Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14.03.2018 Uruchomiony przez Lonnger (administrator) PIECYK (17-03-2018 12:05:18) Uruchomiony z C:\Users\Lonnger\Downloads Załadowane profile: Lonnger (Dostępne profile: Lonnger) Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO) C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe (Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe (f.lux Software LLC) C:\Users\Lonnger\AppData\Local\FluxSoftware\Flux\flux.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Ghisler Software GmbH) C:\Program Files\Total Commander\TOTALCMD64.EXE (Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft) HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [3465608 2017-10-01] (Paramount Software UK Ltd) HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2208448 2018-03-13] (COMODO) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc.) HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [8511152 2018-03-06] (COMODO) HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4072376 2018-01-17] (COMODO) HKU\S-1-5-21-4294273755-2268356160-3744659399-1001\...\Run: [f.lux] => C:\Users\Lonnger\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC) HKU\S-1-5-21-4294273755-2268356160-3744659399-1001\...\Run: [OscarEditor] => "C:\Program Files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe" Minimum ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 192.168.2.1 Tcpip\..\Interfaces\{774A448C-F256-443A-9687-C6AC93CA0A26}: [DhcpNameServer] 208.67.222.222 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-4294273755-2268356160-3744659399-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2018-03-06] (COMODO) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft) BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2018-03-06] (COMODO) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft) FireFox: ======== FF DefaultProfile: kfog3i71.default-1520618212368 FF ProfilePath: C:\Users\Lonnger\AppData\Roaming\Mozilla\Firefox\Profiles\kfog3i71.default-1520618212368 [2018-03-17] FF Session Restore: Mozilla\Firefox\Profiles\kfog3i71.default-1520618212368 -> [funkcja włączona] FF NewTabOverride: Mozilla\Firefox\Profiles\kfog3i71.default-1520618212368 -> Enabled: uBlock0@raymondhill.net FF Extension: (HTTPS Everywhere) - C:\Users\Lonnger\AppData\Roaming\Mozilla\Firefox\Profiles\kfog3i71.default-1520618212368\Extensions\https-everywhere-eff@eff.org.xpi [2018-03-14] FF Extension: (uBlock Origin) - C:\Users\Lonnger\AppData\Roaming\Mozilla\Firefox\Profiles\kfog3i71.default-1520618212368\Extensions\uBlock0@raymondhill.net.xpi [2018-03-16] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-15] () R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11395096 2018-03-13] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-03-13] (COMODO) R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4199088 2018-03-06] (COMODO) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-11] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-11] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc.) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [662600 2018-02-05] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8410184 2018-02-05] (GOG.com) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2017-04-16] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] () R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (COMODO) R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [4091112 2017-11-09] (Paramount Software UK Ltd) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-02-03] (Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-02-03] (Electronic Arts) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142432 2017-11-09] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-01-27] (Asmedia Technology) S2 CamMask; C:\Windows\system32\DRIVERS\cmvcamdrv64.sys [954072 2013-12-23] () R1 cmdcss; C:\Windows\system32\drivers\cmdcss.sys [125000 2018-02-28] (COMODO) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [35360 2018-01-31] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [821752 2018-01-31] (COMODO) R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [42080 2018-01-31] (COMODO) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d62x64.sys [534512 2017-04-25] (Intel Corporation) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] () R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [125200 2018-01-31] (COMODO) R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] () R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [63200 2017-12-13] (COMODO) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2018-01-24] (NVIDIA Corporation) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [200832 2018-01-15] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [211704 2018-01-15] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-03-17 12:05 - 2018-03-17 12:05 - 000012317 _____ C:\Users\Lonnger\Downloads\FRST.txt 2018-03-17 11:49 - 2018-03-17 11:49 - 000004931 _____ C:\Users\Lonnger\Downloads\Fixlog.txt_old 2018-03-17 11:29 - 2018-03-17 11:29 - 007986864 _____ ( ) C:\Users\Lonnger\Downloads\AVG_Remover.exe 2018-03-17 11:22 - 2018-03-17 11:22 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\Comodo 2018-03-17 11:19 - 2018-03-17 12:00 - 000332096 _____ C:\Windows\system32\Drivers\sfi.dat 2018-03-17 11:19 - 2018-03-17 11:19 - 000001262 _____ C:\Users\Public\Desktop\COMODO Internet Security Premium.lnk 2018-03-17 11:19 - 2018-03-17 11:19 - 000000000 ____D C:\Windows\System32\Tasks\COMODO 2018-03-17 11:19 - 2018-03-17 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO 2018-03-17 11:19 - 2018-03-17 11:19 - 000000000 ____D C:\Program Files\COMODO 2018-03-17 11:19 - 2018-03-17 11:19 - 000000000 ____D C:\Program Files (x86)\COMODO 2018-03-17 11:19 - 2018-03-06 02:28 - 000447696 _____ (COMODO) C:\Windows\system32\cssguard64.dll 2018-03-17 11:19 - 2018-03-06 02:28 - 000349488 _____ (COMODO) C:\Windows\SysWOW64\cssguard32.dll 2018-03-17 11:19 - 2018-03-06 02:28 - 000337072 _____ (COMODO) C:\Windows\system32\cmdkbdcss64.dll 2018-03-17 11:19 - 2018-03-06 02:28 - 000267440 _____ (COMODO) C:\Windows\SysWOW64\cmdkbdcss32.dll 2018-03-17 11:19 - 2018-03-06 02:28 - 000050256 _____ (COMODO) C:\Windows\system32\csscsr64.dll 2018-03-17 11:19 - 2018-02-28 08:11 - 000125000 _____ (COMODO) C:\Windows\system32\Drivers\cmdcss.sys 2018-03-17 11:19 - 2018-01-17 08:59 - 000255248 _____ (COMODO) C:\Windows\system32\iseguard64.dll 2018-03-17 11:19 - 2018-01-17 08:59 - 000205256 _____ (COMODO) C:\Windows\SysWOW64\iseguard32.dll 2018-03-17 11:19 - 2017-12-13 03:16 - 000063200 _____ (COMODO) C:\Windows\system32\Drivers\isedrv.sys 2018-03-17 11:17 - 2018-03-17 11:19 - 000000000 ____D C:\ProgramData\Comodo 2018-03-17 11:17 - 2018-03-17 11:17 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\Baidu 2018-03-17 11:17 - 2018-03-17 11:17 - 000000000 ____D C:\ProgramData\Shared Space 2018-03-17 11:17 - 2018-03-17 11:17 - 000000000 ____D C:\ProgramData\Comodo Downloader 2018-03-17 11:16 - 2018-03-17 11:16 - 005546648 _____ (COMODO) C:\Users\Lonnger\Downloads\cispremium_installer.exe 2018-03-17 10:25 - 2018-03-17 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-03-16 20:38 - 2018-03-16 20:38 - 000060459 _____ C:\Users\Lonnger\Downloads\Addition.txt_old 2018-03-16 20:37 - 2018-03-17 12:05 - 000000000 ____D C:\FRST 2018-03-16 20:37 - 2018-03-16 20:38 - 000039768 _____ C:\Users\Lonnger\Downloads\FRST.txt_old 2018-03-16 20:37 - 2018-03-16 20:37 - 002403328 _____ (Farbar) C:\Users\Lonnger\Downloads\FRST64.exe 2018-03-16 20:32 - 2018-03-16 20:32 - 008222496 _____ (Malwarebytes) C:\Users\Lonnger\Downloads\adwcleaner_7.0.8.0.exe 2018-03-15 21:17 - 2018-03-15 21:17 - 000000000 ____D C:\Users\Lonnger\Downloads\drive-download-20180315T201638Z-001 2018-03-15 21:16 - 2018-03-15 21:16 - 000328353 _____ C:\Users\Lonnger\Downloads\drive-download-20180315T201638Z-001.zip 2018-03-15 12:50 - 2018-03-15 12:50 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2018-03-15 12:50 - 2018-03-15 12:50 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2018-03-15 12:50 - 2018-03-15 12:50 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2018-03-15 12:50 - 2018-03-15 12:50 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2018-03-13 19:38 - 2018-02-14 22:45 - 000145024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2018-03-13 19:38 - 2018-02-13 15:20 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2018-03-13 19:38 - 2018-02-13 15:20 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2018-03-13 19:38 - 2018-02-13 15:20 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2018-03-13 19:38 - 2018-02-13 15:20 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2018-03-13 19:38 - 2018-02-13 15:20 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2018-03-13 19:38 - 2018-02-13 15:20 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2018-03-13 19:38 - 2018-02-13 15:20 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2018-03-13 19:38 - 2018-02-13 15:20 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2018-03-13 19:38 - 2018-02-13 15:20 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2018-03-13 17:20 - 2018-03-13 17:20 - 000923720 _____ (COMODO) C:\Windows\system32\guard64.dll 2018-03-13 17:20 - 2018-03-13 17:20 - 000710168 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll 2018-03-13 17:20 - 2018-03-13 17:20 - 000051808 _____ (COMODO) C:\Windows\system32\cmdcsr.dll 2018-03-13 17:18 - 2018-03-13 17:18 - 000467648 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll 2018-03-13 17:16 - 2018-03-13 17:16 - 000371392 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll 2018-03-12 21:26 - 2018-03-12 21:26 - 000001974 _____ C:\Users\Public\Desktop\Macrium Reflect.lnk 2018-03-12 21:26 - 2018-03-12 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium 2018-03-12 20:57 - 2016-12-06 02:45 - 000197624 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EuFdDisk.sys 2018-03-12 20:57 - 2016-12-06 02:45 - 000066040 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eubakup.sys 2018-03-12 20:57 - 2016-12-06 02:45 - 000053240 _____ C:\Windows\system32\Drivers\EUBKMON.sys 2018-03-12 20:57 - 2016-12-06 02:45 - 000023544 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eudskacs.sys 2018-03-12 20:50 - 2018-03-12 20:50 - 068574560 _____ (CHENGDU YIWO Tech Development Co., Ltd ) C:\Users\Lonnger\Downloads\tb_free(1).exe 2018-03-12 20:47 - 2018-03-12 20:47 - 033072904 _____ (EaseUS ) C:\Users\Lonnger\Downloads\drw_trial.exe 2018-03-12 17:27 - 2018-03-12 18:06 - 000000000 ____D C:\Program Files (x86)\SSDFresh 2018-03-12 17:27 - 2018-03-12 17:28 - 000000000 ____D C:\Users\Lonnger\AppData\Local\Abelssoft 2018-03-12 17:27 - 2018-03-12 17:27 - 002457192 _____ (Abelssoft ) C:\Users\Lonnger\Downloads\ssdfresh.exe 2018-03-12 17:16 - 2018-03-12 22:25 - 000206675 _____ C:\Windows\ZAM_Guard.krnl.trace 2018-03-12 17:16 - 2018-03-12 18:04 - 000047206 _____ C:\Windows\ZAM.krnl.trace 2018-03-11 21:17 - 2018-03-16 20:19 - 000004026 _____ C:\Windows\System32\Tasks\Macrium-Backup-{633CE533-54DC-4766-A3FF-9B63890D04FC} 2018-03-11 21:17 - 2018-03-11 21:17 - 000004522 _____ C:\Windows\System32\Tasks\Macrium-Backup-{FF442852-A0C9-4832-B050-1F11899A6CE3} 2018-03-11 21:10 - 2018-03-12 20:59 - 000007599 _____ C:\Users\Lonnger\AppData\Local\Resmon.ResmonCfg 2018-03-11 21:01 - 2018-03-11 21:01 - 000642632 _____ (EFD Software ) C:\Users\Lonnger\Downloads\hdtune_255.exe 2018-03-10 16:23 - 2018-03-10 16:23 - 134101976 _____ (Unity Technologies ApS) C:\Users\Lonnger\Downloads\UnitySetup-WebGL-Support-for-Editor-2017.3.1f1.exe 2018-03-10 13:39 - 2018-03-11 21:17 - 000000000 ____D C:\Users\Lonnger\Documents\Reflect 2018-03-10 13:31 - 2018-03-12 21:26 - 000000000 ____D C:\Program Files\Macrium 2018-03-10 13:27 - 2018-03-10 13:30 - 000000000 ____D C:\Users\Lonnger\Downloads\Macrium 2018-03-10 13:26 - 2018-03-12 21:21 - 000000000 ____D C:\ProgramData\Macrium 2018-03-10 13:26 - 2018-03-10 13:26 - 003758120 _____ (Paramount Software UK Ltd) C:\Users\Lonnger\Downloads\ReflectDL.exe 2018-03-10 13:24 - 2018-03-17 11:55 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4294273755-2268356160-3744659399-1001 2018-03-10 13:14 - 2018-03-10 13:15 - 000000000 ____D C:\Users\Lonnger\AppData\Local\Avg 2018-03-10 13:14 - 2018-03-10 13:14 - 001019088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw84c13eeb63e311ba.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw298f8fec42c5468f.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000372920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswd8d8f95071935e95.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000337344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw466e28796ca525d1.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000221096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw4126be2d52be811c.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw52d1f2230a623ff7.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000193024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswb5b2abc56a2bd2e7.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw156d0fd290cefd45.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000166552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw 74584061a5072ce.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000139040 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw45d0099d2f6a3302.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000102720 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw 9739e4e04718e96.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000076760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw 8b7b3451010643f.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000051272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw59261ac8cca15906.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw37d8225bdad04377.tmp 2018-03-10 13:14 - 2018-03-10 13:14 - 000000000 ____D C:\Program Files\Common Files\AVG 2018-03-10 13:12 - 2018-03-12 21:02 - 000000000 ____D C:\Program Files (x86)\EaseUS 2018-03-10 13:12 - 2018-03-10 13:12 - 000000000 ____D C:\ProgramData\SystemAcCrux 2018-03-10 13:12 - 2018-03-10 13:12 - 000000000 ____D C:\Program Files\AVG 2018-03-10 13:11 - 2018-03-10 13:14 - 000000000 ____D C:\ProgramData\AVG 2018-03-10 13:10 - 2018-03-10 13:11 - 003048696 _____ ( ) C:\Users\Lonnger\Downloads\tb_free.exe 2018-03-10 12:04 - 2018-03-10 12:04 - 000000000 ____D C:\Users\Lonnger\Documents\Witcher 2 2018-03-10 12:04 - 2018-03-10 12:04 - 000000000 ____D C:\Users\Lonnger\Documents\The Witcher 3 2018-03-10 12:02 - 2018-03-10 12:02 - 000000000 ____D C:\Users\Lonnger\AppData\Local\Apps\2.0 2018-03-09 18:42 - 2018-03-09 18:55 - 000000000 ____D C:\Users\Lonnger\AppData\Local\Game Dev Tycoon - Steam 2018-03-04 19:45 - 2018-03-04 19:51 - 000000000 ____D C:\Users\Lonnger\Downloads\grafika 2018-03-04 18:16 - 2018-03-04 18:27 - 000000000 ___RD C:\Users\Lonnger\Dropbox 2018-03-02 19:30 - 2018-03-02 20:00 - 000000000 ____D C:\Users\Lonnger\Downloads\gothic 2018-03-01 19:38 - 2018-03-01 19:38 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\NVIDIA 2018-03-01 19:19 - 2018-03-13 21:11 - 000000000 ____D C:\Users\Lonnger\AppData\Local\Warframe 2018-02-27 18:19 - 2018-02-27 18:19 - 000202295 _____ C:\Users\Lonnger\Downloads\libmp3lame-win-3.99.3.zip 2018-02-27 18:17 - 2018-02-27 18:17 - 000000000 ____D C:\Users\Lonnger\Documents\Audacity 2018-02-27 18:03 - 2018-02-27 18:03 - 020248056 _____ (Audacity Team ) C:\Users\Lonnger\Downloads\audacity-win-2.2.2.exe 2018-02-27 18:03 - 2018-02-27 18:03 - 000001041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2018-02-27 18:03 - 2018-02-27 18:03 - 000001029 _____ C:\Users\Public\Desktop\Audacity.lnk 2018-02-25 17:47 - 2018-03-13 21:11 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\TS3Client 2018-02-25 17:45 - 2018-02-25 17:45 - 078082184 _____ (TeamSpeak Systems GmbH) C:\Users\Lonnger\Downloads\TeamSpeak3-Client-win64-3.1.8.exe 2018-02-25 17:45 - 2018-02-25 17:45 - 000000985 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2018-02-25 17:45 - 2018-02-25 17:45 - 000000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk 2018-02-25 17:09 - 2018-02-25 17:09 - 000000783 _____ C:\Users\Lonnger\.productivitypowerpack2017 2018-02-24 22:06 - 2018-02-24 22:06 - 000000000 ____D C:\Users\Lonnger\AppData\Local\SymbolSourceSymbols 2018-02-24 22:06 - 2018-02-24 22:06 - 000000000 ____D C:\Users\Lonnger\AppData\Local\RefSrcSymbols 2018-02-23 23:15 - 2018-02-24 22:06 - 000000000 ____D C:\Users\Lonnger\AppData\Local\JetBrains 2018-02-23 23:15 - 2018-02-24 22:05 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\JetBrains 2018-02-23 23:12 - 2018-02-23 23:15 - 183550016 _____ (JetBrains) C:\Users\Lonnger\Downloads\JetBrains.ReSharperUltimate.2017.3.2.exe 2018-02-23 20:57 - 2018-02-23 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity 2018-02-23 20:57 - 2018-02-23 20:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity 2018-02-23 18:39 - 2018-02-23 18:40 - 000000000 ____D C:\Users\Lonnger\Documents\Godot 2018-02-23 18:38 - 2018-02-23 18:41 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\Godot 2018-02-23 18:32 - 2018-02-23 18:32 - 020174495 _____ C:\Users\Lonnger\Downloads\Godot_v3.0-stable_win64.exe.zip 2018-02-22 19:29 - 2018-02-22 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.3.1f1 (64-bit) 2018-02-22 19:24 - 2018-02-22 19:24 - 000795720 _____ C:\Users\Lonnger\Downloads\UnityDownloadAssistant-2017.3.1f1.exe 2018-02-21 22:46 - 2018-03-05 17:34 - 000000000 ____D C:\Opera 2018-02-21 22:45 - 2018-02-21 22:45 - 001392592 _____ (Opera Software) C:\Users\Lonnger\Downloads\OperaSetup.exe 2018-02-15 23:48 - 2018-03-12 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardew Valley [GOG.com] 2018-02-15 23:48 - 2018-02-23 22:56 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\StardewValley 2018-02-15 23:47 - 2018-02-15 23:47 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-03-17 11:54 - 2014-11-21 05:46 - 001925754 _____ C:\Windows\system32\PerfStringBackup.INI 2018-03-17 11:54 - 2014-11-21 05:07 - 000838356 _____ C:\Windows\system32\perfh015.dat 2018-03-17 11:54 - 2014-11-21 05:07 - 000179220 _____ C:\Windows\system32\perfc015.dat 2018-03-17 11:54 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2018-03-17 11:51 - 2017-04-13 17:38 - 000000000 ____D C:\Users\Lonnger\AppData\LocalLow\Mozilla 2018-03-17 11:50 - 2017-06-11 11:26 - 000001164 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2018-03-17 11:50 - 2017-04-13 17:34 - 000000000 ____D C:\ProgramData\NVIDIA 2018-03-17 11:50 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-03-17 11:49 - 2017-06-13 21:52 - 000000000 ____D C:\Users\Lonnger\AppData\LocalLow\Temp 2018-03-17 11:31 - 2017-06-11 11:26 - 000001168 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2018-03-17 11:21 - 2017-04-13 17:43 - 000000000 ____D C:\Users\Lonnger\AppData\Local\ClassicShell 2018-03-17 11:17 - 2017-09-09 18:23 - 000000000 ____D C:\ProgramData\Baidu Security 2018-03-17 10:25 - 2017-06-11 11:26 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-03-17 10:11 - 2017-11-18 12:45 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-03-17 10:11 - 2017-11-18 12:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-03-16 21:14 - 2017-04-13 18:06 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\KeePass 2018-03-16 20:34 - 2013-08-22 15:44 - 000426344 _____ C:\Windows\system32\FNTCACHE.DAT 2018-03-16 20:18 - 2017-04-12 20:48 - 000000000 __SHD C:\Users\Lonnger\IntelGraphicsProfiles 2018-03-15 21:55 - 2017-04-14 19:04 - 000000000 ____D C:\Users\Lonnger\Documents\Visual Studio 2017 2018-03-15 21:22 - 2017-06-12 21:25 - 000000000 ____D C:\ProgramData\Unity 2018-03-15 21:14 - 2017-06-12 21:07 - 000000000 ____D C:\Users\Public\Documents\Unity Projects 2018-03-15 19:11 - 2017-04-13 18:17 - 000000000 ____D C:\Program Files (x86)\Steam 2018-03-14 22:48 - 2017-04-17 21:49 - 000000000 ____D C:\Windows\system32\appraiser 2018-03-14 22:15 - 2017-04-17 11:17 - 000000000 ____D C:\Windows\system32\MRT 2018-03-14 22:15 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp 2018-03-14 22:14 - 2017-10-12 22:15 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-03-14 22:14 - 2017-04-17 11:17 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-03-12 18:32 - 2017-12-25 16:32 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\audacity 2018-03-12 18:14 - 2018-02-05 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stronghold HD [GOG.com] 2018-03-12 18:14 - 2017-11-11 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sunless Sea [GOG.com] 2018-03-12 18:14 - 2017-11-11 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2018-03-12 18:14 - 2017-04-30 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2018-03-12 18:14 - 2017-04-16 23:19 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-03-12 18:14 - 2017-04-16 23:18 - 000000000 ____D C:\Program Files (x86)\X7 Oscar Keyboard Editor 2018-03-12 18:14 - 2017-04-13 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017 2018-03-12 18:10 - 2017-04-16 22:33 - 000000000 ____D C:\Program Files\Common Files\logishrd 2018-03-12 18:10 - 2017-04-16 22:33 - 000000000 ____D C:\Program Files (x86)\Logitech 2018-03-12 18:09 - 2017-12-03 22:07 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2018-03-12 18:09 - 2017-12-03 22:07 - 000000000 ____D C:\Users\Lonnger\AppData\Local\GitHubDesktop 2018-03-12 18:06 - 2017-08-07 18:47 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\MyPhoneExplorer 2018-03-12 18:05 - 2017-07-10 20:23 - 000000000 ____D C:\Program Files\TrueCrypt 2018-03-12 17:16 - 2017-04-12 19:37 - 000000000 ____D C:\Users\Lonnger 2018-03-11 21:08 - 2017-12-15 19:01 - 000000000 ____D C:\Program Files\CCleaner 2018-03-10 15:56 - 2018-02-11 15:41 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\SyncDroid 2018-03-10 13:20 - 2017-12-14 22:36 - 000000000 ____D C:\Windows\Minidump 2018-03-10 13:20 - 2017-04-19 21:56 - 000000000 ____D C:\Users\Lonnger\AppData\Local\CrashDumps 2018-03-10 13:18 - 2017-04-14 20:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2018-03-04 18:32 - 2017-06-17 22:55 - 000000000 ____D C:\Users\Lonnger\AppData\LocalLow\DefaultCompany 2018-03-04 18:22 - 2017-06-11 11:50 - 000000000 ____D C:\Users\Lonnger\Downloads\ikona 2018-03-04 18:16 - 2017-06-11 11:26 - 000000000 ____D C:\Users\Lonnger\AppData\Local\Dropbox 2018-03-04 18:14 - 2017-06-11 11:28 - 000000000 ___RD C:\Users\Lonnger\Dropbox (Stary) 2018-03-04 16:28 - 2017-04-13 18:00 - 000000000 ____D C:\Users\Lonnger\AppData\Local\GHISLER 2018-03-02 19:11 - 2017-04-12 19:37 - 000000000 ____D C:\Users\Lonnger\AppData\Local\VirtualStore 2018-03-01 22:51 - 2017-08-08 20:19 - 000000000 ____D C:\Users\Lonnger\Documents\My Games 2018-02-27 18:19 - 2017-12-25 16:32 - 000000000 ____D C:\Program Files (x86)\Audacity 2018-02-25 17:45 - 2017-04-30 19:34 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client 2018-02-25 16:59 - 2017-04-13 20:41 - 000000000 ____D C:\Users\Lonnger\AppData\Roaming\Visual Studio Setup 2018-02-25 16:57 - 2018-02-03 15:41 - 000001749 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk 2018-02-25 16:57 - 2018-02-03 15:40 - 000001748 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk 2018-02-25 16:56 - 2018-02-03 15:30 - 000001308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2018-02-25 15:58 - 2017-04-30 18:08 - 000000000 ____D C:\Program Files\Rockstar Games 2018-02-25 15:58 - 2017-04-30 18:08 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2018-02-24 22:06 - 2017-06-16 21:55 - 000000000 ____D C:\Users\Lonnger\AppData\Local\NuGet 2018-02-23 18:38 - 2017-04-13 17:57 - 000000000 ____D C:\Users\Lonnger\AppData\Local\NVIDIA 2018-02-22 20:36 - 2017-06-12 21:25 - 000000000 ____D C:\Users\Lonnger\AppData\LocalLow\Unity 2018-02-22 19:43 - 2018-02-03 15:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2018-02-22 19:41 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-02-22 19:30 - 2017-07-15 14:42 - 000000000 ____D C:\Program Files\Unity 2018-02-15 23:50 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI ==================== Pliki w katalogu głównym wybranych folderów ======= 2018-02-12 22:44 - 2018-02-12 22:44 - 000010749 _____ () C:\Users\Lonnger\AppData\Local\recently-used.xbel 2018-03-11 21:10 - 2018-03-12 20:59 - 000007599 _____ () C:\Users\Lonnger\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-03-15 17:01 ==================== Koniec FRST.txt ============================