Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 10.10.2018 Uruchomiony przez TES1 (administrator) TES1-KOMPUTER (13-10-2018 12:40:55) Uruchomiony z E:\Różne\Progra.komp Załadowane profile: TES1 & _ashbackuppb_ (Dostępne profile: TES1 & _ashbackuppb_) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\progra\Ashampoo Backup Pro 12\bin\backupClient-abpb.exe (Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin () C:\progra\Ashampoo Backup Pro 12\bin\oxHelper.exe () C:\progra\Ashampoo Backup Pro 12\bin\backupService-abpb.exe () C:\progra\Ashampoo Backup Pro 12\bin\oxHelper.exe (Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe (Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe (Irfan Skiljan) C:\progra\IrfanView\i_view32.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Opera Software) C:\Users\TES1\AppData\Local\Programs\Opera\56.0.3051.40\opera.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation) HKLM\...\Run: [Ashampoo Backup PB] => C:\progra\Ashampoo Backup Pro 12\bin\backupClient-abpb.exe [326040 2018-07-12] () HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-11] (AVAST Software) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2714874936-2885573605-2700010397-1000\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5613928 2018-10-09] (Adguard Software Ltd) HKU\S-1-5-21-2714874936-2885573605-2700010397-1000\...\Run: [WallpaperHd] => C:\Users\TES1\AppData\Local\WallpaperHd\WallpaperHd.exe [1828352 2018-06-28] (WallpaperHd) Startup: C:\Users\TES1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2018-10-11] ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{562E2BBE-CA4E-4FF0-9A3B-D6FDF0046C01}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2714874936-2885573605-2700010397-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-05-01] (Sun Microsystems, Inc.) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-05-28] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-05-28] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-05-28] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-05-28] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: kxzgwape.default FF ProfilePath: C:\Users\TES1\AppData\Roaming\Mozilla\Firefox\Profiles\kxzgwape.default [2018-10-13] FF Session Restore: Mozilla\Firefox\Profiles\kxzgwape.default -> [funkcja włączona] FF Extension: (SaveFrom.net helper) - C:\Users\TES1\AppData\Roaming\Mozilla\Firefox\Profiles\kxzgwape.default\Extensions\helper-sig@savefrom.net.xpi [2018-10-12] FF Extension: (Avast SafePrice) - C:\Users\TES1\AppData\Roaming\Mozilla\Firefox\Profiles\kxzgwape.default\Extensions\sp@avast.com.xpi [2018-10-11] FF Extension: (Avast Online Security) - C:\Users\TES1\AppData\Roaming\Mozilla\Firefox\Profiles\kxzgwape.default\Extensions\wrc@avast.com.xpi [2018-10-12] FF Extension: (Telemetry coverage) - C:\Users\TES1\AppData\Roaming\Mozilla\Firefox\Profiles\kxzgwape.default\features\{7e316b2d-8cc0-4257-8e81-0c86c17de1ec}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-13] [Przestarzałe] FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\progra\VLC\npvlc.dll [2018-08-10] (VideoLAN) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2012-05-01] (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [72552 2018-10-09] (Adguard Software Ltd) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-11] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-11] (AVAST Software) R2 ByteFenceService; c:\program files\bytefence\ByteFenceService.exe [157000 2018-07-24] (Byte Technologies LLC) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation) R2 rtop; c:\program files\bytefence\rtop\bin\rtop_svc.exe [297288 2018-10-11] (Byte Technologies LLC.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) R2 ashbackuppb; "c:\progra\Ashampoo Backup Pro 12\bin\backupService-abpb.exe" "--controlFolder=c:\ProgramData\Ashampoo Backup PB\control" "--id=ashbackuppb" daemon ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 adgnetworktdidrv; C:\Windows\System32\drivers\adgnetworktdidrv.sys [66848 2018-09-05] () R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-09-19] (Advanced Micro Devices, Inc.) S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-11] (AVAST Software) S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-11] (AVAST Software) S3 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-11] (AVAST Software) S3 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-11] (AVAST Software) S3 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-11] (AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185240 2018-10-11] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-11] (AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-11] (AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-11] (AVAST Software) S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-11] (AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-11] (AVAST Software) S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-11] (AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-11] (AVAST Software) S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-11] (AVAST Software) S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-11] (AVAST Software) S3 GKUPRO2D; C:\Windows\System32\DRIVERS\GKUPRO2D.sys [120320 2014-09-19] (Gemalto) R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-09-19] (Intel Corporation) S3 IFCoEMP; C:\Windows\system32\drivers\ifM60x64.sys [388368 2011-12-01] (Intel(R) Corporation) S3 IFCoEVB; C:\Windows\system32\drivers\ifP60X64.sys [78096 2011-12-01] (Intel(R) Corporation) S3 irstrtdv; C:\Windows\system32\drivers\irstrtdv.sys [43800 2014-09-19] (Intel Corporation) S3 ISCT; C:\Windows\system32\drivers\ISCTD.sys [44744 2014-09-19] () S3 iusb3xhc; C:\Windows\system32\drivers\iusb3xhc.sys [795632 2013-09-17] () [Brak podpisu cyfrowego] R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-09-19] (Intel Corporation) R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-28] (Microsoft Corporation) S3 SNXPPAMD; C:\Windows\system32\drivers\snxppamd.sys [105528 2014-09-19] (SUNIX Co., Ltd.) S3 SNXPSAMD; C:\Windows\system32\drivers\snxpsamd.sys [101432 2014-09-19] (SUNIX Co., Ltd.) S3 ST7007; C:\Windows\system32\drivers\ST7007.sys [69896 2014-09-19] (STMicroelectronics) U3 aswbdisk; Brak ImagePath U3 DfSdkS; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-10-13 12:25 - 2018-10-13 12:40 - 000000000 ____D C:\FRST 2018-10-12 18:18 - 2018-10-12 18:19 - 000000906 _____ C:\Users\TES1\Desktop\Pobrane.lnk 2018-10-12 17:49 - 2018-10-12 17:49 - 000003580 _____ C:\Windows\System32\Tasks\Goodgame Empire2 2018-10-12 17:49 - 2018-10-12 17:49 - 000003580 _____ C:\Windows\System32\Tasks\Goodgame Empire1 2018-10-12 17:49 - 2018-10-12 17:49 - 000001851 _____ C:\Users\TES1\Desktop\Goodgame Empire.lnk 2018-10-12 17:49 - 2018-10-12 17:49 - 000000000 ____D C:\Users\TES1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Empire 2018-10-12 17:49 - 2018-10-12 17:49 - 000000000 ____D C:\Users\TES1\AppData\Roaming\Goodgame Empire 2018-10-12 17:45 - 2018-10-12 17:45 - 002516136 _____ ( ) C:\Users\TES1\Downloads\Boot-Repair-Disk_3981361783.exe 2018-10-12 17:40 - 2018-10-12 17:40 - 000001650 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2018-10-12 17:40 - 2018-10-12 17:40 - 000001594 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2018-10-12 17:40 - 2018-10-12 17:40 - 000000000 ____D C:\Users\TES1\AppData\Roaming\Canneverbe Limited 2018-10-12 17:40 - 2018-10-12 17:40 - 000000000 ____D C:\ProgramData\Canneverbe Limited 2018-10-12 17:36 - 2018-10-12 17:36 - 006523312 _____ (Canneverbe Limited ) C:\Users\TES1\Downloads\cdbxp_setup_4.5.8.7035_x64.exe 2018-10-12 17:18 - 2018-10-12 17:18 - 000000402 _____ C:\Users\TES1\Desktop\Dysk wymienny (E) (2).lnk 2018-10-12 17:10 - 2018-10-12 17:14 - 000000892 _____ C:\Users\TES1\Desktop\diskmgmt.msc.lnk 2018-10-12 17:10 - 2018-10-12 17:13 - 000001247 _____ C:\Users\TES1\Desktop\dxdiag.exe.lnk 2018-10-12 17:10 - 2018-10-12 17:12 - 000001247 _____ C:\Users\TES1\Desktop\Defrag.exe.lnk 2018-10-12 13:36 - 2018-10-12 13:37 - 000000000 ___DC C:\Users\TES1\AppData\Local\MigWiz 2018-10-12 13:33 - 2018-10-12 13:34 - 000002562 _____ C:\Windows\diagwrn.xml 2018-10-12 13:33 - 2018-10-12 13:34 - 000001908 _____ C:\Windows\diagerr.xml 2018-10-12 11:51 - 2018-10-12 11:51 - 000000562 _____ C:\Users\TES1\Desktop\LISTY.lnk 2018-10-12 11:47 - 2018-10-12 11:47 - 000004118 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1539337648 2018-10-12 11:47 - 2018-10-12 11:47 - 000000000 ____D C:\Users\TES1\AppData\Local\Opera Software 2018-10-12 11:45 - 2018-10-12 11:46 - 001921616 _____ (Opera Software) C:\Users\TES1\Downloads\OperaSetup.exe 2018-10-12 11:36 - 2018-10-12 11:44 - 000001396 _____ C:\Users\TES1\Desktop\firefox.exe.lnk 2018-10-11 19:39 - 2018-10-11 19:39 - 075754496 _____ C:\Users\TES1\Downloads\db9_FreeEdition_p(dobreprogramy.pl).msi 2018-10-11 19:38 - 2018-10-11 19:38 - 001733867 _____ (Gacenas ) C:\Users\TES1\Downloads\Paragon-Drive-Backup-24988-AsystentPobierania_3481806614.exe 2018-10-11 19:37 - 2018-10-11 19:37 - 001733867 _____ (Gacenas ) C:\Users\TES1\Downloads\EaseUS-Todo-Backup-Free-22322-AsystentPobierania_1774580200.exe 2018-10-11 19:36 - 2018-10-11 19:36 - 001733867 _____ (Gacenas ) C:\Users\TES1\Downloads\Cobian-Backup-12544-AsystentPobierania_0132564408.exe 2018-10-11 19:34 - 2018-10-11 19:35 - 001733867 _____ (Gacenas ) C:\Users\TES1\Downloads\Active-Disk-Image-Lite-51464-AsystentPobierania_2287638423.exe 2018-10-11 19:18 - 2018-10-11 19:18 - 000000000 ____D C:\Users\TES1\AppData\Roaming\AVAST Software 2018-10-11 19:18 - 2018-10-11 19:18 - 000000000 ____D C:\Users\TES1\AppData\Local\CEF 2018-10-11 19:07 - 2018-10-12 17:01 - 000000000 ____D C:\Users\TES1\AppData\Local\AVAST Software 2018-10-11 19:05 - 2018-10-11 19:05 - 000001929 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2018-10-11 19:05 - 2018-10-11 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2018-10-11 19:04 - 2018-10-11 19:04 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2018-10-11 19:04 - 2018-10-11 19:04 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software 2018-10-11 19:03 - 2018-10-11 19:03 - 000467904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2018-10-11 19:03 - 2018-10-11 19:03 - 000381144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2018-10-11 19:03 - 2018-10-11 19:03 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2018-10-11 19:03 - 2018-10-11 19:03 - 000208640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2018-10-11 19:03 - 2018-10-11 19:03 - 000201408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2018-10-11 19:03 - 2018-10-11 19:03 - 000163376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2018-10-11 19:03 - 2018-10-11 19:03 - 000111968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2018-10-11 19:03 - 2018-10-11 19:03 - 000088112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2018-10-11 19:03 - 2018-10-11 19:03 - 000047064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2018-10-11 19:03 - 2018-10-11 19:03 - 000000000 ____D C:\Program Files\Common Files\AVAST Software 2018-10-11 19:03 - 2018-10-11 19:02 - 001028840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2018-10-11 19:03 - 2018-10-11 19:02 - 000346760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys 2018-10-11 19:03 - 2018-10-11 19:02 - 000230512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2018-10-11 19:03 - 2018-10-11 19:02 - 000201928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys 2018-10-11 19:03 - 2018-10-11 19:02 - 000185240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2018-10-11 19:03 - 2018-10-11 19:02 - 000059664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys 2018-10-11 19:03 - 2018-10-11 19:02 - 000042456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2018-10-11 18:58 - 2018-10-11 18:58 - 002437392 _____ (Fon ) C:\Users\TES1\Downloads\Ultimate Boot CD 5.3.8_4077041065.exe 2018-10-11 18:53 - 2018-10-11 18:53 - 000549810 _____ (Irfan Skiljan) C:\Users\TES1\Downloads\irfanview_lang_polski.exe 2018-10-11 18:52 - 2018-10-11 18:52 - 001784168 _____ ( ) C:\Users\TES1\Downloads\IrfanView-Spolszczenie-12933-AsystentPobierania_1841900648.exe 2018-10-11 18:51 - 2018-10-11 18:51 - 000001611 _____ C:\Users\TES1\Desktop\IrfanView Thumbnails.lnk 2018-10-11 18:51 - 2018-10-11 18:51 - 000000745 _____ C:\Users\TES1\Desktop\IrfanView.lnk 2018-10-11 18:51 - 2018-10-11 18:51 - 000000000 ____D C:\Users\TES1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2018-10-11 18:51 - 2018-10-11 18:51 - 000000000 ____D C:\Users\TES1\AppData\Roaming\IrfanView 2018-10-11 18:48 - 2018-10-11 18:49 - 002466952 _____ (Irfan Skiljan) C:\Users\TES1\Downloads\iview451_setup.exe 2018-10-11 18:48 - 2018-10-11 18:48 - 000000000 ____D C:\Users\TES1\AppData\Local\Ashampoo 2018-10-11 18:33 - 2018-10-11 18:33 - 000000000 ____D C:\Users\TES1\AppData\Local\Ashampoo Backup PB 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\Ustawienia lokalne 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\Szablony 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\Moje dokumenty 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\Menu Start 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\Documents\Moje wideo 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\Documents\Moje obrazy 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\Documents\Moja muzyka 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\Dane aplikacji 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\AppData\Local\Historia 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 _SHDL C:\Users\_ashbackuppb_\AppData\Local\Dane aplikacji 2018-10-11 18:32 - 2018-10-11 18:32 - 000000000 ____D C:\Users\_ashbackuppb_\AppData\Local\Ashampoo 2018-10-11 18:32 - 2012-05-01 06:08 - 000063696 _____ C:\Users\_ashbackuppb_\AppData\Local\GDIPFONTCACHEV1.DAT 2018-10-11 18:31 - 2018-10-11 18:32 - 000000000 ____D C:\Users\_ashbackuppb_ 2018-10-11 18:31 - 2018-10-11 18:31 - 000000221 _____ C:\Users\Public\Desktop\Ashampoo Deals.url 2018-10-11 18:31 - 2018-10-11 18:31 - 000000000 ____D C:\ProgramData\Ashampoo Backup PB 2018-10-11 18:31 - 2012-05-01 18:03 - 000000000 ____D C:\Users\_ashbackuppb_\AppData\Roaming\OpenOffice.org 2018-10-11 18:31 - 2012-05-01 07:22 - 000000000 ____D C:\Users\_ashbackuppb_\AppData\Local\Windows Live 2018-10-11 18:31 - 2012-05-01 06:15 - 000000000 ____D C:\Users\_ashbackuppb_\AppData\LocalLow\Sun 2018-10-11 18:31 - 2010-11-21 04:51 - 000001449 _____ C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2018-10-11 18:31 - 2010-11-21 04:51 - 000001415 _____ C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2018-10-11 18:31 - 2010-11-21 04:50 - 000000020 ___SH C:\Users\_ashbackuppb_\ntuser.ini 2018-10-11 18:30 - 2018-10-11 18:30 - 000000961 _____ C:\Users\Public\Desktop\Ashampoo Backup Pro 12.lnk 2018-10-11 18:23 - 2015-06-07 01:13 - 000961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:13 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2018-10-11 18:23 - 2015-06-07 01:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2018-10-11 18:20 - 2018-10-11 18:20 - 094353248 _____ (Ashampoo GmbH & Co. KG ) C:\Users\TES1\Downloads\ashampoo_backup_pro_12_12.03_sm.exe 2018-10-11 18:18 - 2018-10-11 18:18 - 001784168 _____ ( ) C:\Users\TES1\Downloads\Ashampoo-Backup-Pro-71521-AsystentPobierania_2569346948.exe 2018-10-11 18:06 - 2018-10-11 18:06 - 006996080 _____ (SaveFrom.net ) C:\Users\TES1\Downloads\SFHelper-Setup-[fe3ce2ea82ac7e24#386#DmpoDmpLijQ].exe 2018-10-11 17:27 - 2018-10-12 11:12 - 000000000 ____D C:\Users\TES1\AppData\Roaming\DeepBurner 2018-10-11 17:27 - 2018-10-11 17:28 - 000000000 ____D C:\Users\TES1\AppData\Local\{291D1F41-0DB5-73F9-602D-56114445AA89} 2018-10-11 17:27 - 2018-10-11 17:27 - 000001336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk 2018-10-11 17:27 - 2018-10-11 17:27 - 000000700 _____ C:\Users\TES1\Desktop\DeepBurner.lnk 2018-10-11 17:25 - 2018-10-11 17:25 - 002801569 _____ C:\Users\TES1\Downloads\DeepBurner1.exe 2018-10-11 17:20 - 2018-10-11 17:20 - 002486016 _____ ( ) C:\Users\TES1\Downloads\deepburner_0252470787.exe 2018-10-11 17:18 - 2018-10-11 17:22 - 000001246 _____ C:\Users\TES1\Desktop\Kontynuuj instalację DeepBurner Free 1.9.0.228.lnk 2018-10-11 17:14 - 2018-10-11 17:14 - 002437392 _____ (Fon ) C:\Users\TES1\Downloads\DeepBurner Free 1.9.0.228_0533304895.exe 2018-10-11 17:11 - 2018-10-11 17:11 - 002437392 _____ (Fon ) C:\Users\TES1\Downloads\DeepBurner Free 1.9.0.228_0529358006.exe 2018-10-11 17:09 - 2018-10-11 17:09 - 009074060 _____ C:\Windows\system32\PerfStringBackup.TMP 2018-10-11 16:58 - 2018-10-11 16:58 - 000000000 ____D C:\Users\TES1\AppData\Local\ElevatedDiagnostics 2018-10-11 15:35 - 2018-10-11 15:35 - 002437392 _____ (Fon ) C:\Users\TES1\Downloads\DeepBurner Free 1.9.0.228_1533071663.exe 2018-10-11 15:20 - 2018-10-11 15:21 - 000000706 _____ C:\Users\TES1\Desktop\PROGRA.lnk 2018-10-11 15:12 - 2018-10-11 15:12 - 001784168 _____ ( ) C:\Users\TES1\Downloads\DeepBurner-12213-AsystentPobierania_4074523419.exe 2018-10-11 15:10 - 2018-10-11 15:10 - 001784168 _____ ( ) C:\Users\TES1\Downloads\DeepBurner-12213-AsystentPobierania_0607920307.exe 2018-10-11 14:50 - 2018-10-11 14:51 - 000000114 _____ C:\Users\TES1\AppData\Roaming\WB.CFG 2018-10-11 14:50 - 2018-10-11 14:50 - 000059890 _____ C:\Windows\SysWOW64\stub.json 2018-10-11 14:42 - 2018-10-11 14:42 - 097498528 _____ (CHENGDU YIWO Tech Development Co., Ltd ) C:\Users\TES1\Downloads\tb_free.exe 2018-10-11 14:39 - 2018-10-11 14:40 - 001784168 _____ ( ) C:\Users\TES1\Downloads\EaseUS-Todo-Backup-Free-22322-AsystentPobierania_0780751271.exe 2018-10-11 14:00 - 2018-10-11 14:01 - 000000710 _____ C:\Users\TES1\Desktop\KOMPUTERY.lnk 2018-10-11 13:59 - 2018-10-13 10:11 - 000000000 ____D C:\Users\TES1\AppData\Roaming\vlc 2018-10-11 13:58 - 2018-10-11 13:58 - 000000656 _____ C:\Users\Public\Desktop\VLC media player.lnk 2018-10-11 13:58 - 2018-10-11 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2018-10-11 13:53 - 2018-10-11 13:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2018-10-11 13:49 - 2018-10-11 13:50 - 000000728 _____ C:\Users\TES1\Desktop\Progra.komp.lnk 2018-10-11 13:45 - 2018-10-11 13:48 - 000001212 _____ C:\Users\TES1\Desktop\cmd.exe.lnk 2018-10-11 13:29 - 2018-10-11 13:29 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2018-10-11 13:29 - 2016-07-20 14:12 - 000000555 ____R C:\Users\TES1\Desktop\taskmgr.exe.lnk 2018-10-11 13:27 - 2018-10-11 13:28 - 000000819 _____ C:\Users\TES1\Desktop\KOLEJ.lnk 2018-10-11 13:27 - 2018-10-11 13:28 - 000000717 _____ C:\Users\TES1\Desktop\WIADOMOŚCI.lnk 2018-10-11 13:27 - 2018-10-11 13:27 - 000000402 _____ C:\Users\TES1\Desktop\Dysk wymienny (E).lnk 2018-10-11 13:24 - 2018-10-11 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2018-10-11 13:24 - 2018-10-11 13:24 - 000001820 _____ C:\Users\Public\Desktop\1-Click-Optimizer.lnk 2018-10-11 13:24 - 2018-10-11 13:24 - 000000842 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 2014.lnk 2018-10-11 13:24 - 2018-10-11 13:24 - 000000230 _____ C:\Users\Public\Desktop\Your Software Deals.url 2018-10-11 13:23 - 2018-10-11 18:30 - 000000000 ____D C:\ProgramData\Ashampoo 2018-10-11 13:23 - 2009-08-24 22:13 - 000034304 _____ (mst software GmbH, Germany) C:\Windows\system32\DfSdkBt.exe 2018-10-11 13:22 - 2018-10-11 13:22 - 027034984 _____ (Ashampoo GmbH & Co. KG ) C:\Users\TES1\Downloads\ashampoo_winoptimizer_2014_1.0.0_17596.exe 2018-10-11 13:20 - 2014-05-14 18:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2018-10-11 13:20 - 2014-05-14 18:23 - 000700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2018-10-11 13:20 - 2014-05-14 18:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2018-10-11 13:20 - 2014-05-14 18:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2018-10-11 13:20 - 2014-05-14 18:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2018-10-11 13:20 - 2014-05-14 18:23 - 000038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2018-10-11 13:20 - 2014-05-14 18:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2018-10-11 13:20 - 2014-05-14 18:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2018-10-11 13:20 - 2014-05-14 18:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2018-10-11 13:20 - 2014-05-14 18:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2018-10-11 13:19 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2018-10-11 13:19 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2018-10-11 13:19 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2018-10-11 13:19 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2018-10-11 13:18 - 2018-10-11 13:18 - 000000000 ____D C:\ProgramData\ByteFence 2018-10-11 13:11 - 2018-10-11 13:11 - 000003360 _____ C:\Windows\System32\Tasks\ByteFence 2018-10-11 13:11 - 2018-10-11 13:11 - 000001034 _____ C:\Users\TES1\Desktop\ByteFence Anti-Malware.lnk 2018-10-11 13:11 - 2018-10-11 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware 2018-10-11 13:10 - 2018-10-13 11:50 - 000000000 ____D C:\Program Files\ByteFence 2018-10-11 13:10 - 2018-10-11 21:48 - 000000000 ____D C:\ProgramData\AVAST Software 2018-10-11 13:10 - 2018-10-11 13:10 - 000000000 ____D C:\Users\TES1\AppData\Roaming\Opera Software 2018-10-11 13:10 - 2018-10-11 13:10 - 000000000 ____D C:\Users\TES1\AppData\Local\WallpaperHd 2018-10-11 13:10 - 2018-10-11 13:10 - 000000000 ____D C:\Program Files\AVAST Software 2018-10-11 13:08 - 2018-10-12 17:40 - 000000000 ____D C:\progra 2018-10-11 13:08 - 2018-10-11 13:08 - 002437392 _____ (Fon ) C:\Users\TES1\Downloads\CCleaner 5.47.6716_3697405061.exe 2018-10-11 12:58 - 2018-10-11 12:59 - 000001232 _____ C:\Users\TES1\Desktop\write.lnk 2018-10-11 12:56 - 2018-10-11 12:57 - 000001252 _____ C:\Users\TES1\Desktop\notepad.lnk 2018-10-11 12:56 - 2018-10-11 12:56 - 000001089 _____ C:\Users\TES1\Desktop\regedit.lnk 2018-10-11 12:55 - 2018-10-12 15:46 - 000008791 _____ C:\Users\TES1\Documents\test1 1.odt 2018-10-11 12:55 - 2018-10-12 15:46 - 000000119 ____H C:\Users\TES1\Documents\.~lock.test1 1.odt# 2018-10-11 12:07 - 2018-10-11 12:07 - 000000283 _____ C:\Windows\SysWOW64\Drivers\vwifikerneldrv.sys 2018-10-11 12:07 - 2018-10-11 12:07 - 000000283 _____ C:\Windows\SysWOW64\d3dx9_11.dll.tmp 2018-10-11 12:07 - 2018-10-11 12:07 - 000000283 _____ C:\ProgramData\fontcacheev1.dat 2018-10-11 12:07 - 2018-09-05 15:17 - 000066848 _____ () C:\Windows\system32\Drivers\adgnetworktdidrv.sys 2018-10-11 12:06 - 2018-10-13 12:41 - 000000000 ____D C:\ProgramData\Adguard 2018-10-11 12:06 - 2018-10-12 16:59 - 000000000 ____D C:\Program Files (x86)\Adguard 2018-10-11 12:06 - 2018-10-11 12:06 - 000000940 _____ C:\Users\Public\Desktop\Adguard.lnk 2018-10-11 12:06 - 2018-10-11 12:06 - 000000000 ____D C:\Users\TES1\AppData\Roaming\Adguard Software Ltd 2018-10-11 12:06 - 2018-10-11 12:06 - 000000000 ____D C:\Users\TES1\AppData\Local\Adguard_Software_Ltd 2018-10-11 12:06 - 2018-10-11 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard 2018-10-11 12:00 - 2018-10-11 18:29 - 000000000 ____D C:\ProgramData\Package Cache 2018-10-11 12:00 - 2018-10-11 12:00 - 000003144 _____ C:\Windows\System32\Tasks\{00E9F834-E52D-465D-BD49-E3018036D475} 2018-10-11 11:59 - 2018-10-11 11:59 - 000173416 _____ C:\Users\TES1\Downloads\adguardInstaller.exe 2018-10-11 11:18 - 2018-10-13 11:31 - 000000000 ____D C:\Users\TES1\AppData\LocalLow\Mozilla 2018-10-11 11:18 - 2018-10-11 11:59 - 000000000 ____D C:\Users\TES1\AppData\Local\Mozilla 2018-10-11 11:18 - 2018-10-11 11:18 - 000000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-10-11 11:18 - 2018-10-11 11:18 - 000000931 _____ C:\Users\Public\Desktop\Firefox.lnk 2018-10-11 11:18 - 2018-10-11 11:18 - 000000000 ____D C:\Users\TES1\AppData\Roaming\Mozilla 2018-10-11 11:18 - 2018-10-11 11:18 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-10-11 11:18 - 2018-10-11 11:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-10-11 11:17 - 2018-10-11 11:17 - 000000000 ____D C:\Users\TES1\AppData\Roaming\Adobe 2018-10-11 11:16 - 2018-10-11 11:54 - 000064152 _____ C:\Users\TES1\AppData\Local\GDIPFONTCACHEV1.DAT 2018-10-11 11:16 - 2018-10-11 11:16 - 000001462 _____ C:\Users\TES1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2018-10-11 11:16 - 2018-10-11 11:16 - 000001428 _____ C:\Users\TES1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\Ustawienia lokalne 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\Szablony 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\Moje dokumenty 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\Menu Start 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\Documents\Moje wideo 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\Documents\Moje obrazy 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\Documents\Moja muzyka 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\Dane aplikacji 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\AppData\Local\Historia 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 _SHDL C:\Users\TES1\AppData\Local\Dane aplikacji 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 ____D C:\Users\TES1\AppData\Local\VirtualStore 2018-10-11 11:16 - 2018-10-11 11:16 - 000000000 ____D C:\Users\TES1 2018-10-11 11:16 - 2012-05-01 18:03 - 000000000 ____D C:\Users\TES1\AppData\Roaming\OpenOffice.org 2018-10-11 11:16 - 2012-05-01 07:22 - 000000000 ____D C:\Users\TES1\AppData\Local\Windows Live 2018-10-11 11:16 - 2012-05-01 06:15 - 000000000 ____D C:\Users\TES1\AppData\LocalLow\Sun 2018-10-11 11:16 - 2010-11-21 04:50 - 000000020 ___SH C:\Users\TES1\ntuser.ini 2018-10-04 18:18 - 2018-10-04 18:18 - 000000000 ____D C:\Windows\CSC ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-10-12 17:08 - 2009-07-14 06:45 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-10-12 17:08 - 2009-07-14 06:45 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-10-12 16:55 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-10-12 16:51 - 2009-07-14 07:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD 2018-10-11 18:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-10-11 17:09 - 2015-08-11 11:14 - 000634082 _____ C:\Windows\system32\perfh00E.dat 2018-10-11 17:09 - 2015-08-11 11:14 - 000149112 _____ C:\Windows\system32\perfc00E.dat 2018-10-11 17:09 - 2014-09-16 16:38 - 000450488 _____ C:\Windows\system32\perfh014.dat 2018-10-11 17:09 - 2014-09-16 16:38 - 000077898 _____ C:\Windows\system32\perfc014.dat 2018-10-11 17:09 - 2013-12-13 16:33 - 000619470 _____ C:\Windows\system32\perfh01D.dat 2018-10-11 17:09 - 2013-12-13 16:33 - 000124542 _____ C:\Windows\system32\perfc01D.dat 2018-10-11 17:09 - 2012-05-01 15:21 - 000695356 _____ C:\Windows\system32\perfh00A.dat 2018-10-11 17:09 - 2012-05-01 15:21 - 000137864 _____ C:\Windows\system32\perfc00A.dat 2018-10-11 17:09 - 2012-05-01 15:17 - 000699774 _____ C:\Windows\system32\perfh015.dat 2018-10-11 17:09 - 2012-05-01 15:17 - 000135784 _____ C:\Windows\system32\perfc015.dat 2018-10-11 17:09 - 2012-05-01 15:15 - 000691010 _____ C:\Windows\system32\perfh010.dat 2018-10-11 17:09 - 2012-05-01 15:15 - 000127946 _____ C:\Windows\system32\perfc010.dat 2018-10-11 17:09 - 2012-05-01 15:13 - 000553672 _____ C:\Windows\system32\perfh008.dat 2018-10-11 17:09 - 2012-05-01 15:13 - 000090238 _____ C:\Windows\system32\perfc008.dat 2018-10-11 17:09 - 2012-05-01 15:11 - 000645738 _____ C:\Windows\system32\perfh007.dat 2018-10-11 17:09 - 2012-05-01 15:11 - 000130342 _____ C:\Windows\system32\perfc007.dat 2018-10-11 17:09 - 2012-05-01 15:09 - 000696332 _____ C:\Windows\system32\perfh00C.dat 2018-10-11 17:09 - 2012-05-01 15:09 - 000130942 _____ C:\Windows\system32\perfc00C.dat 2018-10-11 17:09 - 2012-05-01 15:07 - 000693094 _____ C:\Windows\system32\perfh013.dat 2018-10-11 17:09 - 2012-05-01 15:07 - 000133742 _____ C:\Windows\system32\perfc013.dat 2018-10-11 17:09 - 2012-05-01 15:05 - 000625046 _____ C:\Windows\system32\perfh005.dat 2018-10-11 17:09 - 2012-05-01 15:05 - 000122590 _____ C:\Windows\system32\perfc005.dat 2018-10-11 17:09 - 2009-07-14 07:13 - 009074060 _____ C:\Windows\system32\PerfStringBackup.INI 2018-10-11 15:06 - 2015-10-16 02:35 - 000000000 ____D C:\Windows\Minidump 2018-10-11 15:06 - 2012-05-01 06:55 - 000000000 ____D C:\Windows\Panther 2018-10-11 11:54 - 2012-05-01 06:03 - 000001945 _____ C:\Windows\epplauncher.mif 2018-10-11 11:53 - 2009-07-14 05:20 - 000000000 __RHD C:\Users\Public\Libraries 2018-10-11 11:15 - 2009-07-14 06:45 - 000294592 _____ C:\Windows\system32\FNTCACHE.DAT ==================== Pliki w katalogu głównym wybranych folderów ======= 2018-10-11 12:07 - 2018-10-11 12:07 - 000000283 _____ () C:\ProgramData\fontcacheev1.dat 2018-10-11 14:50 - 2018-10-11 14:51 - 000000114 _____ () C:\Users\TES1\AppData\Roaming\WB.CFG Niektóre pliki w TEMP: ==================== 2018-10-11 17:18 - 2018-10-11 17:22 - 002437392 _____ (Fon ) C:\Users\TES1\AppData\Local\Temp\DeepBurner Free 1.9.0.228_0533304895.exe 2018-10-11 15:13 - 2018-10-11 15:19 - 001784168 _____ ( ) C:\Users\TES1\AppData\Local\Temp\DeepBurner-12213-AsystentPobierania_4074523419.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2012-05-01 05:56 ==================== Koniec FRST.txt ============================