Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-03-2017 Uruchomiony przez niko (administrator) NIKO-KOMPUTER (13-04-2017 15:31:24) Uruchomiony z C:\Users\niko\Downloads Załadowane profile: niko (Dostępne profile: niko) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKU\S-1-5-21-3651358100-1429554799-4116503857-1000\...\MountPoints2: {95a7d1cb-a01c-11e5-ae6c-806e6f6e6963} - E:\setup.exe HKU\S-1-5-21-3651358100-1429554799-4116503857-1000\...\MountPoints2: {9dff0d48-a01a-11e5-a37d-806e6f6e6963} - E:\Run.exe ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\niko\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\niko\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\niko\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMGCShellExt64.dll -> Brak pliku ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => -> Brak pliku ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\niko\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\niko\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\niko\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{7BAB2936-23BE-4B7B-84EA-200FD9A5CD69}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=NIS&pvid=21.6.0.32 HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=NIS&pvid=21.6.0.32 HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=NIS&pvid=21.6.0.32 HKU\S-1-5-21-3651358100-1429554799-4116503857-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wp.pl/?dp2=20161124 SearchScopes: HKU\S-1-5-21-3651358100-1429554799-4116503857-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=MSNTLB&PC=IPGTDF&q={searchTerms}&src=IE-SearchBox BHO: Brak nazwy -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Brak pliku BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-30] (Oracle Corporation) BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TSWebMon64.dat => Brak pliku BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation) BHO-x32: Brak nazwy -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> Brak pliku BHO-x32: Brak nazwy -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Brak pliku BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-01-14] (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll [2010-04-27] (Microsoft Corporation) Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll [2010-04-27] (Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 0mk79wj3.default FF ProfilePath: C:\Users\niko\AppData\Roaming\Mozilla\Firefox\Profiles\0mk79wj3.default [2017-04-13] FF Homepage: Mozilla\Firefox\Profiles\0mk79wj3.default -> hxxp://www.wp.pl/?dp2=20161124 FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox FF Extension: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2016-06-15] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2016-06-15] [Brak podpisu cyfrowego] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] () FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll [2010-04-27] (Microsoft Corporation) FF Plugin-x32: @nexon.com/NxGame -> C:\ProgramData\Nexon\NGM\npnxgame.dll [Brak pliku] FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [Brak pliku] FF Plugin HKU\S-1-5-21-3651358100-1429554799-4116503857-1000: @nsroblox.roblox.com/launcher -> C:\Users\niko\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-3651358100-1429554799-4116503857-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\niko\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-3651358100-1429554799-4116503857-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\niko\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1503240-0-npoctoshape.dll [2015-03-24] (Octoshape ApS) FF Plugin HKU\S-1-5-21-3651358100-1429554799-4116503857-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\niko\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP) FF Plugin HKU\S-1-5-21-3651358100-1429554799-4116503857-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\niko\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Users\niko\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2016-01-26] (Octoshape ApS) Chrome: ======= CHR Profile: C:\Users\niko\AppData\Local\Google\Chrome\User Data\Default [2017-04-13] CHR Extension: (Prezentacje Google) - C:\Users\niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-26] CHR Extension: (Dokumenty Google) - C:\Users\niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-26] CHR Extension: (Dysk Google) - C:\Users\niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-26] CHR Extension: (YouTube) - C:\Users\niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-26] CHR Extension: (Arkusze Google) - C:\Users\niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-26] CHR Extension: (Dokumenty Google offline) - C:\Users\niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-31] CHR Extension: (Gmail) - C:\Users\niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-26] CHR Extension: (Chrome Media Router) - C:\Users\niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-31] Opera: ======= OPR Extension: (AdBlock) - C:\Users\niko\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-16] OPR Extension: (Adblock Plus) - C:\Users\niko\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-03-22] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-15] (AVAST Software s.r.o.) S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-15] (AVAST Software) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-02-12] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5560840 2016-06-01] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-15] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-15] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-15] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-15] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-15] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-15] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-15] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-15] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-15] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-03-15] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-15] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-15] (AVAST Software) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-26] (Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-26] (Disc Soft Ltd) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-11] (Intel Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation) R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [40576 2016-03-09] (SteelSeries ApS) R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [52952 2016-08-31] (SteelSeries ApS) R0 flowhlp; system32\drivers\flowhlp.dat [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) NETSVCx32: HpSvc -> Brak ścieżki do pliku. ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-13 15:30 - 2017-04-13 15:30 - 00033280 _____ C:\Users\niko\Desktop\Fixlog.txt 2017-04-13 15:24 - 2017-04-13 15:30 - 00033277 _____ C:\Users\niko\Downloads\Fixlog.txt 2017-04-13 15:23 - 2017-04-13 15:23 - 00011772 _____ C:\Users\niko\Downloads\fixlist.txt 2017-04-13 13:12 - 2017-04-13 13:13 - 00061922 _____ C:\Users\niko\Downloads\Addition.txt 2017-04-13 13:12 - 2017-04-13 13:13 - 00000000 ____D C:\Users\niko\Desktop\Nowy folder (4) 2017-04-13 13:11 - 2017-04-13 13:12 - 00000000 ____D C:\Users\niko\Desktop\Nowy folder (2) 2017-04-13 13:07 - 2017-04-13 13:07 - 04089296 _____ C:\Users\niko\Downloads\adwcleaner_6.045.exe 2017-04-12 21:32 - 2017-04-13 15:31 - 00018523 _____ C:\Users\niko\Downloads\FRST.txt 2017-04-12 21:24 - 2017-04-13 15:31 - 00000000 ____D C:\FRST 2017-04-12 21:24 - 2017-04-12 21:24 - 02424832 _____ (Farbar) C:\Users\niko\Downloads\FRST64.exe 2017-04-12 19:24 - 2017-04-12 19:25 - 16693736 _____ (FACEIT LTD ) C:\Users\niko\Downloads\FACEITInstaller_64.exe 2017-04-09 09:09 - 2017-04-09 09:09 - 00089061 _____ C:\Users\niko\Downloads\LEGO City Undercover (2017) [ISO] [PL] [CODEX].torrent 2017-04-05 08:58 - 2017-04-05 08:58 - 00143837 _____ C:\Users\niko\Downloads\FAKTURA-P-13824482-17030526984386-00070200.pdf 2017-04-05 08:58 - 2017-04-05 08:58 - 00005430 _____ C:\Users\niko\Downloads\FAKTURA-P-13824482-17030526984386-00070200.pdf.xml.sig 2017-04-05 08:58 - 2017-04-05 08:58 - 00005430 _____ C:\Users\niko\Downloads\FAKTURA-P-13824482-17030526984386-00070200.pdf.xml (1).sig 2017-04-05 08:56 - 2017-04-05 08:56 - 00059217 _____ C:\Users\niko\Downloads\ZALACZNIK-P-13824482-17030526984386-00070201.pdf 2017-04-04 14:32 - 2017-04-06 15:59 - 00000000 ____D C:\Users\niko\AppData\Local\LokiMain 2017-04-04 14:28 - 2017-04-04 14:28 - 02272662 _____ C:\Users\niko\Downloads\Loki.rar 2017-04-04 09:21 - 2017-04-04 09:21 - 00101121 _____ C:\Users\niko\Downloads\PROFORMA-121-04-2017 (4).pdf 2017-04-04 09:21 - 2017-04-04 09:21 - 00101121 _____ C:\Users\niko\Downloads\PROFORMA-121-04-2017 (3).pdf 2017-04-04 09:21 - 2017-04-04 09:21 - 00101121 _____ C:\Users\niko\Downloads\PROFORMA-121-04-2017 (2).pdf 2017-04-04 09:21 - 2017-04-04 09:21 - 00101121 _____ C:\Users\niko\Downloads\PROFORMA-121-04-2017 (1).pdf 2017-04-04 09:05 - 2017-04-04 09:21 - 00101121 _____ C:\Users\niko\Downloads\PROFORMA-121-04-2017.pdf 2017-04-01 12:16 - 2017-04-01 12:16 - 00231971 _____ C:\Users\niko\Downloads\wniosek_o_przyjecie_dziecka (1).pdf 2017-04-01 12:09 - 2017-04-01 12:09 - 00245644 _____ C:\Users\niko\Downloads\wniosek_o_przyjecie_dziecka.pdf 2017-04-01 11:53 - 2017-04-01 11:53 - 00242845 _____ C:\Users\niko\Downloads\Mamuśka.pdf 2017-04-01 11:05 - 2017-04-01 11:05 - 00000000 ____D C:\Users\niko\Documents\Bandicam 2017-04-01 11:05 - 2017-04-01 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam 2017-04-01 11:05 - 2017-04-01 11:05 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1 2017-04-01 11:05 - 2017-04-01 11:05 - 00000000 ____D C:\Program Files (x86)\Bandicam 2017-04-01 10:51 - 2017-04-01 10:51 - 08932000 _____ (Solvusoft Corporation ) C:\Users\niko\Downloads\Setup_WinThruster_2016 (1).exe 2017-04-01 10:28 - 2017-04-01 10:28 - 08932000 _____ (Solvusoft Corporation ) C:\Users\niko\Downloads\Setup_WinThruster_2016.exe 2017-04-01 10:23 - 2017-04-01 10:23 - 05154128 _____ C:\Users\niko\Downloads\MorphVOXPro4_Install-325.exe 2017-04-01 10:20 - 2017-04-01 10:20 - 17033192 _____ (Bandicam Company) C:\Users\niko\Downloads\bdcamsetup.exe 2017-03-31 16:06 - 2017-03-31 16:06 - 00000000 ____D C:\Games 2017-03-29 07:18 - 2017-03-29 07:22 - 00000000 ____D C:\Users\niko\AppData\Roaming\vlc 2017-03-29 07:18 - 2017-03-29 07:18 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-03-29 07:18 - 2017-03-29 07:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-03-29 07:18 - 2017-03-29 07:18 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2017-03-29 07:14 - 2017-03-29 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum 2017-03-29 07:14 - 2017-03-29 17:43 - 00000000 ____D C:\Program Files (x86)\DAUM 2017-03-28 07:23 - 2017-03-28 07:23 - 00033744 _____ C:\Users\niko\Downloads\O czym szumią wierzby -The Wind in the Willows [E61-E65] [DVDRip.H264-zyl] [Dubbing PL] (2).torrent 2017-03-28 07:23 - 2017-03-28 07:23 - 00017727 _____ C:\Users\niko\Downloads\IPTV Telewizja Cyfrowa [aktualizacja 27 03 2017] [PL].torrent 2017-03-28 07:22 - 2017-03-28 07:22 - 00057565 _____ C:\Users\niko\Downloads\Na Fali 2 - Surf’s Up 2- WaveMania -2017- [WEB-DL] [XviD-KiT] [Lektor PL].torrent 2017-03-28 07:04 - 2017-03-28 07:04 - 00057558 _____ C:\Users\niko\Downloads\Księżniczka Łabędzi i niezwykła Gwiazdka - The Swan Princess- Royally Undercover -2017- [WEB-DL] [XviD-KiT] [Lektor PL].torrent 2017-03-27 13:58 - 2017-03-27 13:58 - 00027501 _____ C:\Users\niko\Downloads\Baldur's Gate- Enhanced Edition -2013- [MULTI-PL] [GOG] [EXE].torrent 2017-03-25 16:22 - 2017-03-25 16:22 - 00046012 _____ C:\Users\niko\Downloads\Cyberline Racing - PLAZA [PL] [ENG] [iso].torrent 2017-03-20 11:12 - 2017-03-20 11:12 - 00112086 _____ C:\Users\niko\Downloads\Moj_Orange.pdf 2017-03-20 11:11 - 2017-03-20 11:11 - 00060104 _____ C:\Users\niko\Downloads\Pani_Zofia_Gruszka.pdf 2017-03-20 11:11 - 2017-03-20 11:11 - 00019430 _____ C:\Users\niko\Downloads\(brak nazwy) 2017-03-15 17:44 - 2017-03-15 17:08 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-03-15 17:33 - 2017-03-15 17:33 - 06656568 _____ (AVAST Software) C:\Users\niko\Downloads\avast! Free Antivirus 2017 17.2.2288 [1].exe 2017-03-15 17:27 - 2017-03-15 17:27 - 03470136 _____ (AVG Technologies CZ, s.r.o.) C:\Users\niko\Downloads\AVG_Protection_806.exe 2017-03-15 17:23 - 2017-03-15 17:27 - 00000000 ____D C:\Users\niko\AppData\Local\AvgSetupLog 2017-03-15 17:23 - 2017-03-15 17:23 - 03449448 _____ (AVG Technologies CZ, s.r.o.) C:\Users\niko\Downloads\Antivirus_Free_1866.exe 2017-03-15 17:13 - 2017-03-15 17:13 - 06654960 _____ (AVAST Software) C:\Users\niko\Downloads\avast_free_antivirus_setup_online.exe 2017-03-15 17:08 - 2017-03-15 21:52 - 00000034 _____ C:\Windows\AvEmUpdate.ini 2017-03-15 17:08 - 2017-03-15 17:08 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-03-15 17:08 - 2017-03-15 17:08 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2017-03-15 17:08 - 2017-03-15 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2017-03-15 17:03 - 2017-03-15 17:03 - 00000000 ____D C:\Program Files\AVAST Software 2017-03-15 17:01 - 2017-03-15 17:01 - 00000000 ____D C:\ProgramData\AVAST Software 2017-03-15 15:26 - 2017-03-15 15:26 - 00017363 _____ C:\Users\niko\Downloads\rules.zip 2017-03-15 15:26 - 2017-03-15 15:26 - 00008026 _____ C:\Users\niko\Downloads\rules-e.zip 2017-03-15 15:26 - 2017-03-15 15:26 - 00004399 _____ C:\Users\niko\Downloads\mission1.zip 2017-03-15 15:26 - 2017-03-15 15:26 - 00003513 _____ C:\Users\niko\Downloads\tutorial.zip 2017-03-15 15:26 - 2017-03-15 15:26 - 00002706 _____ C:\Users\niko\Downloads\mission2.zip 2017-03-15 15:26 - 2017-03-15 15:26 - 00001918 _____ C:\Users\niko\Downloads\aftrmath.zip 2017-03-15 15:26 - 2017-03-15 15:26 - 00000341 _____ C:\Users\niko\Downloads\mplayer.zip 2017-03-15 15:17 - 2017-03-15 15:17 - 00011619 _____ C:\Users\niko\Downloads\ini-files-06.zip 2017-03-15 15:11 - 2017-03-15 15:30 - 00000000 ____D C:\LEGO Worlds 2017-03-15 14:51 - 2017-03-15 14:51 - 00000000 ____D C:\Program Files\BDServices 2017-03-15 13:51 - 2017-03-15 13:51 - 00028584 _____ C:\Users\niko\Downloads\KOŚ MINIONKU, KOŚ - MOWER MINIONS -2016- MULTI.1080P.BLURAY.AC3.X264-TPX [DUBBING PL] [ALUSIA].torrent 2017-03-15 13:14 - 2017-03-15 13:14 - 00198123 _____ C:\Users\niko\Downloads\zalacznik1_nnw_13222006286_20170313153033 (1).pdf 2017-03-15 13:14 - 2017-03-15 13:14 - 00193594 _____ C:\Users\niko\Downloads\zalacznik1_nnw_00252809530_20170313153033.pdf 2017-03-15 13:14 - 2017-03-15 13:14 - 00193590 _____ C:\Users\niko\Downloads\zalacznik1_nnw_06311410132_20170313153033.pdf 2017-03-15 13:14 - 2017-03-15 13:14 - 00177358 _____ C:\Users\niko\Downloads\682_0117_z.pdf 2017-03-15 13:11 - 2017-03-15 13:11 - 00198123 _____ C:\Users\niko\Downloads\zalacznik1_nnw_13222006286_20170313153033.pdf 2017-03-15 13:11 - 2017-03-15 13:11 - 00192181 _____ C:\Users\niko\Downloads\polisa_nnw_82062114424_20170313153033.pdf 2017-03-14 16:54 - 2017-03-14 16:54 - 2155592858 _____ C:\Users\niko\Downloads\Lego Worlds (v1.0).rar 2017-03-14 15:28 - 2017-03-14 15:28 - 01446792 _____ C:\Users\niko\Downloads\LEGO Worlds [1].exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-04-13 15:29 - 2015-12-11 17:41 - 00000000 ____D C:\ProgramData\NVIDIA 2017-04-13 15:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-13 15:26 - 2015-12-15 21:09 - 00000000 ___SD C:\Users\niko\AppData\LocalLow\Temp 2017-04-13 15:25 - 2016-06-24 09:22 - 00000000 ____D C:\Windows\pss 2017-04-13 14:44 - 2015-12-21 18:26 - 00000396 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job 2017-04-13 13:17 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-04-13 13:17 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-04-13 13:16 - 2016-03-16 17:02 - 00000000 ____D C:\Program Files (x86)\Steam 2017-04-13 13:16 - 2010-11-21 14:53 - 00851350 _____ C:\Windows\system32\perfh015.dat 2017-04-13 13:16 - 2010-11-21 14:53 - 00192658 _____ C:\Windows\system32\perfc015.dat 2017-04-13 13:16 - 2009-07-14 07:13 - 01897380 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-13 13:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-04-13 10:04 - 2017-02-14 17:00 - 00000000 ____D C:\Users\niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2017-04-12 20:21 - 2016-06-12 14:50 - 00000000 ____D C:\Users\niko\AppData\Roaming\TS3Client 2017-04-12 18:16 - 2016-06-15 18:16 - 00000660 _____ C:\Windows\Tasks\hpwebreg_CN0CF3J1F905HW.job 2017-04-11 19:53 - 2015-12-11 19:24 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-04-11 19:53 - 2015-12-11 19:24 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-04-11 19:53 - 2015-12-11 19:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-04-11 19:53 - 2015-12-11 19:24 - 00000000 ____D C:\Windows\system32\Macromed 2017-04-11 17:56 - 2015-12-11 18:32 - 00000000 ____D C:\Users\niko\AppData\Roaming\Azureus 2017-04-11 13:53 - 2009-07-14 07:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-04-08 18:48 - 2016-08-25 12:54 - 00000000 ____D C:\Users\niko\Desktop\Nowy folder (3) 2017-04-08 14:48 - 2015-12-26 14:39 - 00000000 ____D C:\Users\niko\AppData\Local\CrashDumps 2017-04-04 14:53 - 2017-03-04 13:45 - 00000000 ____D C:\Users\niko\Downloads\intro16template 2017-04-01 11:04 - 2017-03-13 18:33 - 00000000 ____D C:\Users\niko\AppData\Local\IIIQF 2017-03-30 14:47 - 2016-07-26 21:44 - 00002205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-03-30 14:47 - 2016-07-26 21:44 - 00002193 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-03-30 14:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache 2017-03-29 17:44 - 2016-08-06 12:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-03-22 08:19 - 2015-12-11 18:26 - 00000000 ____D C:\Program Files (x86)\Opera 2017-03-15 17:58 - 2017-02-28 15:39 - 00000000 ____D C:\Program Files (x86)\Mehition 2017-03-15 17:08 - 2015-12-14 18:00 - 00000000 ____D C:\Program Files\Common Files\AV 2017-03-15 15:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Portable Devices 2017-03-15 15:17 - 2016-11-23 12:50 - 00000000 ____D C:\Users\niko\Desktop\Nowy folder 2017-03-14 20:53 - 2016-02-04 15:34 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-02-25 14:07 - 2017-02-25 14:07 - 0000000 ___SH () C:\Users\niko\AppData\Local\LumaEmu 2016-09-28 19:51 - 2016-09-28 19:51 - 0007601 _____ () C:\Users\niko\AppData\Local\Resmon.ResmonCfg Pliki do przeniesienia lub usunięcia: ==================== C:\Users\niko\minecraft story mode - installshield wizard.exe Niektóre pliki w TEMP: ==================== 2016-04-17 18:57 - 2016-04-17 11:41 - 0579028 _____ ( ) C:\Users\niko\AppData\Local\Temp\23333.exe 2016-04-17 19:41 - 2016-04-17 19:41 - 0000000 _____ () C:\Users\niko\AppData\Local\Temp\342E.tmp.exe 2017-03-15 15:51 - 2017-03-15 15:51 - 1150603 _____ (Hekedugani ) C:\Users\niko\AppData\Local\Temp\46D9.tmp.exe 2017-03-15 15:39 - 2017-03-15 15:39 - 1150603 _____ (Hekedugani ) C:\Users\niko\AppData\Local\Temp\4AED.tmp.exe 2016-04-17 19:41 - 2016-04-17 19:41 - 0000000 _____ () C:\Users\niko\AppData\Local\Temp\522.tmp.exe 2016-04-17 19:41 - 2016-04-17 19:41 - 0000000 _____ () C:\Users\niko\AppData\Local\Temp\54F4.tmp.exe 2017-03-15 17:00 - 2017-03-15 17:00 - 1150603 _____ (Hekedugani ) C:\Users\niko\AppData\Local\Temp\77B0.tmp.exe 2017-03-15 16:55 - 2017-03-15 16:55 - 1150603 _____ (Hekedugani ) C:\Users\niko\AppData\Local\Temp\94FE.tmp.exe 2017-03-15 16:37 - 2017-03-15 16:37 - 1150603 _____ (Hekedugani ) C:\Users\niko\AppData\Local\Temp\A7A0.tmp.exe 2017-03-15 16:50 - 2017-03-15 16:50 - 1150603 _____ (Hekedugani ) C:\Users\niko\AppData\Local\Temp\B01B.tmp.exe 2016-07-01 21:25 - 2016-07-01 21:25 - 0000000 _____ () C:\Users\niko\AppData\Local\Temp\BackupSetup.exe 2017-01-26 09:26 - 2017-01-26 09:26 - 4297200 _____ (Bandicam Company) C:\Users\niko\AppData\Local\Temp\bdfilters.dll 2016-07-01 19:23 - 2016-07-01 19:31 - 54067872 _____ (UCWeb Inc.) C:\Users\niko\AppData\Local\Temp\Browser_V5.6.12150.8_r_4726_(Build1604251144).exe 2016-09-23 15:02 - 2016-09-23 15:07 - 51406224 _____ (UCWeb Inc.) C:\Users\niko\AppData\Local\Temp\Browser_V5.6.14087.902_r_4644_(Build1608021049).exe 2017-03-15 15:39 - 2017-03-15 15:43 - 51179792 _____ (UCWeb Inc.) C:\Users\niko\AppData\Local\Temp\Browser_V6.0.1471.913_r_4728_(Build1702151518).exe 2017-03-15 15:44 - 2017-03-15 15:51 - 301467016 _____ (Duodian Technology Co. Ltd.) C:\Users\niko\AppData\Local\Temp\c9ce6fdbe0c8474580a2ed9c3688c372.exe 2017-03-15 16:31 - 2017-03-15 16:31 - 1150603 _____ (Hekedugani ) C:\Users\niko\AppData\Local\Temp\CA9A.tmp.exe 2016-04-17 19:41 - 2016-04-17 19:41 - 0000000 _____ () C:\Users\niko\AppData\Local\Temp\D635.tmp.exe 2017-03-15 16:44 - 2017-03-15 16:45 - 1150603 _____ (Hekedugani ) C:\Users\niko\AppData\Local\Temp\E4A1.tmp.exe 2017-03-15 15:43 - 2017-03-15 15:43 - 1958888 _____ (深圳市史宾赛科技有限公司) C:\Users\niko\AppData\Local\Temp\FlowSpritSetup_slnt_5011.exe 2016-04-17 18:53 - 2016-04-17 18:53 - 0073216 _____ () C:\Users\niko\AppData\Local\Temp\hpnrVhWlai.exe 2016-04-11 13:16 - 2017-04-10 18:09 - 0035680 _____ () C:\Users\niko\AppData\Local\Temp\i4jdel0.exe 2017-04-09 09:15 - 2017-04-09 09:15 - 0035680 _____ () C:\Users\niko\AppData\Local\Temp\i4jdel1.exe 2016-08-08 11:36 - 2016-08-08 11:36 - 0019968 ____N (Red Hat®, Inc.) C:\Users\niko\AppData\Local\Temp\jansi-64-1152707388725942839.dll 2016-07-30 11:01 - 2016-07-30 11:01 - 0741440 _____ (Oracle Corporation) C:\Users\niko\AppData\Local\Temp\jre-8u101-windows-au.exe 2016-09-23 15:07 - 2016-09-23 15:07 - 5152490 _____ () C:\Users\niko\AppData\Local\Temp\KuaiZip.exe 2016-06-10 14:27 - 2016-03-09 22:39 - 4839768 ____N (Conexant Systems, Inc.) C:\Users\niko\AppData\Local\Temp\KUIU.EXE 2016-04-17 18:51 - 2016-04-17 18:51 - 0222720 _____ () C:\Users\niko\AppData\Local\Temp\L0daK6veHT.exe 2016-07-01 21:26 - 2016-07-01 21:28 - 68445112 _____ (www.ludashi.com) C:\Users\niko\AppData\Local\Temp\ludashisetup.exe 2016-11-27 10:52 - 2016-11-27 10:52 - 0091784 _____ (MegaBackup Corp) C:\Users\niko\AppData\Local\Temp\MegaBackup.exe 2017-02-01 09:28 - 2017-02-01 09:28 - 0210840 _____ () C:\Users\niko\AppData\Local\Temp\mininewsrepair.exe 2010-06-14 22:19 - 2010-06-14 22:19 - 0353112 ____R (Microsoft Corporation) C:\Users\niko\AppData\Local\Temp\MSNEA10.exe 2016-07-13 12:13 - 2016-07-08 16:53 - 0216920 _____ (Nexon) C:\Users\niko\AppData\Local\Temp\NGM.exe 2016-07-08 16:53 - 2016-07-08 16:53 - 1333080 _____ (Nexon) C:\Users\niko\AppData\Local\Temp\NGMDll.dll 2016-07-08 16:53 - 2016-07-13 12:13 - 0683792 _____ (Nexon) C:\Users\niko\AppData\Local\Temp\NGMResource.dll 2016-04-17 18:57 - 2016-04-17 18:58 - 3488648 _____ (Kingsoft Corp. Ltd.) C:\Users\niko\AppData\Local\Temp\OfficeAssist.0744.80.1211.exe 2016-04-17 18:58 - 2016-04-17 19:05 - 47872352 _____ () C:\Users\niko\AppData\Local\Temp\qqpcmgr_v10.11.16588.235_72623_Silence.exe 2016-04-17 18:59 - 2016-04-17 19:01 - 51369152 _____ () C:\Users\niko\AppData\Local\Temp\qqpcmgr_v11.4.17339.217_45390_Silence.exe 2014-11-25 15:34 - 2014-11-25 15:34 - 0012288 _____ () C:\Users\niko\AppData\Local\Temp\rp123.exe 2016-07-01 19:23 - 2016-09-18 17:51 - 1513697 _____ ( ) C:\Users\niko\AppData\Local\Temp\setup.exe 2016-04-17 18:51 - 2016-04-17 18:53 - 36698112 _____ (IMALI - N.I. MEDIA LTD) C:\Users\niko\AppData\Local\Temp\tmpABBF.tmp.exe 2016-07-08 16:53 - 2016-07-08 16:53 - 0258352 _____ (Microsoft Corporation) C:\Users\niko\AppData\Local\Temp\unicows.dll 2016-07-01 21:24 - 2016-07-01 21:24 - 0061981 _____ () C:\Users\niko\AppData\Local\Temp\Uninstall.exe 2017-01-21 20:42 - 2017-01-21 20:42 - 0349400 _____ (Lavasoft) C:\Users\niko\AppData\Local\Temp\WcInstaller.exe 2016-07-24 10:26 - 2016-07-24 10:26 - 0342680 _____ (Lavasoft) C:\Users\niko\AppData\Local\Temp\WebCompanionInstaller.exe 2006-05-24 19:10 - 2006-05-24 19:10 - 0455600 ____R (Macrovision Corporation) C:\Users\niko\AppData\Local\Temp\_is1C49.exe 2006-05-24 06:10 - 2006-05-24 06:10 - 0455600 ____R (Macrovision Corporation) C:\Users\niko\AppData\Local\Temp\_isE04.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-12-24 10:34 ==================== Koniec FRST.txt ============================