ADVERTISEMENT

FRST.txt

Porno wirus w Operze - reklamy mimo czyszczenia Malwarebytes i ADWCleaner

Wydawało mi się, że zamieszczałem. Proszę


Download file - link to post

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 11-07-2017
Uruchomiony przez Z3Power (administrator) Z3POWER-STATION (12-07-2017 03:23:27)
Uruchomiony z C:\Users\Z3Power\Desktop\Wirus
Załadowane profile: Z3Power (Dostępne profile: Z3Power)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 8 (Domyślna przeglądarka: Opera)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Arcai.com) C:\Program Files (x86)\netcut\services\aips.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\46.0.2597.39\opera.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe

==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] = & gt; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-12] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] = & gt; C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2000-01-01] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] = & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [BrStsMon00] = & gt; C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia & lt; ==== UWAGA
HKU\S-1-5-21-3749661018-2230307346-3248737532-1000\...\Run: [Xvid] = & gt; powershell.exe -nologo -WindowStyle hidden -Noninteractive -NoProfile -ExecutionPolicy Bypass -File " C:\Program Files (x86)\Xvid\CheckUpdate.ps1 "
HKU\S-1-5-21-3749661018-2230307346-3248737532-1000\...\MountPoints2: {1ea0bc16-fbdf-11e3-be96-806e6f6e6963} - G:\Setup.exe
HKU\S-1-5-21-3749661018-2230307346-3248737532-1000\...\MountPoints2: {dd2f694f-fbae-11e3-a397-806e6f6e6963} - F:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-09-17]
ShortcutTarget: SteelSeries Engine 3.lnk - & gt; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
GroupPolicy: Ograniczenia - Chrome & lt; ==== UWAGA
GroupPolicy\User: Ograniczenia & lt; ==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{DA83FB26-0C91-4B77-9772-36C5017816DD}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006 & q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3749661018-2230307346-3248737532-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM - & gt; DefaultScope - brak wartości
SearchScopes: HKLM-x32 - & gt; DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006 & q={searchTerms}
SearchScopes: HKLM-x32 - & gt; {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006 & q={searchTerms}
SearchScopes: HKU\.DEFAULT - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - & gt; DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3749661018-2230307346-3248737532-1000 - & gt; DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006 & q={searchTerms}
SearchScopes: HKU\S-1-5-21-3749661018-2230307346-3248737532-1000 - & gt; {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006 & q={searchTerms}
BHO: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-07-12] (AVAST Software)
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-20] (Oracle Corporation)
BHO-x32: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-07-12] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-20] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: azpxdor8.default
FF ProfilePath: C:\Users\Z3Power\AppData\Roaming\Mozilla\Firefox\Profiles\azpxdor8.default [2017-07-12]
FF Extension: (Greasemonkey) - C:\Users\Z3Power\AppData\Roaming\Mozilla\Firefox\Profiles\azpxdor8.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-05-19] [Brak podpisu cyfrowego]
FF Extension: (Brak nazwy) - C:\Users\Z3Power\AppData\Roaming\Mozilla\Firefox\Profiles\azpxdor8.default\extensions\sweetsearch@gmail.com [nie znaleziono]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - & gt; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - & gt; C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Brak pliku]
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - & gt; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3749661018-2230307346-3248737532-1000: @unity3d.com/UnityPlayer,version=1.0 - & gt; C:\Users\Z3Power\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default [2017-07-12]
CHR Extension: (Prezentacje Google) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-29]
CHR Extension: (BetterTTV) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-29]
CHR Extension: (Dysk Google) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-29]
CHR Extension: (YouTube) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-29]
CHR Extension: (Avast SafePrice) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-03]
CHR Extension: (EditThisCookie) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-03-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-29]
CHR Extension: (Avast Online Security) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-04-30]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-29]
CHR Extension: (Chrome Media Router) - C:\Users\Z3Power\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-06]
CHR HKU\S-1-5-21-3749661018-2230307346-3248737532-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx & lt; nie znaleziono & gt;
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx & lt; nie znaleziono & gt;

Opera:
=======
OPR Session Restore: - & gt; [funkcja włączona]
OPR Extension: (Le Lenny Face) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\apbjhmeabebkfjlofaofoilpinafalom [2016-08-17]
OPR Extension: (FACEIT HELPER) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\bjdhcabjnhhifipbnopnfpfidkafanjf [2017-03-25]
OPR Extension: (Stylish) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\bofnhkejmonldphklejelehlhhoecceg [2015-08-06]
OPR Extension: (Steam Inventory Helper) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-06-30]
OPR Extension: (BetterTTV) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\deofbbdfofnmppcjbhjibgodpcdchjii [2015-07-31]
OPR Extension: (Video Downloader professional) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-07-05]
OPR Extension: (PDF Viewer) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\encfpfilknmenlmjemepncnlbbjlabkc [2015-08-06]
OPR Extension: (FBDown Video Downloader) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2017-06-15]
OPR Extension: (Twitch Now) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiahmjdojdodmjjhhddegdnhcpjmokmo [2017-05-29]
OPR Extension: (Unseen) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\iicapmagmhahddefgokbabbgieiogjop [2017-03-19]
OPR Extension: (Mauf - Custom Messenger Colors) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\jfjnmganegfpajpgchndgfjbljnehink [2017-04-28]
OPR Extension: (Steam Price History Graph) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\jghllajalkgfapinibcgcdnfccncmapl [2015-04-07]
OPR Extension: (Download Chrome Extension) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2017-02-10]
OPR Extension: (Group Admin Helper) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\ndhgpffkbkcdocmceaoeibioilmmbpjn [2017-06-04]
OPR Extension: (Adblock Plus) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-03-23]
OPR Extension: (Oddshot) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\olnoeeagkgpkplnhmnnlgodjnjgckhja [2017-06-30]
OPR Extension: (Twitch Giveaways) - C:\Users\Z3Power\AppData\Roaming\Opera Software\Opera Stable\Extensions\poohjpljfecljomfhhimjhddddlidhdd [2017-07-02]

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Brak podpisu cyfrowego]
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Brak podpisu cyfrowego]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-12] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-12] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-05-09] ()
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124120 2015-08-30] (altPUG LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [389392 2016-11-02] (EasyAntiCheat Ltd)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2016-04-12] ()
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-10-10] (Hi-Rez Studios) [Brak podpisu cyfrowego]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2000-01-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7987104 2017-04-10] (INCA Internet Co., Ltd.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-06-22] (Copyright (c) 2017 Plays.tv, LLC)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Brak podpisu cyfrowego]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [319984 2017-07-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198944 2017-07-12] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343264 2017-07-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57704 2017-07-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-07-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41800 2017-07-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146664 2017-07-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-07-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-07-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015848 2017-07-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-07-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-07-12] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-05-15] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-07-12] (AVAST Software)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [100488 2017-06-27] ( & lt; Turtle Entertainment & gt; )
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2000-01-01] (Intel Corporation)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2016-08-04] (Nicomsoft Ltd.)
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [40576 2016-03-09] (SteelSeries ApS)
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [52952 2016-08-31] (SteelSeries ApS)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-07-12 02:42 - 2017-07-12 02:42 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-12 02:38 - 2017-07-12 02:38 - 00000000 ____D C:\Users\Z3Power\Desktop\CCleaner
2017-07-12 02:20 - 2017-07-12 03:23 - 00000000 ____D C:\Users\Z3Power\Desktop\Wirus
2017-07-12 02:09 - 2017-07-12 02:09 - 00680356 _____ C:\Users\Z3Power\Downloads\CpuCoreParking3.zip
2017-07-12 02:09 - 2011-05-03 13:40 - 00000000 ____D C:\Users\Z3Power\Desktop\Unpark-CPU-App
2017-07-12 02:08 - 2017-07-12 02:08 - 00546199 _____ C:\Users\Z3Power\Downloads\Unpark-CPU-App.zip
2017-07-12 02:05 - 2017-07-12 02:05 - 00400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-07-12 02:00 - 2017-07-12 02:00 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-07-12 01:54 - 2017-07-12 01:54 - 00000055 _____ C:\Users\Z3Power\Desktop\Nowy dokument tekstowy.txt
2017-07-12 00:50 - 2017-07-12 00:50 - 00000000 ____D C:\Users\Z3Power\AppData\Local\Tempzxpsign3900ec498987c4e6
2017-07-11 17:20 - 2017-07-11 17:20 - 00000000 ____D C:\Users\Z3Power\AppData\Local\Tempzxpsign7611937e2a8cd56a
2017-07-11 16:35 - 2017-07-11 16:35 - 01801229 _____ C:\Users\Z3Power\Downloads\simpleradar.rar
2017-07-11 16:34 - 2017-07-11 16:34 - 00004732 _____ C:\Users\Z3Power\Downloads\dm2.cfg
2017-07-11 16:34 - 2017-07-11 16:34 - 00004732 _____ C:\Users\Z3Power\Downloads\dm.cfg
2017-07-11 16:34 - 2017-07-11 16:34 - 00004730 _____ C:\Users\Z3Power\Downloads\dm3.cfg
2017-07-11 16:17 - 2017-07-11 16:17 - 00005117 _____ C:\Users\Z3Power\Downloads\script.cfg
2017-07-11 16:05 - 2017-07-11 16:05 - 00004838 _____ C:\Users\Z3Power\Downloads\practice.7z
2017-07-11 15:53 - 2017-07-11 15:53 - 00014008 _____ C:\Users\Z3Power\Downloads\Text_Color_Mod_3.2_by_BananaGaming.zip
2017-07-11 14:49 - 2017-07-11 14:49 - 05578820 _____ C:\Users\Z3Power\Downloads\csgo_blaki.txt
2017-07-11 14:23 - 2017-07-11 14:23 - 01196254 _____ C:\Users\Z3Power\Downloads\server_cfg.zip
2017-07-11 14:23 - 2017-07-11 14:23 - 00000000 ____D C:\Users\Z3Power\Desktop\SRDCS
2017-07-11 13:12 - 2017-07-11 13:12 - 03010000 _____ C:\Users\Z3Power\Downloads\CSGO Map Veto BETA.zip
2017-07-10 00:09 - 2017-07-12 00:37 - 00209920 ___SH C:\Users\Z3Power\Desktop\Thumbs.db
2017-07-07 21:26 - 2017-07-07 21:26 - 00000000 ____D C:\_OTL
2017-07-07 16:23 - 2017-07-07 16:44 - 00000000 ____D C:\Users\Z3Power\Documents\FIFA 14
2017-07-07 16:04 - 2017-07-07 16:04 - 00000000 ____D C:\Users\Z3Power\.Origin
2017-07-07 01:10 - 2017-07-12 01:07 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2017-07-06 16:51 - 2017-07-06 16:51 - 00138553 _____ C:\Users\Z3Power\Downloads\19806459_446985918993151_6947088598889922560_n.mp4
2017-07-06 13:54 - 2017-07-06 13:54 - 04890481 _____ C:\Users\Z3Power\Downloads\Fwd_Creative_wprowadza_nowe_letnie_kolory.zip
2017-07-06 00:50 - 2017-07-06 00:50 - 13724729 _____ C:\Users\Z3Power\Downloads\Ten pogrzeb wpadka.mp4
2017-07-05 15:26 - 2017-07-05 15:26 - 00447987 _____ C:\Users\Z3Power\Desktop\zgoda.pdf
2017-07-05 00:57 - 2017-07-05 00:57 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\Screaming Bee
2017-07-05 00:57 - 2017-07-05 00:57 - 00000000 ____D C:\ProgramData\Screaming Bee
2017-07-05 00:54 - 2017-07-05 00:54 - 06740464 _____ C:\Users\Z3Power\Desktop\MorphVOXPro4_Install-1.exe
2017-07-03 23:42 - 2017-07-04 00:03 - 00000000 ____D C:\Users\Z3Power\Desktop\MINIATURKA CSGO
2017-07-03 23:36 - 2017-07-03 23:42 - 45881822 _____ C:\Users\Z3Power\Downloads\MINIATURKA CSGO.rar
2017-07-03 23:36 - 2017-07-03 23:36 - 00000000 ____D C:\Users\Z3Power\AppData\Local\Tempzxpsign2623076ccb35fcd0
2017-07-03 23:35 - 2017-07-03 23:35 - 09394848 _____ C:\Users\Z3Power\Downloads\Miniaturka templete CS GO.rar
2017-07-03 23:35 - 2015-02-13 23:25 - 00000000 ____D C:\Users\Z3Power\Desktop\Miniaturka templete CS GO
2017-07-02 23:16 - 2017-07-02 23:16 - 26358211 _____ C:\Users\Z3Power\Downloads\POWTÓRZENIE.pdf
2017-07-02 21:26 - 2017-07-02 21:27 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\discordsdk
2017-07-02 21:26 - 2017-07-02 21:26 - 00000000 ____D C:\Users\Z3Power\Documents\SavedGames
2017-07-02 21:25 - 2017-07-02 21:25 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2017-07-01 16:27 - 2017-07-01 16:27 - 00088211 _____ C:\Users\Z3Power\Downloads\Muzyczne_lato_2017.pdf
2017-07-01 16:27 - 2017-07-01 16:27 - 00043952 _____ C:\Users\Z3Power\Downloads\kino_Letnie_2017.pdf
2017-07-01 16:26 - 2017-07-01 16:26 - 00154227 _____ C:\Users\Z3Power\Downloads\wydarzenia-30.06-2-07-2017.pdf
2017-06-28 13:51 - 2017-06-28 13:51 - 02203969 _____ C:\Users\Z3Power\Downloads\mini_poradnik_fotografii.pdf
2017-06-28 12:51 - 2017-06-28 12:52 - 00000000 ____D C:\ProgramData\digiCamControl
2017-06-28 12:41 - 2017-06-28 12:35 - 1344588133 ____N C:\Users\Z3Power\Desktop\DSC_2174.MOV
2017-06-28 12:41 - 2017-06-28 12:19 - 115633095 ____N C:\Users\Z3Power\Desktop\DSC_2173.MOV
2017-06-27 20:55 - 2017-06-27 20:55 - 02553495 _____ C:\Users\Z3Power\Desktop\creeepy.mp4
2017-06-27 20:26 - 2017-06-27 20:26 - 00030186 _____ C:\Users\Z3Power\Downloads\document.pdf
2017-06-27 20:07 - 2017-06-27 20:07 - 00000000 ____D C:\Users\Z3Power\AppData\LocalLow\AMD
2017-06-27 12:21 - 2017-06-27 12:21 - 00003158 _____ C:\Windows\System32\Tasks\StartCN
2017-06-27 12:21 - 2017-06-27 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-06-27 12:20 - 2017-06-27 12:20 - 00000000 ____D C:\Program Files (x86)\AMD
2017-06-27 11:23 - 2017-06-27 11:23 - 00060000 _____ C:\Users\Z3Power\Downloads\radeon-crimson-relive-17.6.2-minimalsetup-170613_64bit.exe
2017-06-23 14:32 - 2017-07-08 14:16 - 00013915 _____ C:\Users\Z3Power\Desktop\Rower.xlsx
2017-06-22 23:55 - 2017-06-22 23:55 - 00000000 ____D C:\Users\Z3Power\AppData\Local\MusicMaker
2017-06-22 21:41 - 2017-06-22 21:41 - 00000000 ____D C:\Users\Z3Power\Documents\MAGIX pobrane
2017-06-22 21:40 - 2017-06-22 21:40 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2017-06-22 21:39 - 2017-06-22 21:41 - 00000000 ___RD C:\Users\Z3Power\Documents\MAGIX
2017-06-22 21:38 - 2017-06-22 21:40 - 00000000 ____D C:\ProgramData\Magix
2017-06-22 21:38 - 2017-06-22 21:38 - 00000000 ____D C:\ProgramData\simplitec
2017-06-22 21:38 - 2017-06-22 21:38 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2017-06-22 21:33 - 2017-06-22 21:40 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\MAGIX
2017-06-22 21:33 - 2017-06-22 21:33 - 00000000 ____D C:\Users\Z3Power\Documents\MAGIX Downloads
2017-06-22 16:28 - 2017-06-22 16:28 - 12478345 _____ C:\Users\Z3Power\Downloads\DD_Invitation_Template_87600.zip
2017-06-22 16:26 - 2017-06-22 16:26 - 05480619 _____ C:\Users\Z3Power\Downloads\Abstract-geometric-grey-patterns-pack.zip
2017-06-22 16:16 - 2017-06-22 16:16 - 00000000 ____D C:\Users\Z3Power\AppData\Local\Tempzxpsign452f3279a99c2527
2017-06-22 16:15 - 2017-06-22 16:15 - 01018142 _____ C:\Users\Z3Power\Downloads\zaproszenia-a5-psd.zip
2017-06-20 22:50 - 2017-06-20 22:50 - 00328058 _____ C:\Users\Z3Power\Downloads\Fwd_Inteligentne_zarowki_TP-Link_Steruj_s.zip
2017-06-20 20:00 - 2017-07-05 15:25 - 00002699 _____ C:\Users\Z3Power\Desktop\Oferty.txt
2017-06-20 19:47 - 2017-06-20 19:47 - 00000000 ____D C:\Users\Z3Power\AppData\Local\Tempzxpsign6f2c496152a5953c
2017-06-17 00:38 - 2017-07-12 00:20 - 00000000 ____D C:\Users\Z3Power\Desktop\Klasa
2017-06-16 11:08 - 2017-06-16 11:08 - 01736711 _____ C:\Users\Z3Power\Downloads\1s1k_plugin.zip
2017-06-15 16:40 - 2017-06-15 16:42 - 167025023 _____ C:\Users\Z3Power\Downloads\OBS-Studio-18.0.1-Full.zip
2017-06-15 00:41 - 2017-06-15 00:41 - 00001033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2017.lnk
2017-06-14 00:41 - 2017-06-14 00:41 - 00547229 _____ C:\Users\Z3Power\Downloads\19028827_1912298409014140_671791683196682240_n.mp4
2017-06-12 23:36 - 2017-06-14 14:04 - 00000000 ____D C:\Users\Z3Power\AppData\Local\PAYDAY 2
2017-06-12 23:36 - 2017-06-12 23:36 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-12 23:36 - 2017-06-12 23:36 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-06-12 23:14 - 2017-06-12 23:14 - 09446336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2017-06-12 23:14 - 2017-06-12 23:14 - 07663888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2017-06-12 23:14 - 2017-06-12 23:14 - 00543112 _____ C:\Windows\system32\dgtrayicon.exe
2017-06-12 23:14 - 2017-06-12 23:14 - 00522632 _____ C:\Windows\system32\GameManager64.dll
2017-06-12 23:14 - 2017-06-12 23:14 - 00185088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2017-06-12 23:14 - 2017-06-12 23:14 - 00143864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 15728008 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00768904 _____ (AMD) C:\Windows\system32\atieclxx.exe
2017-06-12 23:13 - 2017-06-12 23:13 - 00544136 _____ (AMD) C:\Windows\system32\atitmm64.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00543112 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2017-06-12 23:13 - 2017-06-12 23:13 - 00537992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00520584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2017-06-12 23:13 - 2017-06-12 23:13 - 00475016 _____ C:\Windows\system32\atieah64.exe
2017-06-12 23:13 - 2017-06-12 23:13 - 00469384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00325512 _____ C:\Windows\SysWOW64\atieah32.exe
2017-06-12 23:13 - 2017-06-12 23:13 - 00194952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00114056 _____ (AMD) C:\Windows\system32\atimuixx.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00078728 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00068488 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00036232 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2017-06-12 23:13 - 2017-06-12 23:13 - 00033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 14414072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 14318984 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 13254256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 09899912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 07955848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 01032072 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 01032072 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00855432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00687496 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00402312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2017-06-12 23:12 - 2017-06-12 23:12 - 00349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2017-06-12 23:12 - 2017-06-12 23:12 - 00185600 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00182664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00161160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00154152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00142216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00128968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00121240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00121240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00106248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00092840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00092840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00072072 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2017-06-12 23:12 - 2017-06-12 23:12 - 00065416 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2017-06-12 23:12 - 2017-06-12 23:12 - 00060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 59237768 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 36562312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2017-06-12 23:11 - 2017-06-12 23:11 - 28797832 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 26831240 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 10313608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 08471432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 02527624 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 02189704 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 00505736 _____ C:\Windows\system32\amdgfxinfo64.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 00351624 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 00305544 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2017-06-12 23:11 - 2017-06-12 23:11 - 00269704 _____ C:\Windows\system32\clinfo.exe
2017-06-12 23:11 - 2017-06-12 23:11 - 00166280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 00159112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 00135560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 00124808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 00112520 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-06-12 23:11 - 2017-06-12 23:11 - 00103304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-06-12 23:10 - 2017-06-12 23:10 - 46457736 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2017-06-12 23:10 - 2017-06-12 23:10 - 22739336 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2017-06-12 23:10 - 2017-06-12 23:10 - 00082824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2017-06-12 23:10 - 2017-06-12 23:10 - 00066952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2017-06-12 23:10 - 2017-06-12 23:10 - 00066440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2017-06-12 23:10 - 2017-06-12 23:10 - 00054664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2017-06-12 22:33 - 2017-06-12 22:33 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2017-06-12 22:30 - 2017-06-12 22:30 - 00798552 _____ C:\Windows\SysWOW64\atiapfxx.blb
2017-06-12 22:30 - 2017-06-12 22:30 - 00798552 _____ C:\Windows\system32\atiapfxx.blb
2017-06-12 22:27 - 2017-06-12 22:27 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2017-06-12 20:39 - 2017-06-12 20:39 - 27173573 _____ C:\Users\Z3Power\Downloads\Fwd_Creative_prezentuje_najnowsza_karte_d.zip
2017-06-12 17:10 - 2017-06-12 17:10 - 00149896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2017-06-12 17:10 - 2017-06-12 17:10 - 00127880 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-07-12 03:23 - 2016-05-29 14:58 - 00000000 ____D C:\FRST
2017-07-12 02:49 - 2009-07-14 06:45 - 00019488 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-12 02:49 - 2009-07-14 06:45 - 00019488 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-12 02:44 - 2014-06-24 18:53 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-12 02:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-12 02:41 - 2016-11-14 21:06 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-07-12 02:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-12 02:40 - 2017-03-11 20:22 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-07-12 02:40 - 2016-05-29 15:09 - 00000000 ____D C:\AdwCleaner
2017-07-12 02:36 - 2016-05-29 12:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-12 02:30 - 2015-08-11 12:27 - 00000000 ____D C:\Program Files (x86)\Mirillis
2017-07-12 02:20 - 2017-06-02 20:43 - 00007659 _____ C:\Users\Z3Power\AppData\Local\Resmon.ResmonCfg
2017-07-12 02:15 - 2016-03-18 21:02 - 00003974 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458327764
2017-07-12 02:08 - 2014-06-24 17:11 - 00000000 ____D C:\Windows\pss
2017-07-12 02:07 - 2015-12-13 17:39 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\steelseries-engine-3-client
2017-07-12 02:06 - 2015-05-15 13:06 - 00361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-07-12 02:05 - 2017-03-16 18:19 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-07-12 02:05 - 2015-05-15 13:06 - 00585608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-07-12 02:05 - 2015-05-15 13:06 - 00360792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.149981796448906
2017-07-12 02:05 - 2015-05-15 13:06 - 00198768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-07-12 02:05 - 2015-05-15 13:06 - 00146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-07-12 02:05 - 2015-05-15 13:06 - 00110352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-07-12 02:05 - 2015-05-15 13:06 - 00084392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-07-12 02:05 - 2015-05-15 13:06 - 00046984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-07-12 02:05 - 2014-06-24 19:02 - 00000000 ____D C:\ProgramData\AVAST Software
2017-07-12 02:04 - 2017-03-16 18:19 - 00343264 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-07-12 02:04 - 2017-03-16 18:19 - 00319984 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-07-12 02:04 - 2017-03-16 18:19 - 00198944 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-07-12 02:04 - 2017-03-16 18:19 - 00057704 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-07-12 02:04 - 2016-03-18 21:02 - 00041800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-07-12 02:04 - 2015-05-15 13:06 - 01015848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-07-12 02:00 - 2014-07-31 10:38 - 00000000 ____D C:\Users\Z3Power\AppData\Local\Adobe
2017-07-12 00:20 - 2016-02-14 20:51 - 00000000 ____D C:\Users\Z3Power\Desktop\Ważne SSY
2017-07-12 00:15 - 2017-01-21 15:52 - 00000000 ____D C:\Users\Z3Power\Desktop\SS
2017-07-11 19:51 - 2017-05-21 14:00 - 00000000 ___RD C:\Users\Z3Power\Creative Cloud Files
2017-07-11 15:42 - 2016-05-30 11:37 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-11 15:42 - 2016-05-30 11:37 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-11 15:42 - 2016-05-30 11:37 - 00004568 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-11 15:42 - 2016-05-30 11:37 - 00004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-11 15:42 - 2014-06-24 20:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-11 15:42 - 2014-06-24 20:01 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-11 03:25 - 2015-10-30 16:36 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\TS3Client
2017-07-10 17:49 - 2014-06-24 19:52 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\GG
2017-07-09 20:41 - 2016-10-15 20:44 - 00007887 _____ C:\Windows\BRRBCOM.INI
2017-07-07 23:23 - 2017-02-03 17:28 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\Spotify
2017-07-07 23:23 - 2017-02-03 17:28 - 00000000 ____D C:\Users\Z3Power\AppData\Local\Spotify
2017-07-07 21:13 - 2014-06-27 13:37 - 00000000 ____D C:\ProgramData\Origin
2017-07-07 21:12 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-07-07 16:04 - 2014-06-24 16:43 - 00000000 ____D C:\Users\Z3Power
2017-07-07 16:03 - 2014-06-24 19:28 - 00003902 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1403630902
2017-07-07 16:03 - 2014-06-24 19:28 - 00000000 ____D C:\Program Files (x86)\Opera
2017-07-05 01:06 - 2014-06-27 13:25 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\Skype
2017-07-05 01:00 - 2014-06-24 17:12 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-04 13:20 - 2009-07-14 06:45 - 00541144 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-04 00:04 - 2014-06-24 16:49 - 00165360 _____ C:\Users\Z3Power\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-03 23:34 - 2016-12-24 02:34 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\obs-studio
2017-07-03 20:34 - 2017-01-30 16:19 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\streamlabels
2017-07-03 15:52 - 2017-05-30 21:06 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2017-07-03 15:52 - 2017-05-30 21:06 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\NCH Software
2017-07-03 15:52 - 2017-05-30 21:06 - 00000000 ____D C:\Program Files (x86)\NCH Software
2017-07-03 15:44 - 2017-01-30 16:19 - 00002424 _____ C:\Users\Z3Power\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamLabels.lnk
2017-07-03 15:44 - 2017-01-30 16:19 - 00002416 _____ C:\Users\Z3Power\Desktop\StreamLabels.lnk
2017-07-03 15:43 - 2017-05-30 21:06 - 00000000 ____D C:\ProgramData\NCH Software
2017-07-03 15:20 - 2015-06-07 12:28 - 00000000 ____D C:\Users\Z3Power\Desktop\Syf na pulpicie
2017-07-03 15:20 - 2015-03-01 11:55 - 00000000 ____D C:\Users\Z3Power\Desktop\Szkoła
2017-07-03 15:18 - 2013-08-14 20:42 - 00000000 ____D C:\Users\Z3Power\Desktop\Grafika
2017-07-03 14:52 - 2017-02-26 15:44 - 00002038 _____ C:\Users\Public\Desktop\AnkhBotR2.lnk
2017-07-03 14:49 - 2014-08-30 12:38 - 00000000 ____D C:\Users\Z3Power\Documents\Streamtip
2017-07-02 20:37 - 2014-06-24 19:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-06-30 23:07 - 2014-06-27 13:25 - 00000000 ____D C:\ProgramData\Skype
2017-06-29 11:09 - 2016-05-29 12:35 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-27 20:11 - 2014-07-30 09:07 - 00000000 ____D C:\Users\Z3Power\AppData\Local\ESL Wire Game Client
2017-06-27 19:14 - 2014-07-31 19:58 - 00100488 _____ ( & lt; Turtle Entertainment & gt; ) C:\Windows\system32\Drivers\ESLWireACD.sys
2017-06-27 19:14 - 2014-07-31 19:43 - 00000000 ____D C:\Users\Z3Power\Documents\ESL Match Media
2017-06-27 12:35 - 2017-03-11 20:28 - 00000000 ____D C:\Users\Z3Power\AppData\Local\AMD
2017-06-27 11:48 - 2014-06-24 17:15 - 00000000 ____D C:\AMD
2017-06-25 19:21 - 2016-03-20 01:30 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\PlaysTV
2017-06-15 00:41 - 2014-06-24 19:53 - 00000000 ____D C:\Users\Z3Power\AppData\Roaming\Adobe
2017-06-15 00:40 - 2017-01-26 19:38 - 00000000 ____D C:\Program Files\Adobe
2017-06-15 00:36 - 2017-05-21 14:16 - 00000000 ___HD C:\adobeTemp
2017-06-14 20:43 - 2015-05-15 13:06 - 00158368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.149746588696502
2017-06-12 23:14 - 2017-05-17 22:23 - 00161344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2017-06-12 23:14 - 2017-03-04 06:15 - 00356744 _____ C:\Windows\SysWOW64\GameManager32.dll
2017-06-12 23:14 - 2017-03-04 06:15 - 00020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2017-06-12 23:14 - 2017-03-04 06:15 - 00020360 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2017-06-12 23:14 - 2013-09-12 04:42 - 00207760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2017-06-12 23:13 - 2017-05-17 22:22 - 00155528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2017-06-12 23:13 - 2017-03-04 06:14 - 10448520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2017-06-12 23:13 - 2015-08-04 03:42 - 00236424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2017-06-12 23:13 - 2013-09-12 04:42 - 12578016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2017-06-12 23:13 - 2013-09-12 04:42 - 01654880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2017-06-12 23:13 - 2013-09-12 04:42 - 01347952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2017-06-12 23:12 - 2015-08-04 03:43 - 01507720 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2017-06-12 23:11 - 2017-03-31 13:45 - 00915848 _____ (AMD) C:\Windows\system32\coinst_17.10.dll
2017-06-12 23:10 - 2015-08-04 04:55 - 32738184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll

==================== Pliki w katalogu głównym wybranych folderów =======

2014-07-31 10:48 - 2017-01-12 19:04 - 0000132 _____ () C:\Users\Z3Power\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-03-27 19:21 - 2010-11-08 17:11 - 0020168 _____ () C:\Users\Z3Power\AppData\Roaming\A_ja_mam_psa.xml
2014-09-07 12:45 - 2010-11-08 17:12 - 0016660 _____ () C:\Users\Z3Power\AppData\Roaming\A_ja_wole_moja_mame.xml
2014-09-07 12:57 - 2010-11-08 17:13 - 0017334 _____ () C:\Users\Z3Power\AppData\Roaming\Duszki_lesne.xml
2014-09-07 12:48 - 2010-11-08 17:16 - 0036529 _____ () C:\Users\Z3Power\AppData\Roaming\Fantazja.xml
2014-09-07 12:52 - 2010-11-08 17:18 - 0029189 _____ () C:\Users\Z3Power\AppData\Roaming\Idziemy_na_jagody.xml
2015-03-27 18:32 - 2010-11-09 11:15 - 0010825 _____ () C:\Users\Z3Power\AppData\Roaming\Jada_misie.xml
2014-09-07 12:55 - 2010-11-08 17:18 - 0013139 _____ () C:\Users\Z3Power\AppData\Roaming\Jak_rozmawiac_trzeba_z_psem.xml
2014-09-07 12:55 - 2010-11-08 17:19 - 0012896 _____ () C:\Users\Z3Power\AppData\Roaming\Kolorowe_kredki.xml
2014-09-07 12:57 - 2010-11-17 12:38 - 0027791 _____ () C:\Users\Z3Power\AppData\Roaming\Konik_na_biegunach.xml
2014-09-07 12:57 - 2010-11-08 17:20 - 0013217 _____ () C:\Users\Z3Power\AppData\Roaming\Kwiatki_bratki.xml
2014-09-07 12:57 - 2010-11-08 17:21 - 0014971 _____ () C:\Users\Z3Power\AppData\Roaming\Lato_czeka.xml
2014-09-07 12:57 - 2010-11-08 17:21 - 0009418 _____ () C:\Users\Z3Power\AppData\Roaming\Marchewkowe_pole.xml
2014-09-07 12:59 - 2010-11-08 17:23 - 0009501 _____ () C:\Users\Z3Power\AppData\Roaming\Myj_zeby.xml
2014-09-07 12:59 - 2010-11-05 12:20 - 1016301 _____ () C:\Users\Z3Power\AppData\Roaming\Myj_zeby_melo.ogg
2014-09-07 12:59 - 2010-11-15 13:32 - 3686381 _____ () C:\Users\Z3Power\AppData\Roaming\Myj_zeby_podklad.ogg
2014-09-07 12:57 - 2010-11-08 17:22 - 0016091 _____ () C:\Users\Z3Power\AppData\Roaming\My_jestesmy_krasnoludki.xml
2014-09-07 12:57 - 2010-11-08 10:17 - 1693329 _____ () C:\Users\Z3Power\AppData\Roaming\My_jestesmy_krasnoludki_melo.ogg
2014-09-07 12:57 - 2010-11-15 13:32 - 6670050 _____ () C:\Users\Z3Power\AppData\Roaming\My_jestesmy_krasnoludki_podklad.ogg
2014-09-07 13:08 - 2010-11-08 17:24 - 0017367 _____ () C:\Users\Z3Power\AppData\Roaming\Ogorek_wasaty.xml
2014-09-07 13:08 - 2010-11-05 13:22 - 2110975 _____ () C:\Users\Z3Power\AppData\Roaming\Ogorek_wasaty_melo.ogg
2014-09-07 13:08 - 2010-11-15 13:33 - 7397226 _____ () C:\Users\Z3Power\AppData\Roaming\Ogorek_wasaty_podklad.ogg
2014-09-07 13:27 - 2010-11-08 17:24 - 0016383 _____ () C:\Users\Z3Power\AppData\Roaming\Pieski_male_dwa.xml
2014-09-07 13:27 - 2010-11-08 11:07 - 2032503 _____ () C:\Users\Z3Power\AppData\Roaming\Pieski_male_dwa_melo.ogg
2014-09-07 13:27 - 2010-11-15 13:33 - 7206429 _____ () C:\Users\Z3Power\AppData\Roaming\Pieski_male_dwa_podklad.ogg
2015-03-27 18:39 - 2010-11-08 17:25 - 0021314 _____ () C:\Users\Z3Power\AppData\Roaming\Plonie_ognisko_w_lesie.xml
2015-03-27 18:39 - 2010-11-05 16:19 - 4349516 _____ () C:\Users\Z3Power\AppData\Roaming\Plonie_ognisko_w_lesie_melo.ogg
2015-03-27 18:39 - 2010-11-15 13:34 - 12061381 _____ () C:\Users\Z3Power\AppData\Roaming\Plonie_ognisko_w_lesie_podklad.ogg
2014-09-07 13:01 - 2010-11-09 11:59 - 0020506 _____ () C:\Users\Z3Power\AppData\Roaming\Pocaluj_zabke_w_lapke.xml
2014-09-07 13:01 - 2010-11-08 12:38 - 2325760 _____ () C:\Users\Z3Power\AppData\Roaming\Pocaluj_zabke_w_lapke_melo.ogg
2014-09-07 13:01 - 2010-11-15 13:35 - 6029643 _____ () C:\Users\Z3Power\AppData\Roaming\Pocaluj_zabke_w_lapke_podklad.ogg
2014-09-07 13:01 - 2010-11-08 17:26 - 0016400 _____ () C:\Users\Z3Power\AppData\Roaming\Puszek_okruszek.xml
2014-09-07 13:01 - 2010-11-05 16:45 - 2600986 _____ () C:\Users\Z3Power\AppData\Roaming\Puszek_okruszek_melo.ogg
2014-09-07 13:01 - 2010-11-15 13:36 - 11159124 _____ () C:\Users\Z3Power\AppData\Roaming\Puszek_okruszek_podklad.ogg
2014-09-07 13:01 - 2010-11-08 17:27 - 0017505 _____ () C:\Users\Z3Power\AppData\Roaming\Stary_niedzwiedz_mocno_spi.xml
2014-09-07 13:01 - 2010-11-08 13:31 - 4495260 _____ () C:\Users\Z3Power\AppData\Roaming\Stary_niedzwiedz_mocno_spi_melo.ogg
2014-09-07 13:01 - 2010-11-15 13:37 - 12284758 _____ () C:\Users\Z3Power\AppData\Roaming\Stary_niedzwiedz_mocno_spi_podklad.ogg
2017-04-02 17:59 - 2017-04-02 17:59 - 0000268 ___RH () C:\Users\Z3Power\AppData\Roaming\Strings
2017-04-02 18:00 - 2017-04-02 18:00 - 0000268 ___RH () C:\Users\Z3Power\AppData\Roaming\Super Strings
2017-04-02 17:59 - 2017-04-02 17:59 - 0000268 ___RH () C:\Users\Z3Power\AppData\Roaming\SupportPrinters
2014-09-07 13:08 - 2010-11-09 10:43 - 0037679 _____ () C:\Users\Z3Power\AppData\Roaming\Swiety_swiety_usmiechniety.xml
2014-09-07 13:08 - 2010-11-09 10:45 - 3666000 _____ () C:\Users\Z3Power\AppData\Roaming\Swiety_swiety_usmiechniety_melo.ogg
2014-09-07 13:08 - 2010-11-15 13:37 - 11749373 _____ () C:\Users\Z3Power\AppData\Roaming\Swiety_swiety_usmiechniety_podklad.ogg
2014-09-07 13:09 - 2010-11-08 17:28 - 0020167 _____ () C:\Users\Z3Power\AppData\Roaming\Tato_juz_lato.xml
2014-09-07 13:09 - 2010-11-08 14:39 - 2176112 _____ () C:\Users\Z3Power\AppData\Roaming\Tato_juz_lato_melo.ogg
2014-09-07 13:09 - 2010-11-15 13:39 - 8165785 _____ () C:\Users\Z3Power\AppData\Roaming\Tato_juz_lato_podklad.ogg
2014-09-07 13:05 - 2010-11-08 17:27 - 0017816 _____ () C:\Users\Z3Power\AppData\Roaming\Ta_dorotka.xml
2015-03-27 18:41 - 2010-11-08 14:05 - 1256395 _____ () C:\Users\Z3Power\AppData\Roaming\Ta_dorotka_melo.ogg
2015-03-27 18:41 - 2010-11-15 13:38 - 8304152 _____ () C:\Users\Z3Power\AppData\Roaming\Ta_dorotka_podklad.ogg
2017-04-02 17:59 - 2017-04-02 17:59 - 0000268 ___RH () C:\Users\Z3Power\AppData\Roaming\Templates
2015-03-27 18:45 - 2010-11-08 17:30 - 0043542 _____ () C:\Users\Z3Power\AppData\Roaming\Wakacje.xml
2015-03-27 18:45 - 2010-11-08 16:11 - 4216295 _____ () C:\Users\Z3Power\AppData\Roaming\Wakacje_melo.ogg
2015-03-27 18:45 - 2010-11-15 13:40 - 15267180 _____ () C:\Users\Z3Power\AppData\Roaming\Wakacje_podklad.ogg
2014-09-07 13:10 - 2010-11-08 17:31 - 0018577 _____ () C:\Users\Z3Power\AppData\Roaming\Witaminki.xml
2014-09-07 13:10 - 2010-11-08 17:33 - 2049301 _____ () C:\Users\Z3Power\AppData\Roaming\Witaminki_melo.ogg
2014-09-07 13:10 - 2010-11-15 13:40 - 6631658 _____ () C:\Users\Z3Power\AppData\Roaming\Witaminki_podklad.ogg
2014-09-07 13:09 - 2010-11-08 17:29 - 0029835 _____ () C:\Users\Z3Power\AppData\Roaming\W_dzungli.xml
2014-09-07 13:09 - 2010-11-08 17:29 - 3094042 _____ () C:\Users\Z3Power\AppData\Roaming\W_dzungli_melo.ogg
2014-09-07 13:09 - 2010-11-15 13:39 - 12407203 _____ () C:\Users\Z3Power\AppData\Roaming\W_dzungli_podklad.ogg
2014-09-07 13:10 - 2010-11-09 10:51 - 0040370 _____ () C:\Users\Z3Power\AppData\Roaming\Zima_lubi_dzieci.xml
2014-09-07 13:10 - 2010-11-09 10:58 - 4699104 _____ () C:\Users\Z3Power\AppData\Roaming\Zima_lubi_dzieci_melo.ogg
2014-09-07 13:10 - 2010-11-15 13:41 - 13783853 _____ () C:\Users\Z3Power\AppData\Roaming\Zima_lubi_dzieci_podklad.ogg
2015-03-27 18:47 - 2010-11-09 11:03 - 0016037 _____ () C:\Users\Z3Power\AppData\Roaming\Zizizima.xml
2015-03-27 18:47 - 2010-11-09 11:03 - 1866481 _____ () C:\Users\Z3Power\AppData\Roaming\Zizizima_melo.ogg
2015-03-27 18:47 - 2010-11-15 13:42 - 6850490 _____ () C:\Users\Z3Power\AppData\Roaming\Zizizima_podklad.ogg
2016-04-05 21:23 - 2017-05-21 23:18 - 0005120 _____ () C:\Users\Z3Power\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-24 17:06 - 2014-06-24 17:06 - 0000000 _____ () C:\Users\Z3Power\AppData\Local\Driver_LOM_8161Present.flag
2016-04-12 15:12 - 2016-04-12 15:14 - 0000600 _____ () C:\Users\Z3Power\AppData\Local\PUTTY.RND
2016-07-19 14:19 - 2016-07-19 14:19 - 0001626 _____ () C:\Users\Z3Power\AppData\Local\recently-used.xbel
2017-06-02 20:43 - 2017-07-12 02:20 - 0007659 _____ () C:\Users\Z3Power\AppData\Local\Resmon.ResmonCfg
2017-02-10 02:48 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Z3Power\AppData\Local\TroubleshooterConfig.json
2016-10-25 16:07 - 2016-10-25 16:07 - 0000000 _____ () C:\Users\Z3Power\AppData\Local\{C31E0E28-83B2-4B7F-A208-589EA051F3D4}
2014-06-24 16:48 - 2014-06-24 16:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-04-02 17:59 - 2017-04-02 17:59 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2017-04-02 18:00 - 2017-04-02 18:00 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2017-04-02 17:59 - 2017-04-02 20:51 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2017-04-02 17:59 - 2017-04-13 17:16 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2017-04-02 17:59 - 2017-04-02 17:59 - 0000268 ___RH () C:\ProgramData\Sync Services
2017-04-02 18:00 - 2017-04-02 18:00 - 0000268 ___RH () C:\ProgramData\Synth Basics
2017-04-02 17:59 - 2017-04-02 17:59 - 0000268 ___RH () C:\ProgramData\Synth Leads
2017-04-02 17:59 - 2017-04-02 17:59 - 0000268 ___RH () C:\ProgramData\Trance Pad

Pliki do przeniesienia lub usunięcia:
====================
C:\Users\Z3Power\msvcr100d.dll
C:\Users\Z3Power\Uninstall.exe


==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo

LastRegBack: 2017-07-03 14:02

==================== Koniec FRST.txt ============================