Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 01.12.2018 01
- Uruchomiony przez Druszczenko (administrator) DESKTOP-HOFPNDU (06-12-2018 18:30:07)
- Uruchomiony z C:\Users\Druszczenko\Downloads
- Załadowane profile: Druszczenko (Dostępne profile: Druszczenko)
- Platform: Windows 10 Home Wersja 1703 15063.909 (X64) Język: Polski (Polska)
- Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
- Tryb startu: Normal
- Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
- (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
- () C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
- (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
- (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
- (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
- (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
- (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
- (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
- (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
- (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
- (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
- () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
- (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
- (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
- (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
- (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
- (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
- (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
- (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
- (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
- (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
- (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
- (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
- (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
- (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
- (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
- (Microsoft Corporation) C:\Windows10Upgrade\Windows10UpgraderApp.exe
- (Microsoft Corporation) C:\Windows\System32\dllhost.exe
- (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
- (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
- (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
- (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
- (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.1111_none_b9580e706f668ab0\TiWorker.exe
- (Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\SDXHelper.exe
- ==================== Rejestr (filtrowane) ===========================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- ProxyServer: [S-1-5-21-345879739-3670273313-2407084088-1001] => 127.0.0.1:1080
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{076baab5-899e-494b-bcf0-0c38cb4e715d}: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{e7c2ded2-4131-4301-a16a-2f82a24a10a9}: [DhcpNameServer] 40.51.1.11
- Internet Explorer:
- ==================
- HKU\S-1-5-21-345879739-3670273313-2407084088-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://onet.pl/
- HKU\S-1-5-21-345879739-3670273313-2407084088-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
- SearchScopes: HKU\S-1-5-21-345879739-3670273313-2407084088-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- SearchScopes: HKU\S-1-5-21-345879739-3670273313-2407084088-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
- BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-12-06] (Microsoft Corporation)
- Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-06] (Microsoft Corporation)
- Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-12-06] (Microsoft Corporation)
- Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-06] (Microsoft Corporation)
- Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-12-06] (Microsoft Corporation)
- Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-06] (Microsoft Corporation)
- Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-12-06] (Microsoft Corporation)
- Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-06] (Microsoft Corporation)
- Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-12-06] (Microsoft Corporation)
- FireFox:
- ========
- FF DefaultProfile: jbx0ui9e.default-1509041237755
- FF ProfilePath: C:\Users\Druszczenko\AppData\Roaming\Mozilla\Firefox\Profiles\jbx0ui9e.default-1509041237755 [2018-12-06]
- FF Homepage: Mozilla\Firefox\Profiles\jbx0ui9e.default-1509041237755 -> onet.pl
- FF Extension: (uBlock Origin) - C:\Users\Druszczenko\AppData\Roaming\Mozilla\Firefox\Profiles\jbx0ui9e.default-1509041237755\Extensions\uBlock0@raymondhill.net.xpi [2018-12-06]
- FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-10-24] (Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-10-24] (Microsoft Corporation)
- FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
- ==================== Usługi (filtrowane) ====================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325600 2016-08-26] (Windows (R) Win 7 DDK provider)
- R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-11-20] (Microsoft Corporation)
- S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] ()
- R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2215168 2016-11-01] (Intel Corporation)
- R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] ()
- S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
- R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation)
- S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd)
- R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
- R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] ()
- R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-25] (Microsoft Corporation)
- R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-25] (Microsoft Corporation)
- S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd)
- ===================== Sterowniki (filtrowane) ======================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] ()
- R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [99320 2016-10-11] (ASUS Corporation)
- R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4320176 2016-11-27] (Qualcomm Atheros Communications, Inc.)
- R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66616 2016-11-01] (Intel Corporation)
- R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-11-01] (Intel Corporation)
- S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [Brak podpisu cyfrowego]
- R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
- S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
- S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-10-25] (Microsoft Corporation)
- R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [328696 2018-10-25] (Microsoft Corporation)
- R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-25] (Microsoft Corporation)
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Jeden miesiąc - utworzone pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-12-06 18:30 - 2018-12-06 18:36 - 000012172 _____ C:\Users\Druszczenko\Downloads\FRST.txt
- 2018-12-06 18:28 - 2018-12-06 18:30 - 000000000 ____D C:\FRST
- 2018-12-06 18:25 - 2018-12-06 18:25 - 000000790 _____ C:\Users\Druszczenko\Desktop\Pobrane — skrót.lnk
- 2018-12-06 18:24 - 2018-12-06 18:24 - 000000000 ____D C:\Users\Druszczenko\Desktop\ccleaner
- 2018-12-06 18:19 - 2018-12-06 18:19 - 000000721 _____ C:\Users\Druszczenko\Desktop\Asystent aktualizacji do systemu Windows 10.lnk
- 2018-12-06 18:14 - 2018-12-06 18:14 - 002417152 _____ (Farbar) C:\Users\Druszczenko\Downloads\FRST64.exe
- 2018-12-06 18:10 - 2018-12-06 18:10 - 000004608 ___RH C:\farstone_pe.letter
- 2018-12-06 18:04 - 2018-12-06 18:05 - 000000000 ____D C:\AdwCleaner
- 2018-12-06 18:03 - 2018-12-06 18:03 - 007321808 _____ (Malwarebytes) C:\Users\Druszczenko\Downloads\AdwCleaner.exe
- 2018-12-06 18:03 - 2018-12-06 18:03 - 007321808 _____ (Malwarebytes) C:\Users\Druszczenko\Downloads\AdwCleaner(1).exe
- 2018-12-06 16:45 - 2018-05-03 08:16 - 000278960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
- 2018-12-06 16:43 - 2018-07-18 00:55 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
- 2018-12-06 16:43 - 2018-07-18 00:53 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
- 2018-12-06 16:43 - 2018-07-18 00:53 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
- 2018-12-06 16:43 - 2018-07-18 00:52 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
- 2018-12-06 16:43 - 2018-07-18 00:47 - 002449920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
- 2018-12-06 16:43 - 2018-07-18 00:47 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
- 2018-12-06 16:43 - 2018-07-13 05:19 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
- 2018-12-06 16:43 - 2018-07-13 05:08 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
- 2018-12-06 16:43 - 2018-06-12 02:20 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
- 2018-12-06 16:43 - 2018-06-08 06:34 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
- 2018-12-06 16:43 - 2018-06-08 06:33 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
- 2018-12-06 16:43 - 2018-06-08 06:32 - 001078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
- 2018-12-06 16:43 - 2018-06-08 06:31 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
- 2018-12-06 16:43 - 2018-06-08 06:30 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
- 2018-12-06 16:43 - 2018-06-08 06:29 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
- 2018-12-06 16:43 - 2018-06-08 06:25 - 001161728 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
- 2018-12-06 16:43 - 2018-06-08 06:20 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
- 2018-12-06 16:43 - 2018-06-08 06:17 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
- 2018-12-06 16:43 - 2018-03-05 02:56 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
- 2018-12-06 16:43 - 2018-03-05 02:56 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
- 2018-12-06 16:43 - 2018-03-05 02:55 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
- 2018-12-06 16:43 - 2018-03-05 02:53 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
- 2018-12-06 16:43 - 2018-03-02 07:43 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
- 2018-12-06 16:43 - 2018-02-12 23:58 - 000026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
- 2018-12-06 16:43 - 2018-02-12 23:17 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
- 2018-12-06 16:43 - 2018-02-12 23:10 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
- 2018-12-06 06:59 - 2018-12-06 06:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-345879739-3670273313-2407084088-1001
- 2018-12-06 00:58 - 2018-12-06 00:58 - 000000000 ____D C:\Users\Druszczenko\AppData\Local\ESET
- 2018-12-06 00:57 - 2018-12-06 00:57 - 006989432 _____ (ESET spol. s r.o.) C:\Users\Druszczenko\Downloads\esetonlinescanner_plk.exe
- 2018-12-06 00:57 - 2018-12-06 00:57 - 006989432 _____ (ESET spol. s r.o.) C:\Users\Druszczenko\Downloads\esetonlinescanner_plk(1).exe
- 2018-12-06 00:05 - 2018-11-28 17:11 - 000000010 _____ C:\Users\Druszczenko\Desktop\portable.dat
- ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-12-06 18:28 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
- 2018-12-06 18:27 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
- 2018-12-06 18:21 - 2017-08-08 17:00 - 000000000 ____D C:\Windows10Upgrade
- 2018-12-06 18:19 - 2018-04-29 20:18 - 000000733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent aktualizacji do systemu Windows 10.lnk
- 2018-12-06 18:17 - 2017-08-08 21:26 - 002415624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
- 2018-12-06 18:17 - 2017-03-20 04:59 - 001103312 _____ C:\WINDOWS\system32\perfh015.dat
- 2018-12-06 18:17 - 2017-03-20 04:59 - 000242100 _____ C:\WINDOWS\system32\perfc015.dat
- 2018-12-06 18:15 - 2017-08-08 16:59 - 000000200 _____ C:\Users\Druszczenko\AppData\Roaming\sp_data.sys
- 2018-12-06 18:12 - 2017-08-08 23:57 - 000000000 ____D C:\Users\Druszczenko\AppData\LocalLow\Mozilla
- 2018-12-06 18:11 - 2017-08-08 16:56 - 000000000 __SHD C:\Users\Druszczenko\IntelGraphicsProfiles
- 2018-12-06 18:10 - 2017-08-08 20:44 - 000409360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
- 2018-12-06 18:10 - 2017-04-17 11:29 - 000000000 ____D C:\ProgramData\McAfee
- 2018-12-06 18:09 - 2018-09-30 12:14 - 000000000 ____D C:\ProgramData\2AB1E294
- 2018-12-06 18:09 - 2017-08-08 23:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
- 2018-12-06 18:09 - 2017-08-08 21:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
- 2018-12-06 18:07 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
- 2018-12-06 18:07 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
- 2018-12-06 18:06 - 2018-02-26 18:22 - 000000000 ____D C:\Program Files\rempl
- 2018-12-06 17:58 - 2017-08-13 13:58 - 000000000 ____D C:\WINDOWS\system32\MRT
- 2018-12-06 17:58 - 2017-08-13 13:57 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
- 2018-12-06 17:48 - 2017-08-08 20:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
- 2018-12-06 17:02 - 2018-04-29 20:24 - 000003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
- 2018-12-06 17:02 - 2017-08-08 21:30 - 000003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
- 2018-12-06 16:19 - 2018-06-06 20:24 - 000004236 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F8542147-BF3D-4C95-9448-4DA8BF23D116}
- 2018-12-06 00:54 - 2017-08-08 23:53 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
- 2018-12-06 00:54 - 2017-08-08 23:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
- 2018-12-06 00:20 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
- 2018-12-06 00:18 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
- 2018-12-06 00:17 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
- 2018-12-06 00:16 - 2017-04-17 11:37 - 000000000 ____D C:\Program Files\Microsoft Office
- 2018-12-06 00:10 - 2017-11-17 20:22 - 000002427 _____ C:\Users\Druszczenko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
- 2018-12-06 00:10 - 2017-08-08 21:30 - 000003388 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-345879739-3670273313-2407084088-1001
- 2018-12-06 00:10 - 2017-08-08 17:04 - 000000000 ___RD C:\Users\Druszczenko\OneDrive
- 2018-12-06 00:07 - 2017-08-08 17:32 - 000000000 ___DC C:\WINDOWS\Panther
- 2018-12-06 00:06 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
- 2018-12-06 00:03 - 2018-02-28 18:54 - 000592416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
- 2018-12-05 23:58 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF
- 2018-11-15 18:48 - 2017-09-26 17:22 - 000000000 ____D C:\Users\Druszczenko\AppData\Roaming\foobar2000
- ==================== Pliki w katalogu głównym wybranych folderów =======
- 2017-08-08 16:59 - 2018-12-06 18:15 - 000000200 _____ () C:\Users\Druszczenko\AppData\Roaming\sp_data.sys
- Niektóre pliki w TEMP:
- ====================
- 2018-12-06 01:01 - 2017-08-09 13:12 - 001277584 _____ (McAfee, Inc.) C:\Users\Druszczenko\AppData\Local\Temp\0236181544054516mcinst.exe
- ==================== Bamital & volsnap ======================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
- LastRegBack: 2018-10-24 20:02
- ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement