPX64.SYS [50936 2015-09-24] (Symantec Corporation) S3 SymEFASI; C:\Windows\system32\drivers\NISx64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation) S4 SymELAM; C:\Windows\system32\drivers\NISx64\1606000.08E\SymELAM.sys [24192 2015-09-24] (Symantec Corporation) S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-11-04] (Symantec Corporation) S3 SymIRON; C:\Windows\system32\drivers\NISx64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation) S3 SymNetS; C:\Windows\System32\Drivers\NISx64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-06-04 20:06 - 2016-06-04 20:06 - 00016148 _____ C:\WINDOWS\system32\KOMP_Jan_HistoryPrediction.bin 2016-06-04 20:06 - 2016-06-04 20:06 - 00003990 _____ C:\Users\Jan\Desktop\gmer.txt 2016-06-04 20:02 - 2016-06-04 20:02 - 00208280 _____ C:\WINDOWS\ntbtlog.txt 2016-06-04 20:02 - 2016-06-04 20:02 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2016-06-04 19:46 - 2016-06-04 19:46 - 00355576 _____ (Duplex Secure Ltd) C:\Users\Jan\Downloads\SPTD2inst-v211-x64.exe 2016-06-04 19:46 - 2016-06-04 19:46 - 00196152 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys 2016-06-04 19:33 - 2016-06-04 19:33 - 00380928 _____ C:\Users\Jan\Downloads\ldlh6npl.exe 2016-06-04 18:53 - 2016-06-04 18:53 - 00000000 ____D C:\Users\Jan\AppData\Local\Disc_Soft_Ltd 2016-06-04 18:16 - 2016-05-20 03:57 - 00113208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-06-04 18:15 - 2016-06-04 18:15 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-06-04 18:15 - 2016-05-21 23:09 - 01581624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll 2016-06-04 18:15 - 2016-05-21 23:09 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 35117112 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 31639096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 25401280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 21802816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 21346520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 18145256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 17740664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 10642912 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 08733280 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 02791360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 02419768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436822.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436822.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00985024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00909760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00786360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00772152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00708032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00631104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00601936 _____ C:\WINDOWS\system32\nvmcumd.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00385080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00379480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00377792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00346560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00178136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00155952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00153416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00131768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2016-06-04 18:15 - 2016-05-20 10:03 - 00000594 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2016-06-04 18:15 - 2016-05-20 10:03 - 00000594 _____ C:\WINDOWS\system32\nv-vk64.json 2016-06-04 18:15 - 2016-05-04 04:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2016-06-04 18:15 - 2016-05-04 04:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll 2016-06-04 18:15 - 2016-05-04 04:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe 2016-06-04 18:15 - 2016-05-04 04:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2016-06-04 18:06 - 2016-06-04 20:07 - 00000000 ____D C:\Users\Jan\Desktop\FRST 2016-06-04 17:38 - 2016-06-04 20:07 - 00000000 ____D C:\FRST 2016-06-04 17:31 - 2016-06-04 17:36 - 00000000 ____D C:\AdwCleaner 2016-06-04 16:45 - 2016-06-04 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-06-03 06:17 - 2016-06-03 06:17 - 00000003 _____ C:\WINDOWS\SysWOW64\HRUPPROG.TXT 2016-06-03 06:17 - 2016-06-03 06:17 - 00000003 _____ C:\WINDOWS\SysWOW64\HRUPPROG.EXIT 2016-06-01 17:38 - 2016-06-01 17:38 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-05-31 23:50 - 2016-06-01 10:43 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-05-31 23:50 - 2016-05-31 23:50 - 00002096 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2016-05-31 00:26 - 2016-05-31 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 3® - Dziki Gon [GOG.com] 2016-05-29 14:13 - 2016-05-29 14:13 - 00000000 ____D C:\Users\Jan\Desktop\123 2016-05-29 13:14 - 2016-05-29 13:14 - 00000984 _____ C:\Users\Public\Desktop\Paladins.lnk 2016-05-29 13:14 - 2016-05-29 13:14 - 00000983 _____ C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk 2016-05-27 15:27 - 2016-05-27 15:34 - 00000691 _____ C:\Users\Jan\Desktop\Stellaris.lnk 2016-05-27 15:27 - 2016-05-27 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellaris 2016-05-27 15:09 - 2016-05-27 15:09 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Mozilla 2016-05-27 15:08 - 2016-06-04 20:07 - 00000000 ____D C:\ProgramData\Quoteex 2016-05-27 15:08 - 2016-05-27 15:08 - 06859776 _____ C:\Users\Jan\AppData\Roaming\agent.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 02279413 _____ C:\Users\Jan\AppData\Roaming\Fasehome.bin 2016-05-27 15:08 - 2016-05-27 15:08 - 01756999 _____ C:\Users\Jan\AppData\Roaming\Newkaystock.tst 2016-05-27 15:08 - 2016-05-27 15:08 - 00941568 _____ C:\Users\Jan\AppData\Roaming\TransLex.exe 2016-05-27 15:08 - 2016-05-27 15:08 - 00941568 _____ C:\Users\Jan\AppData\Roaming\Newkaystock.exe 2016-05-27 15:08 - 2016-05-27 15:08 - 00848437 _____ C:\Users\Jan\AppData\Roaming\Fasedex.bin 2016-05-27 15:08 - 2016-05-27 15:08 - 00128512 _____ C:\Users\Jan\AppData\Roaming\Installer.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 00126464 _____ C:\Users\Jan\AppData\Roaming\noah.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 00126464 _____ C:\Users\Jan\AppData\Roaming\lobby.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 00072820 _____ C:\Users\Jan\AppData\Roaming\TransLex.tst 2016-05-27 15:08 - 2016-05-27 15:08 - 00067776 _____ C:\Users\Jan\AppData\Roaming\Config.xml 2016-05-27 15:08 - 2016-05-27 15:08 - 00054272 _____ C:\Users\Jan\AppData\Roaming\ApplicationHosting.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 00018432 _____ C:\Users\Jan\AppData\Roaming\Main.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 00018432 _____ C:\Users\Jan\AppData\Roaming\InstallationConfiguration.xml 2016-05-27 15:08 - 2016-05-27 15:08 - 00005568 _____ C:\Users\Jan\AppData\Roaming\md.xml 2016-05-27 15:08 - 2016-05-27 15:08 - 00000000 ____D C:\ProgramData\Quoteexs 2016-05-27 15:07 - 2016-05-27 15:07 - 00649216 _____ C:\Users\Jan\Downloads\[Gameurs.Net]Stellaris.Steamworks.Fix-RVTFiX.rar.iso 2016-05-27 14:39 - 2016-05-27 14:39 - 00000000 ____D C:\Program Files (x86)\ForceBindIP 2016-05-27 14:17 - 2016-05-27 14:17 - 00000000 ____D C:\Tunngle 2016-05-27 14:14 - 2016-05-27 14:14 - 00000000 _____ C:\WINDOWS\SysWOW64\Access.dat 2016-05-27 14:12 - 2016-05-28 00:13 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Tunngle 2016-05-27 14:12 - 2016-05-27 14:12 - 00000000 ____D C:\Users\Jan\Documents\Tunngle 2016-05-27 14:12 - 2016-04-26 16:10 - 00048824 _____ (Tunngle.net GmbH) C:\WINDOWS\system32\Drivers\tap0901t.sys 2016-05-27 13:23 - 2016-06-04 19:49 - 00000000 ____D C:\Users\Jan\AppData\Local\LogMeIn Hamachi 2016-05-27 13:23 - 2016-05-27 13:23 - 00000000 ____D C:\Users\Jan\AppData\Local\LogMeIn 2016-05-27 13:23 - 2016-05-27 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2016-05-27 13:23 - 2016-05-27 13:23 - 00000000 ____D C:\ProgramData\LogMeIn 2016-05-27 13:23 - 2016-05-27 13:23 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2016-05-26 16:29 - 2016-05-26 16:29 - 00000000 ____D C:\Users\Jan\AppData\LocalLow\uTorrent 2016-05-26 16:02 - 2016-05-26 16:02 - 00000000 ____D C:\Users\Jan\Documents\Paradox Interactive 2016-05-22 18:40 - 2016-05-22 18:40 - 00000182 ____H C:\Users\Jan\Downloads\21753D.dwg.dwl2 2016-05-22 18:40 - 2016-05-22 18:40 - 00000032 ____H C:\Users\Jan\Downloads\21753D.dwg.dwl 2016-05-22 18:39 - 2016-05-22 18:39 - 00000182 ____H C:\Users\Jan\Downloads\2165C3D.dwg.dwl2 2016-05-22 18:39 - 2016-05-22 18:39 - 00000032 ____H C:\Users\Jan\Downloads\2165C3D.dwg.dwl 2016-05-22 18:14 - 2016-05-22 18:14 - 00000182 ____H C:\Users\Jan\Downloads\KITC_sink_plan_056.dwl2 2016-05-22 18:14 - 2016-05-22 18:14 - 00000032 ____H C:\Users\Jan\Downloads\KITC_sink_plan_056.dwl 2016-05-22 18:10 - 2016-05-22 18:10 - 00000182 ____H C:\Users\Jan\Downloads\KITC_oven_plan_032.dwl2 2016-05-22 18:10 - 2016-05-22 18:10 - 00000032 ____H C:\Users\Jan\Downloads\KITC_oven_plan_032.dwl 2016-05-19 14:02 - 2016-05-19 14:02 - 03358019 _____ C:\Users\Jan\Desktop\video-1463659314.mp4 2016-05-18 12:45 - 2016-05-31 23:50 - 00000000 ____D C:\Users\Jan\AppData\LocalLow\Adobe 2016-05-18 12:13 - 2016-05-18 12:13 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2016-05-18 12:07 - 2016-05-18 12:07 - 00000000 ____D C:\Users\Jan\Documents\Adobe 2016-05-18 12:06 - 2016-06-04 19:47 - 00000000 ____D C:\Program Files\Adobe 2016-05-18 12:06 - 2016-06-04 18:40 - 00000000 ____D C:\Program Files\Common Files\Adobe 2016-05-18 12:01 - 2016-06-04 20:07 - 00000000 ___RD C:\Users\Jan\Creative Cloud Files 2016-05-18 12:01 - 2016-06-04 20:07 - 00000000 ____D C:\ProgramData\boost_interprocess 2016-05-18 11:59 - 2016-06-04 18:40 - 00000000 ____D C:\ProgramData\Adobe 2016-05-18 11:59 - 2016-05-31 23:50 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-05-18 11:59 - 2016-05-18 11:59 - 00001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2016-05-18 11:59 - 2016-05-18 11:59 - 00001290 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2016-05-18 10:15 - 2016-05-24 14:00 - 00000000 ____D C:\Users\Jan\Desktop\paulina paulina 2016-05-15 14:16 - 2016-04-14 07:38 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2016-05-15 14:16 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2016-05-11 18:20 - 2016-05-11 18:20 - 00000093 _____ C:\Users\Jan\Desktop\passy do fm.txt 2016-05-09 18:55 - 2016-05-09 18:55 - 00000739 _____ C:\Users\Public\Desktop\Homeworld Remastered Collection.lnk 2016-05-09 18:55 - 2016-05-09 18:55 - 00000739 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Homeworld Remastered Collection.lnk ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-06-04 20:07 - 2016-04-01 10:16 - 00000000 ____D C:\Users\Jan\AppData\Local\Spotify 2016-06-04 20:07 - 2016-01-30 22:57 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype 2016-06-04 20:07 - 2016-01-30 00:47 - 00000000 ____D C:\Users\Jan\AppData\Local\Deployment 2016-06-04 20:07 - 2016-01-28 15:10 - 00000000 ____D C:\Users\Jan\AppData\Local\MyComGames 2016-06-04 20:07 - 2016-01-05 12:51 - 00000000 ____D C:\Users\Jan\AppData\Local\Adobe 2016-06-04 20:07 - 2015-12-27 17:20 - 01836100 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-06-04 20:07 - 2015-07-10 18:30 - 00812520 _____ C:\WINDOWS\system32\perfh015.dat 2016-06-04 20:07 - 2015-07-10 18:30 - 00156054 _____ C:\WINDOWS\system32\perfc015.dat 2016-06-04 20:07 - 2015-07-10 13:02 - 00000000 ____D C:\WINDOWS\INF 2016-06-04 20:06 - 2015-11-01 04:49 - 00000000 ____D C:\ProgramData\NVIDIA 2016-06-04 20:06 - 2015-11-01 04:35 - 00001062 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-04 20:06 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-06-04 20:06 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-06-04 20:01 - 2016-04-01 10:16 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Spotify 2016-06-04 19:59 - 2015-11-04 15:53 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps 2016-06-04 19:54 - 2016-04-11 15:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security 2016-06-04 19:19 - 2015-11-01 04:35 - 00001066 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-04 19:14 - 2016-01-07 11:34 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-06-04 18:30 - 2015-11-01 04:35 - 00000000 ____D C:\Program Files (x86)\Google 2016-06-04 18:16 - 2016-02-03 19:52 - 00000000 ____D C:\WINDOWS\LastGood 2016-06-04 18:16 - 2015-11-04 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-06-04 18:16 - 2015-11-01 04:48 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-06-04 18:15 - 2015-11-01 04:48 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-06-04 18:06 - 2016-04-22 19:54 - 00000000 ____D C:\Users\Jan\Desktop\syf 2016-06-04 18:05 - 2016-01-03 21:27 - 00000000 ____D C:\Users\Jan\Desktop\Fszystko 2016-06-04 17:59 - 2016-04-18 11:15 - 00004200 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{37FF8DDA-9A6A-4710-A93A-CD5523B74309} 2016-06-04 17:39 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-06-04 17:37 - 2015-07-10 14:20 - 00455000 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-06-03 14:46 - 2016-02-22 22:50 - 00007871 _____ C:\WINDOWS\BRRBCOM.INI 2016-06-03 14:39 - 2015-10-30 18:35 - 00000000 ____D C:\Users\Jan\AppData\Local\Packages 2016-06-03 12:17 - 2015-11-04 12:18 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-03 12:17 - 2015-11-04 12:18 - 00002278 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-06-03 06:21 - 2015-11-01 04:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-05-31 23:50 - 2015-10-30 18:35 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Adobe 2016-05-31 00:06 - 2015-11-04 17:42 - 00000000 ____D C:\Users\Jan\Documents\My Games 2016-05-29 13:14 - 2016-03-29 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios 2016-05-27 09:48 - 2015-12-27 17:06 - 00000000 ____D C:\Users\Jan 2016-05-27 06:51 - 2015-11-04 14:11 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-05-27 06:51 - 2015-07-10 13:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-05-27 00:14 - 2015-11-04 13:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\uTorrent 2016-05-26 13:07 - 2015-11-16 20:52 - 00000000 ____D C:\Users\Jan\Documents\The Witcher 3 2016-05-24 17:06 - 2015-12-27 17:15 - 00002439 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-05-24 17:06 - 2015-12-27 17:15 - 00000000 ___RD C:\Users\Jan\OneDrive 2016-05-22 23:02 - 2015-12-27 18:34 - 13509184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2016-05-21 23:09 - 2015-11-04 17:57 - 00141256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2016-05-20 10:03 - 2016-01-20 10:47 - 17379520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2016-05-20 10:03 - 2015-12-27 18:34 - 20305768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2016-05-20 10:03 - 2015-12-27 18:34 - 17662432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-05-20 10:03 - 2015-12-27 18:34 - 14410024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2016-05-20 10:03 - 2015-12-27 18:34 - 03811440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2016-05-20 10:03 - 2015-12-27 18:34 - 03371648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2016-05-20 10:03 - 2015-12-27 18:34 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb 2016-05-20 04:08 - 2016-02-03 20:09 - 00533560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-05-20 04:08 - 2016-02-03 20:09 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-05-20 04:08 - 2015-11-01 04:49 - 06348344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-05-20 04:08 - 2015-11-01 04:49 - 02454976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-05-20 04:08 - 2015-11-01 04:49 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-05-20 04:08 - 2015-11-01 04:49 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-05-20 04:08 - 2015-11-01 04:49 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-05-20 04:08 - 2015-11-01 04:49 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-05-18 12:07 - 2015-11-01 04:23 - 00000000 ____D C:\ProgramData\Package Cache 2016-05-18 10:37 - 2015-11-01 04:49 - 06448223 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-05-17 10:25 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-05-15 14:17 - 2015-11-04 17:37 - 00001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-05-15 14:17 - 2015-11-04 17:37 - 00000000 ____D C:\Users\Jan\AppData\Local\NVIDIA Corporation 2016-05-15 14:17 - 2015-11-01 04:50 - 00000000 ____D C:\Users\Jan\AppData\Local\NVIDIA 2016-05-11 18:20 - 2015-12-04 16:23 - 00000000 ____D C:\Users\Jan\Documents\Sports Interactive 2016-05-11 09:14 - 2015-11-01 04:35 - 00004124 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-11 09:14 - 2015-11-01 04:35 - 00003892 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-05-06 21:21 - 2015-11-04 14:21 - 00000000 ____D C:\Program Files\Microsoft Office 2016-05-06 21:21 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-05-05 21:59 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-05-27 15:08 - 2016-05-27 15:08 - 6859776 _____ () C:\Users\Jan\AppData\Roaming\agent.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 0054272 _____ () C:\Users\Jan\AppData\Roaming\ApplicationHosting.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 0067776 _____ () C:\Users\Jan\AppData\Roaming\Config.xml 2016-05-27 15:08 - 2016-05-27 15:08 - 0848437 _____ () C:\Users\Jan\AppData\Roaming\Fasedex.bin 2016-05-27 15:08 - 2016-05-27 15:08 - 2279413 _____ () C:\Users\Jan\AppData\Roaming\Fasehome.bin 2016-05-27 15:08 - 2016-05-27 15:08 - 0018432 _____ () C:\Users\Jan\AppData\Roaming\InstallationConfiguration.xml 2016-05-27 15:08 - 2016-05-27 15:08 - 0128512 _____ () C:\Users\Jan\AppData\Roaming\Installer.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 0126464 _____ () C:\Users\Jan\AppData\Roaming\lobby.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 0018432 _____ () C:\Users\Jan\AppData\Roaming\Main.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 0005568 _____ () C:\Users\Jan\AppData\Roaming\md.xml 2016-05-27 15:08 - 2016-05-27 15:08 - 0941568 _____ () C:\Users\Jan\AppData\Roaming\Newkaystock.exe 2016-05-27 15:08 - 2016-05-27 15:08 - 1756999 _____ () C:\Users\Jan\AppData\Roaming\Newkaystock.tst 2016-05-27 15:08 - 2016-05-27 15:08 - 0126464 _____ () C:\Users\Jan\AppData\Roaming\noah.dat 2016-05-27 15:08 - 2016-05-27 15:08 - 0941568 _____ () C:\Users\Jan\AppData\Roaming\TransLex.exe 2016-05-27 15:08 - 2016-05-27 15:08 - 0072820 _____ () C:\Users\Jan\AppData\Roaming\TransLex.tst 2016-05-27 15:09 - 2016-05-27 15:09 - 0032038 _____ () C:\Users\Jan\AppData\Roaming\uninstall_temp.ico 2016-02-27 22:20 - 2016-02-27 22:20 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Niektóre pliki w TEMP: ==================== C:\Users\Jan\AppData\Local\Temp\AcDeltree.exe C:\Users\Jan\AppData\Local\Temp\DLMGuardian.exe C:\Users\Jan\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe C:\Users\Jan\AppData\Local\Temp\HiRezLauncherControls.dll C:\Users\Jan\AppData\Local\Temp\libeay32.dll C:\Users\Jan\AppData\Local\Temp\msvcr120.dll C:\Users\Jan\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Jan\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Jan\AppData\Local\Temp\nvStInst.exe C:\Users\Jan\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-05-27 06:54 ==================== Koniec FRST.txt ============================