fafik_fcb komentarz 23 grudnia 2018 komentarz 23 grudnia 2018 (edytowane) Mam ten sam problem co wszyscy :/ Pomoże ktoś ? Z góry dziękuję za pomoc. FRST_23-12-2018 19.44.10.txt Addition_23-12-2018 19.44.10.txt Edytowane 23 grudnia 2018 przez fafik_fcb
UnnamedPlayer komentarz 23 grudnia 2018 komentarz 23 grudnia 2018 Uruchom FRST, naciśnij jednocześnie CTRL+Y Otworzy się Notatnik - wklej do niego: Cytuj Task: {D14D40AA-DA55-4CD4-89E8-DA7FE87FBAA8} - System32\Tasks\VeB => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v VeB /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== UWAGA HKU\S-1-5-21-3432034517-1707117363-1933620557-1001\...\Run: [VeB] => explorer.exe hxxp://dipladoks.org <==== UWAGA CustomCLSID: HKU\S-1-5-21-3432034517-1707117363-1933620557-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\VeB\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3432034517-1707117363-1933620557-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\VeB\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3432034517-1707117363-1933620557-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\VeB\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll => Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: Na klawiaturze naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW). Daj znać czy pomogło.
fafik_fcb komentarz 23 grudnia 2018 komentarz 23 grudnia 2018 UnnamedPlayer dziękuję za pomoc :) Zdrowych i spokojnych świąt życzę.
lujheart komentarz 1 stycznia 2019 komentarz 1 stycznia 2019 witam, ja również proszę o pomoc. FRST.txt Addition.txt
Twój_Anioł_Stróż komentarz 1 stycznia 2019 komentarz 1 stycznia 2019 (edytowane) ===========>>@lujheart Uruchom FRST. Na klawiaturze naciśnij jednocześnie CTRL+Y.Otworzy się Notatnik - wklej do niego: Cytuj Task: {AC5D89FE-3AC6-4D67-8D9E-EDEDC2A9C0F4} - System32\Tasks\{2F7DB1CC-E599-4B9F-9DBA-708DF6636E80} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\ Task: {B51A9F4D-6E8A-4954-8394-D7EB20989B84} - System32\Tasks\Lenovo => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Lenovo /t REG_SZ /d "explorer.exe hxxp://kb-ribaki.org" <==== UWAGA HKU\S-1-5-21-1025031305-2340593259-1131578148-1000\...\Run: [Lenovo] => explorer.exe hxxp://kb-ribaki.org <==== UWAGA HKU\S-1-5-21-1025031305-2340593259-1131578148-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.360.cn/?src=lm&ls=n4134a09b9b FF Plugin HKU\S-1-5-21-1025031305-2340593259-1131578148-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Brak pliku] S4 pgt_svc; C:\Program Files\ProxyGate\MainService.exe [2285664 2017-02-22] (Gold Click Ltd) <==== UWAGA RemoveDirectory: C:\Program Files\ProxyGate Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X] S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X] C:\Users\Lenovo\AppData\Roaming\FC29FA0894FE.ini EmptyTemp: Na klawiaturze naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW). . Napisz, czy problem znikł? . Edytowane 1 stycznia 2019 przez Twój_Anioł_Stróż
lujheart komentarz 2 stycznia 2019 komentarz 2 stycznia 2019 Twój_Anioł_Stróż dzięki za pomoc problem zniknął
Qartax komentarz 3 stycznia 2019 komentarz 3 stycznia 2019 (edytowane) Witam prosiłbym również o sprawdzenie. Addition.txt FRST.txt Edytowane 3 stycznia 2019 przez Qartax
Twój_Anioł_Stróż komentarz 4 stycznia 2019 komentarz 4 stycznia 2019 (edytowane) ----------------------->>@Quartax Otwórz Notatnik i wklej w nim: Cytuj Task: {A7CC9B9A-FA69-45FE-94C3-434A2025D0EC} - System32\Tasks\karcw => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v karcw /t REG_SZ /d "cmd.exe /c start www.dipladoks.org" HKU\S-1-5-21-276210320-2021093852-222187353-1001\...\Run: [karcw] => cmd.exe /c start www.dipladoks.org Task: {8a0b9cd6-f348-4670-ac6b-e54fdaaeda96} - Brak ścieżki do pliku FirewallRules: [TCP Query User{C3ECA8BC-853A-44FE-ADF5-C9165C6B101B}E:\gry\assetto corsa\acs.exe] => (Allow) E:\gry\assetto corsa\acs.exe Brak pliku FirewallRules: [UDP Query User{D82FA761-A553-48AB-9CB0-0688FD7DD358}E:\gry\assetto corsa\acs.exe] => (Allow) E:\gry\assetto corsa\acs.exe Brak pliku FirewallRules: [TCP Query User{37681EDD-1BB9-429F-AA10-A9BACF734218}E:\gry\needforspeed\shift2u.exe] => (Allow) E:\gry\needforspeed\shift2u.exe Brak pliku FirewallRules: [UDP Query User{811DAF81-8D7A-48E9-8BB5-B681E75AA279}E:\gry\needforspeed\shift2u.exe] => (Allow) E:\gry\needforspeed\shift2u.exe Brak pliku EmptyTemp: Plik zapisz pod nazwą fixlist.txt i umieść w folderze C:\Users\karcw\Downloads Uruchom FRST i kliknij przycisk Fix (NAPRAW). Napisz, czy problem znikł? . Edytowane 4 stycznia 2019 przez Twój_Anioł_Stróż
tbodek komentarz 6 stycznia 2019 komentarz 6 stycznia 2019 Witam, mam podobny problem co poprzednicy, pilnie proszę o pomoc, Addition.txt FRST.txt
Twój_Anioł_Stróż komentarz 6 stycznia 2019 komentarz 6 stycznia 2019 (edytowane) ============>>@tbodek Otwórz Notatnik i wklej w nim: Cytuj Task: {2EDF1DDF-1B59-4503-B67E-7B0BA1E93070} - System32\Tasks\Tomek => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Tomek /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== UWAGA HKU\S-1-5-21-4228377095-3827185625-1679722046-1000\...\Run: [Tomek] => explorer.exe hxxp://dipladoks.org <==== UWAGA Task: {8C04B7C5-ADB3-433C-BF5D-DC44A5100EB3} - \Avast Software\Overseer -> Brak pliku <==== UWAGA HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [] => [X] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-4228377095-3827185625-1679722046-1000\...\Run: [] => [X] GroupPolicy: Ograniczenia - Chrome <==== UWAGA EmptyTemp: Plik zapisz pod nazwą fixlist.txt i umieść w folderze C:\Users\Tomek\Downloads Uruchom FRST i kliknij przycisk Fix (NAPRAW). Napisz, czy problem znikł? --------------------------------------------- Masz dwa antywirusy - pozbądź się jednego z nich. Do usuwania Avasta służy Avast Uninstall Utility - http://www.avast.com/uninstall-utility Avira odinstalowuje się normalnie, ale potem trzeba użyć Avira RegistryCleaner - http://www.avira.com/en/support/kbdetails.php?id=135 Potem jeszcze trzeba ręcznie usuwać foldery. . Edytowane 6 stycznia 2019 przez Twój_Anioł_Stróż
tbodek komentarz 6 stycznia 2019 komentarz 6 stycznia 2019 Dzięki Twój_Anioł_Stróż wszystko działa jak należy,
extracm komentarz 10 stycznia 2019 komentarz 10 stycznia 2019 Witam mam ten sam problem proszę o pomoc. W załączniku podałem Addition i FRST. Addition.txt FRST.txt
Twój_Anioł_Stróż komentarz 10 stycznia 2019 komentarz 10 stycznia 2019 (edytowane) ----------->>@extracm Otwórz Notatnik i wklej w nim: Cytuj Task: {0FE7FDD2-6076-4D46-8E72-A1DDC1B92132} - System32\Tasks\phoen => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v phoen /t REG_SZ /d "cmd.exe /c start www.dipladoks.org" HKU\S-1-5-21-2831233006-792824201-3323152893-1001\...\Run: [phoen] => cmd.exe /c start www.dipladoks.org EmptyTemp: Plik zapisz pod nazwą fixlist.txt i umieść w folderze C:\Users\phoen\Downloads\FRST-OlderVersion Uruchom FRST i kliknij przycisk Fix (NAPRAW). Edytowane 10 stycznia 2019 przez Twój_Anioł_Stróż 1
extracm komentarz 10 stycznia 2019 komentarz 10 stycznia 2019 (edytowane) Dzięki Twój_Anioł_Stróż problem rozwiązany. Jestem ciekaw skąd się to dziadostwo wzięło na moim komputerze. Edytowane 10 stycznia 2019 przez extracm
Kamillos1 komentarz 12 stycznia 2019 komentarz 12 stycznia 2019 Witam, Również mam ten sam problem. Mogę prosić o pomoc? FRST.txt Addition.txt
EdgarDaviods komentarz 12 stycznia 2019 komentarz 12 stycznia 2019 FRST_12-01-2019 09.11.34.txtAddition_12-01-2019 09.11.34.txt- nie mam doswiadczenia w korzystaniu cz forum ale prosze o pomoc jak osoby powyzej Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019 01 Ran by Przemo (12-01-2019 09:11:27) Running from D:\EXECO19 Windows 10 Pro Version 1803 17134.523 (X64) (2018-05-30 08:06:10) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-408935122-3768359344-1678757914-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-408935122-3768359344-1678757914-503 - Limited - Disabled) Guest (S-1-5-21-408935122-3768359344-1678757914-501 - Limited - Disabled) Przemo (S-1-5-21-408935122-3768359344-1678757914-1001 - Administrator - Enabled) => C:\Users\Przemo WDAGUtilityAccount (S-1-5-21-408935122-3768359344-1678757914-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated) Aktualizacje NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden Batman: Arkham Knight (HKLM-x32\...\Batman: Arkham Knight_is1) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitTorrent (HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\BitTorrent) (Version: 7.10.4.44847 - BitTorrent Inc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.6.1 - Mediamond Tmi) Diablo II + Diablo II - Lord of Destruction PL 1.12a (HKLM-x32\...\Diablo II + Diablo II - Lord of Destruction PL 1.12a) (Version: - ) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden DWA-172 (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0205.2 - D-Link Corporation) EXECO 2018 (HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\EXECO 2018) (Version: - ) EXECO 2018 update (HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\EXECO 2018 update) (Version: - ) EXECO 2019 (HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\EXECO 2019) (Version: - ) Grim Dawn Ashes of Malmouth (HKLM-x32\...\Grim Dawn Ashes of Malmouth_is1) (Version: - ) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation) Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Mozilla Firefox 64.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 64.0.2 (x64 pl)) (Version: 64.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0 - Mozilla) MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD) NVIDIA 3D Vision Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.01 - NVIDIA Corporation) NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation) NVIDIA Graphics Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.01 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.32.18460 - Electronic Arts, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games) SMoKE Patch X17 (HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\SMoKE Patch X17) (Version: - ) SMoKE Patch X18 (HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\SMoKE Patch X18) (Version: - ) SMoKE Patch X20 (HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\SMoKE Patch X20) (Version: - ) SMoKE UPDATE X19 (HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\SMoKE UPDATE X19) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Incredible Adventures of Van Helsing - Final Cut (HKLM-x32\...\1448013298_is1) (Version: 2.0.0.5 - GOG.com) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{E1D7CB46-BAE9-4D58-99C4-582332B1755A}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden USB Network Joystick (HKLM-x32\...\{2A558A06-A44E-400D-95AD-D9FAA89AFD36}) (Version: V3.70a - ) Van Helsing - Final Cut High Textures (HKLM-x32\...\TIAVH-HTEX_is1) (Version: 2.0.0.5 - GOG.com) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WERSJA DEMO FIFA 19 (HKLM-x32\...\{6EEF613B-0A58-4AD4-8191-BE2C610B1EC9}) (Version: 1.0.58.28401 - Electronic Arts) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-408935122-3768359344-1678757914-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Przemo\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-408935122-3768359344-1678757914-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Przemo\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-408935122-3768359344-1678757914-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-408935122-3768359344-1678757914-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Przemo\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\amd64\FileSyncShell64.dll => No File ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00478D1A-CE89-4152-9615-DE3C63613FCA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-08] (Adobe Systems Incorporated) Task: {2DDE0118-F411-4934-B413-109C6E1E4426} - System32\Tasks\Przemo => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Przemo /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION Task: {637DFAE0-46E2-4B52-849E-2E66BF237471} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6EFDE99C-8C5C-4AD3-A817-0A5E1E850C95} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation) Task: {76930DDE-019D-45DC-A926-B90D332765E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation) Task: {7B641D13-4E7A-45BE-B73E-2475DF775640} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {8044BCB9-0F90-4E3D-B563-DAA8DAAA4167} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-408935122-3768359344-1678757914-1001 => C:\Users\Przemo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {8524385E-7DAD-4168-B092-48676E6E4214} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation) Task: {91063D6D-A282-4E09-8CE4-7C91D0B0F810} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation) Task: {A27F3CB0-0918-48E8-9392-7FC7C9F3D2F3} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate] Task: {A9C7784F-9932-4B73-B070-5D581BEEF371} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation) Task: {BA31EFD9-8D70-462B-8B79-2A03E29581FD} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation) Task: {CB1033A5-FAF9-4760-9CDA-92DD79A331E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation) Task: {D96C6D51-0A16-487C-A36D-683BC048F145} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation) Task: {DBE3C378-1D89-4870-A8FE-E5B3FE3C5EC3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation) Task: {E369127E-7EEF-4C5D-BAAE-137247472ABF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation) Task: {F049143B-2CF1-418F-A80F-6F762635857F} - System32\Tasks\S-1-5-21-408935122-3768359344-1678757914-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation) Task: {F8435CF5-E17B-4832-AE30-CA3C5548379E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-03-15 11:42 - 2018-02-24 05:36 - 000543248 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll 2018-03-15 11:05 - 2018-03-15 11:05 - 000026112 _____ () C:\Windows\KMS-R@1n.exe 2018-03-15 11:43 - 2018-01-10 15:22 - 001267272 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-03-16 22:51 - 2015-11-22 11:33 - 000104144 _____ () C:\Program Files (x86)\D-Link\DWA-172\WPSService20.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-12-14 18:38 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2019-01-09 18:24 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-12-14 18:20 - 2018-12-14 19:47 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-10-04 10:42 - 2018-10-04 10:43 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-12-14 18:20 - 2018-12-14 18:33 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-08-30 07:05 - 2018-10-30 19:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll 2018-08-30 07:05 - 2018-09-23 01:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2018-08-30 07:05 - 2018-09-23 01:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2018-08-30 07:05 - 2018-09-23 01:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2018-04-20 18:16 - 2008-12-10 10:10 - 000796784 _____ () C:\Windows\USB Vibration\7906\USB Gamepad.exe 2018-03-15 11:43 - 2018-01-10 15:21 - 001040456 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-07-03 17:05 - 2018-10-30 19:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2018-07-03 17:05 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2018-07-03 17:05 - 2019-01-05 00:33 - 002650400 _____ () C:\Program Files (x86)\Steam\video.dll 2018-07-03 17:05 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2018-07-03 17:05 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2018-07-03 17:05 - 2017-12-20 02:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2018-07-03 17:05 - 2017-12-20 02:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2018-07-03 17:05 - 2017-12-20 02:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2018-07-03 17:05 - 2017-12-20 02:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2018-07-03 17:05 - 2017-12-20 02:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2018-07-03 17:05 - 2019-01-05 00:33 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2018-07-03 17:05 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 08:24 - 2019-01-12 08:50 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-408935122-3768359344-1678757914-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\StartupApproved\Run: => "BitTorrent" HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\StartupApproved\Run: => "EADM" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{BDEE528F-E032-41B9-90DC-7BA2EF809BA0}D:\gry\wolcen.lords.of.mayhem.v0.5.0.4\win_x64\wolcen.exe] => (Allow) D:\gry\wolcen.lords.of.mayhem.v0.5.0.4\win_x64\wolcen.exe No File FirewallRules: [TCP Query User{D2D6EEAE-97C8-451D-8AB0-1275848D2DAF}D:\gry\wolcen.lords.of.mayhem.v0.5.0.4\win_x64\wolcen.exe] => (Allow) D:\gry\wolcen.lords.of.mayhem.v0.5.0.4\win_x64\wolcen.exe No File FirewallRules: [UDP Query User{029385CA-C67D-4615-878A-E9595D417624}D:\program files (x86)\pro evolution soccer 2018\pes2018.exe] => (Allow) D:\program files (x86)\pro evolution soccer 2018\pes2018.exe No File FirewallRules: [TCP Query User{6D618EE6-8A89-4EB3-99DC-311E87CF4826}D:\program files (x86)\pro evolution soccer 2018\pes2018.exe] => (Allow) D:\program files (x86)\pro evolution soccer 2018\pes2018.exe No File FirewallRules: [{43FF8711-5E90-4DCC-8D89-D94C9E9555B7}] => (Allow) C:\Users\Przemo\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.) FirewallRules: [{4CFEEBB1-C6FC-40E5-ABC7-FFA350569520}] => (Allow) C:\Users\Przemo\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.) FirewallRules: [{2E5A2E34-C2BB-4277-A6AD-33EC8C633DDC}] => (Allow) C:\Windows\KMS-R@1n.exe () FirewallRules: [{A7CC4415-34E5-4082-B019-CC942697F888}] => (Allow) C:\Windows\KMS-R@1n.exe () FirewallRules: [{B40E3963-6EDA-412C-B5C2-282DA554B65C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{D4F0DBFC-4A5E-4B59-9E8A-8D19D29F2AC2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{E116A4D4-10B7-4684-9FE2-63DDE13DFDB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{CCC02468-30BA-466D-8768-769B993FD4D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{FE3DD121-9552-4016-B134-11E9DD6BDD1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{37642F20-73F3-42BF-A78E-9658CF616110}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{CABCE8C9-D884-4EAD-98A1-1B43C6001120}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation) FirewallRules: [{CCD1AE62-734A-45F1-8DBE-3F8E2BFCCDC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation) FirewallRules: [{79F1902A-F196-4EA5-B07B-14FA76EBBAE7}] => (Allow) D:\Gry\Steam\Steam.exe No File FirewallRules: [{6760D7EF-7096-4F1C-910A-5CC77B4A83D7}] => (Allow) D:\Gry\Steam\Steam.exe No File FirewallRules: [{C724CFE0-F479-458A-838B-6061D89CDC53}] => (Allow) D:\Gry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{C476B743-560C-44D0-BDFD-7B979358DB1E}] => (Allow) D:\Gry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [TCP Query User{75445FF3-09EF-4A51-9575-C4BA36E78E39}D:\gry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\gry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File FirewallRules: [UDP Query User{ABEB032A-E928-4BE8-A818-CAF2F5C42ADE}D:\gry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\gry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File FirewallRules: [{46826E6D-E61B-4096-9B21-1175F57E9542}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) FirewallRules: [{2E805F33-22E6-481A-AF29-C5054CE6CE16}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) FirewallRules: [{C6F30085-FE60-432B-A1EC-5CABFF5C3701}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{3B8CD940-721E-418E-8BE6-E07BA4719C9A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{555250D9-4103-4613-93B4-AD3976AF2C01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PRO EVOLUTION SOCCER 2018\PES2018.exe (Konami Digital Entertainment Co., Ltd.) FirewallRules: [{BDC3FE44-0AED-46C3-A27B-5A3974E9C219}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PRO EVOLUTION SOCCER 2018\PES2018.exe (Konami Digital Entertainment Co., Ltd.) FirewallRules: [{20A3E0F5-21EE-4A6C-87DB-386E347CA2FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe (WB Montréal Inc.) FirewallRules: [{40F6EA6E-CE69-4781-BCFE-F6A7549F049B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe (WB Montréal Inc.) FirewallRules: [{025F6FFD-62C4-43ED-BFFC-E944B2AE0289}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe (WB Montréal Inc.) FirewallRules: [{D159D52E-499F-47AD-9555-FC631DAB4E90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe (WB Montréal Inc.) FirewallRules: [{14E27555-081F-4A96-AA76-A1F5B5D0FA74}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) FirewallRules: [{E049B477-6940-4AC2-88AC-90CC05267838}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) FirewallRules: [{044942F6-7CF3-4848-9751-9192759C901D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.) FirewallRules: [{63D420F5-DE2D-4194-9A81-F640A83435CB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.) FirewallRules: [{5ADEA227-D722-4C26-9A77-CCDF52720E1F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 19 DEMO\FIFASetup\fifaconfig.exe (Electronic Arts) FirewallRules: [{8A1A6B99-6117-416D-99A9-31591194DDAF}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 19 DEMO\FIFASetup\fifaconfig.exe (Electronic Arts) FirewallRules: [{4957262E-5762-4F51-8DEE-E3AD3579CD58}] => (Allow) D:\Dysk 1\Program Files (x86)\steamapps\common\PRO EVOLUTION SOCCER 2019\PES2019.exe (Konami Digital Entertainment Co., Ltd.) FirewallRules: [{426F3BF6-1A55-48DB-8BC0-783DF78CC9F1}] => (Allow) D:\Dysk 1\Program Files (x86)\steamapps\common\PRO EVOLUTION SOCCER 2019\PES2019.exe (Konami Digital Entertainment Co., Ltd.) FirewallRules: [{CC342EAB-85D7-4630-9F12-02ABC20EB157}] => (Allow) D:\Dysk 1\Program Files (x86)\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games) FirewallRules: [{901D3CCF-91AF-49A3-A2A3-C33C483E8895}] => (Allow) D:\Dysk 1\Program Files (x86)\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games) ==================== Restore Points ========================= 22-12-2018 18:48:16 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 29-12-2018 21:24:43 Scheduled Checkpoint 09-01-2019 14:46:48 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: NVIDIA Service: nvvad_WaveExtensible Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: NVVHCI Enumerator Description: NVVHCI Enumerator Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: NVIDIA Service: nvvhci Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (01/12/2019 09:03:29 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (01/12/2019 08:57:23 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (01/12/2019 08:57:15 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (01/12/2019 08:54:07 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (01/12/2019 08:54:05 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (01/12/2019 08:35:52 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (01/12/2019 08:35:49 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (01/12/2019 08:35:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 System errors: ============= Error: (01/12/2019 09:04:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Launch do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscBrokerManager i identyfikatorem aplikacji APPID Unavailable użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/12/2019 09:03:02 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JAPQLB) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-1JAPQLB\Przemo o identyfikatorze zabezpieczeń SID (S-1-5-21-408935122-3768359344-1678757914-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/12/2019 08:58:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Launch do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscDataProtection i identyfikatorem aplikacji APPID Unavailable użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/12/2019 08:58:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Launch do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscBrokerManager i identyfikatorem aplikacji APPID Unavailable użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/12/2019 08:56:56 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JAPQLB) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-1JAPQLB\Przemo o identyfikatorze zabezpieczeń SID (S-1-5-21-408935122-3768359344-1678757914-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/12/2019 08:53:51 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JAPQLB) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-1JAPQLB\Przemo o identyfikatorze zabezpieczeń SID (S-1-5-21-408935122-3768359344-1678757914-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/12/2019 08:36:24 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JAPQLB) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-1JAPQLB\Przemo o identyfikatorze zabezpieczeń SID (S-1-5-21-408935122-3768359344-1678757914-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/11/2019 02:43:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Launch do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscBrokerManager i identyfikatorem aplikacji APPID Unavailable użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Windows Defender: =================================== Date: 2019-01-11 22:02:47.249 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {FE86CBAC-2318-49AE-A980-EA9BEF832519} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: NT AUTHORITY\SYSTEM Date: 2019-01-11 20:46:10.928 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {86DFF9DA-82D7-4AC7-94AD-ABCFB8BA3D17} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: NT AUTHORITY\SYSTEM Date: 2019-01-08 19:22:45.494 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {87093B07-DE30-455E-A012-B2DD00E2B5AA} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: NT AUTHORITY\SYSTEM Date: 2019-01-07 17:25:20.633 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {D3560255-C170-4AA3-9DA6-E0BEC8EFF4F8} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: NT AUTHORITY\SYSTEM Date: 2019-01-05 15:17:44.076 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {831679F4-2708-4ACA-884D-90A122885975} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: NT AUTHORITY\SYSTEM Date: 2018-10-30 17:31:45.352 Description: Działanie aparatu Program antywirusowy Windows Defender zostało zakończone z powodu nieoczekiwanego błędu. Typ błędu: Awaria Kod wyjątku: 0xc0000005 Zasób: ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz Percentage of memory in use: 31% Total physical RAM: 8091.14 MB Available physical RAM: 5519.81 MB Total Virtual: 10075.14 MB Available Virtual: 6767.36 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:249.32 GB) (Free:76.24 GB) NTFS Drive d: (Data) (Fixed) (Total:681.64 GB) (Free:229.01 GB) NTFS \\?\Volume{2831cda4-5de3-45b2-adcc-124198ef5537}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS \\?\Volume{6e5af24d-9941-4bc9-a74f-a017e38eb638}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 81A61329) Partition: GPT. ==================== End of Addition.txt ============================ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019 01 Ran by Przemo (administrator) on DESKTOP-1JAPQLB (12-01-2019 09:11:05) Running from D:\EXECO19 Loaded Profiles: Przemo (Available Profiles: Przemo) Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe () C:\Windows\KMS-R@1n.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe () C:\Program Files (x86)\D-Link\DWA-172\WPSService20.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Windows\USB Vibration\7906\USB Gamepad.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (Farbar) D:\EXECO19\FRST64(1).exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation) HKLM-x32\...\Run: [USB Gamepad] => C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [796784 2008-12-10] () HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\Run: [BitTorrent] => C:\Users\Przemo\AppData\Roaming\BitTorrent\BitTorrent.exe [1742528 2018-11-17] (BitTorrent Inc.) HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3133216 2019-01-05] (Valve Corporation) HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2018-12-04] (Electronic Arts) HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\Run: [Przemo] => explorer.exe hxxp://dipladoks.org <==== ATTENTION HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [1456128 2018-12-08] (Adobe Systems Incorporated) HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\MountPoints2: {620d4a3d-2964-11e8-a0cb-5404a62a6727} - "F:\setup.exe" HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\MountPoints2: {d2b8f866-422e-11e8-a0d3-5404a62a6727} - "G:\Setup.exe" HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () HKLM\...\Drivers32-x32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () GroupPolicy: Restriction ? <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0ec113d0-cd5a-42bd-a3bd-716a58a76ef8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3ed657d6-6aa3-424f-90d8-0c4eab582654}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{828e2865-0cb8-4a91-901f-9fbfe2816f90}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-408935122-3768359344-1678757914-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-16] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-16] (Oracle Corporation) FireFox: ======== FF DefaultProfile: jh27tnu6.default FF ProfilePath: C:\Users\Przemo\AppData\Roaming\Mozilla\Firefox\Profiles\jh27tnu6.default [2019-01-12] FF Extension: (Adblock Plus – wersja rozwojowa) - C:\Users\Przemo\AppData\Roaming\Mozilla\Firefox\Profiles\jh27tnu6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-04] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-08] () FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-08] () FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-16] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-16] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-23] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-23] (NVIDIA Corporation) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-03-15] () R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation) R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2018-03-15] () [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-10] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-10] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2270528 2018-12-04] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3131208 2018-12-04] (Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation) R2 WPSService20; C:\Program Files (x86)\D-Link\DWA-172\WPSService20.exe [104144 2015-11-22] () R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-03-17] (Disc Soft Ltd) S3 h647906; C:\WINDOWS\System32\drivers\h647906.sys [62576 2008-12-01] (Your Corporation) S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41096 2008-12-01] (Your Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvpcdi.inf_amd64_91b9e154ee4c4b99\nvlddmkm.sys [17524720 2018-02-26] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30280 2018-01-10] (NVIDIA Corporation) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] () U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-01-12 09:06 - 2019-01-12 09:11 - 000000000 ____D C:\FRST 2019-01-10 19:47 - 2019-01-10 19:47 - 000001000 _____ C:\Users\Przemo\Desktop\Diablo II + Diablo II - Lord of Destruction PL 1.12a.lnk 2019-01-10 19:47 - 2019-01-10 19:47 - 000001000 _____ C:\Users\Przemo\AppData\Roaming\Microsoft\Windows\Start Menu\Diablo II + Diablo II - Lord of Destruction PL 1.12a.lnk 2019-01-09 18:24 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-01-09 18:24 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll 2019-01-09 18:24 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-01-09 18:24 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2019-01-09 18:24 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll 2019-01-09 18:24 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-01-09 18:24 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-01-09 18:24 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll 2019-01-09 18:24 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2019-01-09 18:24 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll 2019-01-09 18:24 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-01-09 18:24 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2019-01-09 18:24 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-01-09 18:24 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-01-09 18:24 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-01-09 18:24 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-01-09 18:24 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-01-09 18:24 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-01-09 18:24 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-01-09 18:24 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-01-09 18:24 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-01-09 18:24 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-01-09 18:24 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-01-09 18:24 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-01-09 18:24 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-01-09 18:24 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-01-09 18:24 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-01-09 18:24 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-01-09 18:24 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2019-01-09 18:24 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2019-01-09 18:24 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-01-09 18:24 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-01-09 18:24 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-01-09 18:24 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2019-01-09 18:24 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2019-01-09 18:24 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll 2019-01-09 18:24 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-01-09 18:24 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-01-09 18:24 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll 2019-01-09 18:24 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-01-09 18:24 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-01-09 18:24 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-01-09 18:24 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-01-09 18:24 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2019-01-09 18:24 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2019-01-09 18:24 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-01-09 18:24 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-01-09 18:24 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2019-01-09 18:24 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll 2019-01-09 18:24 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-01-09 18:24 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-01-09 18:24 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2019-01-09 18:24 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2019-01-09 18:24 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2019-01-09 18:24 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-01-09 18:24 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-01-09 18:24 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2019-01-09 18:24 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-01-09 18:24 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-01-09 18:24 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-01-09 18:24 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-01-09 18:24 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-01-09 18:24 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2019-01-09 18:24 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-01-09 18:24 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-01-09 18:24 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-01-09 18:24 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-01-09 18:24 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll 2019-01-09 18:24 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-01-09 18:24 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2019-01-09 18:24 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2019-01-09 18:24 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-01-09 18:24 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-01-09 18:24 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-01-09 18:24 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2019-01-09 18:24 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-01-09 18:24 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-01-09 18:24 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll 2019-01-09 18:24 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-01-09 18:24 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2019-01-09 18:24 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-01-09 18:24 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2019-01-09 18:24 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2019-01-09 18:24 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-01-09 18:24 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2019-01-09 18:24 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim 2019-01-09 18:24 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-01-09 18:18 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2018-12-22 18:49 - 2018-12-22 18:49 - 000000000 ____D C:\Users\Przemo\AppData\Local\Rockstar Games 2018-12-22 18:06 - 2018-12-22 18:06 - 000003568 _____ C:\WINDOWS\System32\Tasks\Przemo 2018-12-22 17:45 - 2018-12-22 17:45 - 000000222 _____ C:\Users\Przemo\Desktop\Grand Theft Auto V.url 2018-12-20 10:23 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2018-12-20 10:23 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2018-12-20 10:23 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-12-20 10:23 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-12-20 10:23 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-12-20 10:23 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2018-12-20 10:23 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-12-20 10:23 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2018-12-20 10:23 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-12-20 10:23 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-12-20 10:23 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2018-12-20 10:23 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2018-12-20 10:23 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2018-12-20 10:23 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-12-20 10:23 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2018-12-20 10:23 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-12-20 10:23 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-12-16 12:14 - 2018-12-16 12:14 - 000001115 _____ C:\Users\Przemo\Desktop\DSJ4.lnk 2018-12-16 12:14 - 2018-12-16 12:14 - 000000000 ____D C:\Users\Przemo\Documents\Deluxe Ski Jump 4 2018-12-16 12:14 - 2018-12-16 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4 2018-12-16 12:14 - 2018-12-16 12:14 - 000000000 ____D C:\Program Files (x86)\Deluxe Ski Jump 4 2018-12-14 18:39 - 2018-12-08 13:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2018-12-14 18:39 - 2018-12-08 09:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2018-12-14 18:39 - 2018-11-09 07:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-12-14 18:39 - 2018-11-09 03:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2018-12-14 18:38 - 2018-12-08 13:48 - 000034104 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe 2018-12-14 18:38 - 2018-12-08 13:47 - 001786896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 001627656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 001422864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 001038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000954384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000830480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000825352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000750096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000670224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000495632 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000399880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000258064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe 2018-12-14 18:38 - 2018-12-08 13:47 - 000228368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll 2018-12-14 18:38 - 2018-12-08 13:47 - 000180752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe 2018-12-14 18:38 - 2018-12-08 13:47 - 000173072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe 2018-12-14 18:38 - 2018-12-08 13:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2018-12-14 18:38 - 2018-12-08 13:43 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys 2018-12-14 18:38 - 2018-12-08 13:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2018-12-14 18:38 - 2018-12-08 13:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2018-12-14 18:38 - 2018-12-08 13:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL 2018-12-14 18:38 - 2018-12-08 13:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2018-12-14 18:38 - 2018-12-08 13:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2018-12-14 18:38 - 2018-12-08 13:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll 2018-12-14 18:38 - 2018-12-08 13:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2018-12-14 18:38 - 2018-12-08 13:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2018-12-14 18:38 - 2018-12-08 13:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2018-12-14 18:38 - 2018-12-08 13:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2018-12-14 18:38 - 2018-12-08 13:27 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll 2018-12-14 18:38 - 2018-12-08 13:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys 2018-12-14 18:38 - 2018-12-08 13:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll 2018-12-14 18:38 - 2018-12-08 13:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll 2018-12-14 18:38 - 2018-12-08 13:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2018-12-14 18:38 - 2018-12-08 13:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-12-14 18:38 - 2018-12-08 13:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2018-12-14 18:38 - 2018-12-08 13:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2018-12-14 18:38 - 2018-12-08 13:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2018-12-14 18:38 - 2018-12-08 13:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2018-12-14 18:38 - 2018-12-08 13:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll 2018-12-14 18:38 - 2018-12-08 13:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2018-12-14 18:38 - 2018-12-08 13:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2018-12-14 18:38 - 2018-12-08 13:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2018-12-14 18:38 - 2018-12-08 09:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll 2018-12-14 18:38 - 2018-12-08 09:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll 2018-12-14 18:38 - 2018-12-08 09:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys 2018-12-14 18:38 - 2018-12-08 09:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2018-12-14 18:38 - 2018-12-08 09:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2018-12-14 18:38 - 2018-12-08 09:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll 2018-12-14 18:38 - 2018-12-08 09:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2018-12-14 18:38 - 2018-12-08 09:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2018-12-14 18:38 - 2018-12-08 09:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2018-12-14 18:38 - 2018-12-08 09:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2018-12-14 18:38 - 2018-12-08 09:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2018-12-14 18:38 - 2018-12-08 09:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2018-12-14 18:38 - 2018-12-08 09:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2018-12-14 18:38 - 2018-12-08 09:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys 2018-12-14 18:38 - 2018-12-08 09:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2018-12-14 18:38 - 2018-12-08 09:05 - 000706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2018-12-14 18:38 - 2018-12-08 09:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2018-12-14 18:38 - 2018-12-08 09:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll 2018-12-14 18:38 - 2018-12-08 09:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2018-12-14 18:38 - 2018-12-08 09:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll 2018-12-14 18:38 - 2018-12-08 09:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys 2018-12-14 18:38 - 2018-12-08 09:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2018-12-14 18:38 - 2018-12-08 09:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2018-12-14 18:38 - 2018-12-08 09:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2018-12-14 18:38 - 2018-12-08 09:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2018-12-14 18:38 - 2018-12-08 09:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll 2018-12-14 18:38 - 2018-12-08 09:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys 2018-12-14 18:38 - 2018-12-08 08:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll 2018-12-14 18:38 - 2018-12-08 08:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2018-12-14 18:38 - 2018-12-08 08:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2018-12-14 18:38 - 2018-12-08 08:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2018-12-14 18:38 - 2018-12-08 08:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2018-12-14 18:38 - 2018-12-08 08:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll 2018-12-14 18:38 - 2018-12-08 08:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll 2018-12-14 18:38 - 2018-12-08 08:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2018-12-14 18:38 - 2018-12-08 08:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2018-12-14 18:38 - 2018-12-08 08:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2018-12-14 18:38 - 2018-12-08 08:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2018-12-14 18:38 - 2018-12-08 08:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2018-12-14 18:38 - 2018-12-08 08:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2018-12-14 18:38 - 2018-12-08 08:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2018-12-14 18:38 - 2018-12-08 08:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-12-14 18:38 - 2018-12-08 08:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2018-12-14 18:38 - 2018-12-08 08:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2018-12-14 18:38 - 2018-12-08 08:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2018-12-14 18:38 - 2018-12-08 08:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2018-12-14 18:38 - 2018-12-08 08:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2018-12-14 18:38 - 2018-12-08 08:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll 2018-12-14 18:38 - 2018-12-08 08:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2018-12-14 18:38 - 2018-12-08 08:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2018-12-14 18:38 - 2018-12-08 08:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll 2018-12-14 18:38 - 2018-12-08 08:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2018-12-14 18:38 - 2018-12-08 08:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe 2018-12-14 18:38 - 2018-12-08 08:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2018-12-14 18:38 - 2018-12-08 08:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys 2018-12-14 18:38 - 2018-12-08 08:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2018-12-14 18:38 - 2018-12-08 08:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2018-12-14 18:38 - 2018-12-08 08:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2018-12-14 18:38 - 2018-12-08 08:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll 2018-12-14 18:38 - 2018-12-08 08:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll 2018-12-14 18:38 - 2018-12-08 08:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2018-12-14 18:38 - 2018-12-08 08:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll 2018-12-14 18:38 - 2018-12-08 08:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll 2018-12-14 18:38 - 2018-12-08 08:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2018-12-14 18:38 - 2018-12-08 08:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2018-12-14 18:38 - 2018-12-08 08:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2018-12-14 18:38 - 2018-12-08 08:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2018-12-14 18:38 - 2018-12-08 08:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2018-12-14 18:38 - 2018-12-08 08:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2018-12-14 18:38 - 2018-12-08 08:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2018-12-14 18:38 - 2018-12-08 08:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2018-12-14 18:38 - 2018-12-08 08:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2018-12-14 18:38 - 2018-12-08 08:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2018-12-14 18:38 - 2018-12-08 08:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2018-12-14 18:38 - 2018-12-08 08:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys 2018-12-14 18:38 - 2018-12-08 08:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2018-12-14 18:38 - 2018-12-08 08:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2018-12-14 18:38 - 2018-12-08 08:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2018-12-14 18:38 - 2018-12-08 08:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2018-12-14 18:38 - 2018-12-08 08:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2018-12-14 18:38 - 2018-12-08 08:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2018-12-14 18:38 - 2018-12-08 08:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll 2018-12-14 18:38 - 2018-12-08 08:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2018-12-14 18:38 - 2018-12-08 08:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2018-12-14 18:38 - 2018-12-08 08:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2018-12-14 18:38 - 2018-12-08 08:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2018-12-14 18:38 - 2018-12-08 08:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2018-12-14 18:38 - 2018-12-08 08:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2018-12-14 18:38 - 2018-12-08 08:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2018-12-14 18:38 - 2018-12-08 08:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2018-12-14 18:38 - 2018-12-08 08:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2018-12-14 18:38 - 2018-12-08 08:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-12-14 18:38 - 2018-12-08 08:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2018-12-14 18:38 - 2018-12-08 08:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2018-12-14 18:38 - 2018-12-08 08:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2018-12-14 18:38 - 2018-12-08 08:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2018-12-14 18:38 - 2018-12-08 08:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2018-12-14 18:38 - 2018-12-08 08:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2018-12-14 18:38 - 2018-12-08 08:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll 2018-12-14 18:38 - 2018-12-08 08:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2018-12-14 18:38 - 2018-12-08 08:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2018-12-14 18:38 - 2018-12-08 08:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2018-12-14 18:38 - 2018-12-08 08:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2018-12-14 18:38 - 2018-12-08 08:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2018-12-14 18:38 - 2018-12-08 08:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2018-12-14 18:38 - 2018-12-08 08:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2018-12-14 18:38 - 2018-12-08 08:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2018-12-14 18:38 - 2018-12-08 08:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2018-12-14 18:38 - 2018-12-08 08:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2018-12-14 18:38 - 2018-12-08 08:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2018-12-14 18:38 - 2018-12-08 08:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2018-12-14 18:38 - 2018-12-08 08:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2018-12-14 18:38 - 2018-12-08 08:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2018-12-14 18:38 - 2018-12-08 08:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2018-12-14 18:38 - 2018-12-08 08:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2018-12-14 18:38 - 2018-12-08 08:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2018-12-14 18:38 - 2018-12-08 08:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2018-12-14 18:38 - 2018-11-09 07:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2018-12-14 18:38 - 2018-11-09 06:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2018-12-14 18:38 - 2018-11-09 06:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2018-12-14 18:38 - 2018-11-09 06:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2018-12-14 18:38 - 2018-11-09 06:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll 2018-12-14 18:38 - 2018-11-09 06:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-12-14 18:38 - 2018-11-09 06:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll 2018-12-14 18:38 - 2018-11-09 06:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll 2018-12-14 18:38 - 2018-11-09 06:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2018-12-14 18:38 - 2018-11-09 06:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2018-12-14 18:38 - 2018-11-09 06:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2018-12-14 18:38 - 2018-11-09 06:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2018-12-14 18:38 - 2018-11-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2018-12-14 18:38 - 2018-11-09 06:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2018-12-14 18:38 - 2018-11-09 06:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2018-12-14 18:38 - 2018-11-09 06:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2018-12-14 18:38 - 2018-11-09 06:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-12-14 18:38 - 2018-11-09 06:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll 2018-12-14 18:38 - 2018-11-09 06:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2018-12-14 18:38 - 2018-11-09 03:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2018-12-14 18:38 - 2018-11-09 03:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2018-12-14 18:38 - 2018-11-09 03:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2018-12-14 18:38 - 2018-11-09 03:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2018-12-14 18:38 - 2018-11-09 03:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-12-14 18:38 - 2018-11-09 03:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2018-12-14 18:38 - 2018-11-09 03:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2018-12-14 18:38 - 2018-11-09 03:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2018-12-14 18:38 - 2018-11-09 03:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2018-12-14 18:38 - 2018-11-09 03:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2018-12-14 18:38 - 2018-11-09 03:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2018-12-14 18:38 - 2018-11-09 03:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2018-12-14 18:38 - 2018-11-09 03:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2018-12-14 18:38 - 2018-11-09 03:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2018-12-14 18:38 - 2018-11-09 03:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2018-12-14 18:38 - 2018-11-09 03:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2018-12-14 18:38 - 2018-11-09 03:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2018-12-14 18:38 - 2018-11-09 03:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-12-14 18:38 - 2018-11-09 03:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2018-12-14 18:38 - 2018-11-09 03:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2018-12-14 18:38 - 2018-11-09 03:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2018-12-14 18:38 - 2018-11-09 03:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2018-12-14 18:38 - 2018-11-09 03:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2018-12-14 18:38 - 2018-11-09 03:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll 2018-12-14 18:38 - 2018-11-09 03:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys 2018-12-14 18:38 - 2018-11-09 03:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2018-12-14 18:38 - 2018-11-09 03:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2018-12-14 18:38 - 2018-11-09 03:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2018-12-14 18:38 - 2018-11-09 03:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2018-12-14 18:38 - 2018-11-09 03:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2018-12-14 18:38 - 2018-11-09 03:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll 2018-12-14 18:38 - 2018-11-09 03:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll 2018-12-14 18:38 - 2018-11-09 03:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2018-12-14 18:38 - 2018-11-09 03:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2018-12-14 18:38 - 2018-11-09 03:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2018-12-14 18:38 - 2018-11-09 03:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2018-12-14 18:38 - 2018-11-09 03:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll 2018-12-14 18:38 - 2018-11-09 03:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2018-12-14 18:38 - 2018-11-09 03:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2018-12-14 18:38 - 2018-11-09 03:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll 2018-12-14 18:38 - 2018-11-09 03:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2018-12-14 18:38 - 2018-11-09 03:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2018-12-14 18:38 - 2018-11-09 03:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2018-12-14 18:38 - 2018-11-09 03:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2018-12-14 18:38 - 2018-11-09 02:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2018-12-14 18:38 - 2018-11-09 02:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2018-12-14 18:38 - 2018-11-09 02:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2018-12-14 18:38 - 2018-11-09 02:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2018-12-14 18:38 - 2018-11-09 02:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2018-12-14 18:38 - 2018-11-09 02:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2018-12-14 18:38 - 2018-11-09 02:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2018-12-14 18:38 - 2018-11-09 02:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2018-12-14 18:38 - 2018-11-09 02:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2018-12-14 18:38 - 2018-11-09 02:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2018-12-14 18:38 - 2018-11-09 02:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2018-12-14 18:38 - 2018-11-09 02:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-12-14 18:38 - 2018-11-09 02:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2018-12-14 18:38 - 2018-11-09 02:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2018-12-14 18:38 - 2018-11-09 02:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2018-12-14 18:38 - 2018-11-09 02:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll 2018-12-14 18:38 - 2018-11-09 02:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2018-12-14 18:38 - 2018-11-09 02:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2018-12-14 18:38 - 2018-11-09 02:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2018-12-14 18:38 - 2018-11-09 02:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-01-12 09:07 - 2018-03-15 11:37 - 000000000 ____D C:\Users\Przemo\AppData\LocalLow\Mozilla 2019-01-12 09:03 - 2018-07-03 17:04 - 000000000 ____D C:\Program Files (x86)\Steam 2019-01-12 09:03 - 2018-03-15 11:25 - 000000000 ____D C:\ProgramData\NVIDIA 2019-01-12 09:02 - 2018-05-30 09:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-01-12 09:02 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-01-12 09:02 - 2018-03-15 11:35 - 000000000 __SHD C:\Users\Przemo\IntelGraphicsProfiles 2019-01-12 09:01 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-01-12 08:35 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-01-11 23:02 - 2018-05-30 08:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-01-11 14:56 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-01-11 14:41 - 2018-05-30 08:48 - 000234616 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-01-11 14:40 - 2018-03-15 11:37 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-01-11 14:40 - 2018-03-15 11:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-01-10 19:22 - 2018-03-15 11:37 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-01-10 14:53 - 2018-09-13 17:53 - 000000000 ____D C:\Program Files (x86)\Origin 2019-01-09 20:28 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-01-09 20:28 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-01-09 18:31 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-01-09 18:31 - 2018-03-15 13:34 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-01-09 18:30 - 2018-03-15 13:33 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-01-05 12:06 - 2018-03-16 00:40 - 000000000 ____D C:\Users\Przemo\Documents\The Witcher 3 2019-01-02 20:41 - 2018-07-12 07:13 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-01-02 20:41 - 2018-07-12 07:13 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-12-29 21:44 - 2018-05-30 08:53 - 000000000 ____D C:\Users\Przemo 2018-12-29 19:14 - 2018-05-30 09:03 - 001763504 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-12-29 19:14 - 2018-05-27 10:58 - 000782308 _____ C:\WINDOWS\system32\perfh015.dat 2018-12-29 19:14 - 2018-05-27 10:58 - 000151496 _____ C:\WINDOWS\system32\perfc015.dat 2018-12-29 19:14 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2018-12-27 08:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-12-22 18:49 - 2018-09-02 11:30 - 000000000 ____D C:\Users\Przemo\Documents\Rockstar Games 2018-12-22 18:49 - 2018-03-15 11:41 - 000000000 ____D C:\ProgramData\Package Cache 2018-12-22 18:48 - 2018-09-02 11:06 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2018-12-22 18:47 - 2018-09-02 12:05 - 000000000 ____D C:\Program Files\Rockstar Games 2018-12-22 17:45 - 2018-03-15 11:53 - 000000000 ____D C:\Users\Przemo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2018-12-15 18:07 - 2018-03-15 23:28 - 000000000 ___RD C:\Users\Przemo\3D Objects 2018-12-15 18:07 - 2018-03-15 11:06 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-12-14 21:04 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2018-12-14 21:04 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2018-12-14 21:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents ==================== Files in the root of some directories ======= 2018-03-18 11:51 - 2018-03-18 11:51 - 000000017 _____ () C:\Users\Przemo\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-05-30 08:48 ==================== End of FRST.txt ============================
szymonsochaj komentarz 12 stycznia 2019 komentarz 12 stycznia 2019 WItam, mam ten sam problem FRST.txt Addition.txt
Twój_Anioł_Stróż komentarz 12 stycznia 2019 komentarz 12 stycznia 2019 (edytowane) ------------------>>@Kamillos1 Chyba masz już pomoc na innym forum? ================================ ------------------->>@EdgarDaviods Otwórz Notatnik i wklej w nim: Cytuj HKU\S-1-5-21-408935122-3768359344-1678757914-1001\...\Run: [Przemo] => explorer.exe hxxp://dipladoks.org <==== ATTENTION Task: {2DDE0118-F411-4934-B413-109C6E1E4426} - System32\Tasks\Przemo => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Przemo /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== ATTENTION Task: {7B641D13-4E7A-45BE-B73E-2475DF775640} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION GroupPolicy: Restriction ? <==== ATTENTION EmptyTemp: Plik zapisz pod nazwą fixlist.txt i umieść w folderze D:\EXECO19 Uruchom FRST i kliknij przycisk Fix (NAPRAW). Napisz, czy problem znikł? ================================================ ---------------------->>@szymonsochaj Otwórz Notatnik i wklej w nim: Cytuj Task: {1C39FCF1-D082-4F21-A4A4-247468A33A11} - System32\Tasks\Szymon => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Szymon /t REG_SZ /d "cmd.exe /c start www.dipladoks.org" HKU\S-1-5-21-541433918-3714414044-634039644-1001\...\Run: [Szymon] => cmd.exe /c start www.dipladoks.org 2019-01-12 09:47 - 2019-01-12 09:48 - 000000000 _____ () C:\Users\Szymon\cmd.exe EmptyTemp: Plik zapisz pod nazwą fixlist.txt i umieść w folderze C:\Users\Szymon\Downloads Uruchom FRST i kliknij przycisk Fix (NAPRAW). Napisz, czy problem znikł? . Edytowane 12 stycznia 2019 przez Twój_Anioł_Stróż
EdgarDaviods komentarz 12 stycznia 2019 komentarz 12 stycznia 2019 Twój_Anioł_Stróż serdecznie dziękuję :) naprawdę ogromnie:) pierwszy raz w życiu spróbowałem zasięgnąć tego typu pomocy i nawet się nie spodziewałem że ją otrzymam :) jeszcze raz dziękuję :)
Natalkaa87 komentarz 15 stycznia 2019 komentarz 15 stycznia 2019 Mam ten sam problem,pomocy. Addition.txt FRST.txt
szymonsochaj komentarz 15 stycznia 2019 komentarz 15 stycznia 2019 Dnia 12.01.2019 o 11:01, Twój_Anioł_Stróż napisał: ------------------>>@Kamillos1 Chyba masz już pomoc na innym forum? ================================ ------------------->>@EdgarDaviods Otwórz Notatnik i wklej w nim: Plik zapisz pod nazwą fixlist.txt i umieść w folderze D:\EXECO19 Uruchom FRST i kliknij przycisk Fix (NAPRAW). Napisz, czy problem znikł? ================================================ ---------------------->>@szymonsochaj Otwórz Notatnik i wklej w nim: Plik zapisz pod nazwą fixlist.txt i umieść w folderze C:\Users\Szymon\Downloads Uruchom FRST i kliknij przycisk Fix (NAPRAW). Napisz, czy problem znikł? . Problem znikł ale po kilku dniach znowu się pojawił, spróbuję jeszcze raz, jeśli problem nie zniknie napiszę
Twój_Anioł_Stróż komentarz 15 stycznia 2019 komentarz 15 stycznia 2019 (edytowane) ------------------------>@szymonsochaj OK. ====================================== ------------------------@Natalkaa87 Otwórz Notatnik i wklej w nim: Cytuj Task: {C7C529AC-E278-4A34-9A52-898D7FAE4612} - System32\Tasks\natal => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v natal /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== UWAGA HKU\S-1-5-21-1481829115-3030533487-1945954681-1001\...\Run: [natal] => explorer.exe hxxp://dipladoks.org <==== UWAGA Task: {C478A77A-48C5-410E-BFBE-A2B1DC1498FD} - System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => C:\Users\natal\AppData\Roaming\WMM\Precomp\precomp.exe [2017-11-02] () <==== UWAGA SearchScopes: HKU\S-1-5-21-1481829115-3030533487-1945954681-1001 -> DefaultScope {84B2D367-63C0-4E5E-B127-FCF4CB911F38} URL = SearchScopes: HKU\S-1-5-21-1481829115-3030533487-1945954681-1001 -> {84B2D367-63C0-4E5E-B127-FCF4CB911F38} URL = S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X] Task: {4A2919F2-CF17-4508-9155-571D0197C007} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: Plik zapisz pod nazwą fixlist.txt i umieść w folderze C:\Users\natal\Downloads Uruchom FRST i kliknij przycisk Fix (NAPRAW). Napisz, czy problem znikł? . Edytowane 15 stycznia 2019 przez Twój_Anioł_Stróż
Natalkaa87 komentarz 15 stycznia 2019 komentarz 15 stycznia 2019 Bardzo dziekuje za pomoc! Problem rozwiazany.
Adventurex komentarz 5 lutego 2019 komentarz 5 lutego 2019 Witam Również proszę o pomoc Addition.txt FRST.txt
UnnamedPlayer komentarz 5 lutego 2019 komentarz 5 lutego 2019 Uruchom FRST, naciśnij jednocześnie CTRL+Y Otworzy się Notatnik - wklej do niego: Cytuj CustomCLSID: HKU\S-1-5-21-2458687836-969750989-2500558769-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\VIP\AppData\Local\Microsoft\OneDrive\18.151.0729.0006\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2458687836-969750989-2500558769-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\VIP\AppData\Local\Microsoft\OneDrive\18.151.0729.0006\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2458687836-969750989-2500558769-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\VIP\AppData\Local\Microsoft\OneDrive\18.151.0729.0006\amd64\FileSyncShell64.dll => Brak pliku ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Brak pliku ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => E:\Programowanie\Notepad++\NppShell_06.dll -> Brak pliku ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku Task: {BDDC514E-9FE7-494A-8B67-4CE9F52E52BB} - System32\Tasks\VIP => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v VIP /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== UWAGA FirewallRules: [{B4619100-E104-4E24-AE2B-7DDB02CCA590}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe Brak pliku irewallRules: [{AF8996B5-B406-4992-A0DD-7FAFDB935504}] => (Allow) E:\Apps\WOMic\womicclient.exe Brak pliku FirewallRules: [{1A1E3C41-29A3-4DE2-BC30-36B66CF7C3F7}] => (Allow) E:\Apps\Lightworks\ntcardvt.exe Brak pliku FirewallRules: [{2D351F39-3C0B-400A-849C-2459EA064A22}] => (Allow) E:\Apps\Lightworks\ntcardvt.exe Brak pliku FirewallRules: [{C901BD2E-ABF8-4001-84C2-D7D139647513}] => (Allow) E:\Apps\bin\cef\cef.win7\steamwebhelper.exe Brak pliku FirewallRules: [{292F9A9E-48E0-4E7D-B4EA-C05F446ED8AD}] => (Allow) E:\Apps\bin\cef\cef.win7\steamwebhelper.exe Brak pliku FirewallRules: [{F4844D6B-5AF8-4CC7-BF9E-7000B4161142}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Brak pliku HKU\S-1-5-21-2458687836-969750989-2500558769-1001\...\Run: [VIP] => explorer.exe hxxp://dipladoks.org <==== UWAGA ShortcutTarget: WO Mic Client.lnk -> C:\Program Files (x86)\WOMic\WOMicClient.exe (Brak pliku) FF Extension: (Telemetry coverage) - C:\Users\VIP\AppData\Roaming\Mozilla\Firefox\Profiles\6dfur7ro.default\features\{0a832d98-2457-446d-98c2-c8029b65e748}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-18] [Przestarzałe] Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: Na klawiaturze naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW). Daj znać czy pomogło.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.