API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 6th, 2018
169
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 47.30 KB | None | 0 0
raw download clone embed print report
  1. Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 02.08.2018
  2. Uruchomiony przez mike (administrator) LAPTOP-J1V626MB (06-08-2018 22:48:03)
  3. Uruchomiony z C:\Users\mike\Downloads
  4. Załadowane profile: mike (Dostępne profile: defaultuser0 & mike)
  5. Platform: Windows 10 Home Wersja 1803 17134.1 (X64) Język: Polski (Polska)
  6. Internet Explorer Wersja 11 (Domyślna przeglądarka: FF)
  7. Tryb startu: Normal
  8. Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Procesy (filtrowane) =================
  11.  
  12. (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
  13.  
  14. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  15. (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\igfxCUIService.exe
  16. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
  17. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
  18. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  19. (Microsoft Corporation) C:\Windows\System32\wlanext.exe
  20. (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  21. (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\IntelCpHDCPSvc.exe
  22. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  23. (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
  24. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
  25. (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
  26. (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
  27. (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
  28. (Intel Corporation) C:\Windows\System32\ibtsiva.exe
  29. (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
  30. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
  31. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
  32. (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
  33. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
  34. (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
  35. (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
  36. (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
  37. (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\IntelCpHeciSvc.exe
  38. (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
  39. (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
  40. () C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
  41. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
  42. (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\igfxEM.exe
  43. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  44. (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
  45. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  46. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  47. (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
  48. (HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
  49. (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
  50. () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Video.UI.exe
  51. (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
  52. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
  53. (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
  54. (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
  55. (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
  56. (ALLPlayer Group Ltd.) C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe
  57. (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
  58. (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
  59. (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
  60. (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
  61. (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
  62. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
  63. (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
  64. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
  65. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
  66. (HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
  67. () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
  68. (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
  69. (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
  70. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  71. (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
  72. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  73. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  74. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  75. (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
  76. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  77. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  78. (HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
  79. (HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
  80. (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
  81. (HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
  82. (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
  83. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
  84. (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  85. (Microsoft Corporation) C:\Windows\System32\dllhost.exe
  86. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  87. (Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE
  88.  
  89. ==================== Rejestr (filtrowane) ===========================
  90.  
  91. (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
  92.  
  93. HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
  94. HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-08-15] (Realtek Semiconductor)
  95. HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
  96. HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
  97. HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
  98. HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
  99. HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  100. HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
  101. HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.)
  102. HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
  103. HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated)
  104. HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-06] (Disc Soft Ltd)
  105. HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.)
  106. HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe [6168768 2016-09-15] (ALLPlayer Group Ltd.)
  107. HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\...\Run: [SteamServerBrowser] => C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe [228352 2017-02-26] ()
  108. HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3205920 2018-08-02] (Valve Corporation)
  109. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-12-29]
  110. ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico ()
  111. Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2017-08-17] ()
  112. Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2017-08-17] ()
  113. Startup: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2017-08-17] ()
  114.  
  115. ==================== Internet (filtrowane) ====================
  116.  
  117. (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
  118.  
  119. Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
  120. Tcpip\..\Interfaces\{bb072e7a-7b62-4359-8217-f1e4782ec39c}: [DhcpNameServer] 192.168.1.254
  121.  
  122. Internet Explorer:
  123. ==================
  124. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09
  125. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
  126. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  127. HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
  128. HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09
  129. HKU\S-1-5-21-3813753414-3908090346-2982434286-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
  130. SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  131. SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  132. SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  133. SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  134. SearchScopes: HKU\S-1-5-21-3813753414-3908090346-2982434286-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  135. SearchScopes: HKU\S-1-5-21-3813753414-3908090346-2982434286-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=pl&p_tsrc=301ssg02&p_w=y1w09&q={searchTerms}
  136. BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2018-04-11] (Microsoft Corporation)
  137. BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
  138. BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-05] (HP Inc.)
  139. BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2018-04-11] (Microsoft Corporation)
  140. BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
  141. BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-05] (HP Inc.)
  142. Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
  143. Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation)
  144. Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
  145. Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation)
  146.  
  147. FireFox:
  148. ========
  149. FF DefaultProfile: 68ovm05n.default-1520161741946
  150. FF ProfilePath: C:\Users\mike\AppData\Roaming\Mozilla\Firefox\Profiles\68ovm05n.default-1520161741946 [2018-08-06]
  151. FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-22] ()
  152. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
  153. FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
  154. FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems)
  155. FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
  156. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-22] ()
  157. FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-10] (Microsoft Corporation)
  158. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
  159. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
  160. FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
  161. FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.)
  162. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
  163. FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems)
  164. FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
  165.  
  166. Chrome:
  167. =======
  168. CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nie znaleziono>
  169. CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
  170.  
  171. ==================== Usługi (filtrowane) ====================
  172.  
  173. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  174.  
  175. HKLM\SYSTEM\CurrentControlSet\Services\45837DE3BA5D8900 <==== UWAGA (Rootkit!)
  176.  
  177. R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated)
  178. R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
  179. R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
  180. R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
  181. R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
  182. R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-06] (Disc Soft Ltd)
  183. S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526376 2018-01-02] (EasyAntiCheat Ltd)
  184. R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1419424 2016-05-30] (Intel Corporation)
  185. R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [894976 2016-08-04] (HP Inc.) [Brak podpisu cyfrowego]
  186. R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [461848 2016-08-05] (HP Inc.)
  187. S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
  188. R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
  189. R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
  190. R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
  191. R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-03-08] (Intel Corporation)
  192. R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [542320 2017-12-06] (Intel Corporation)
  193. S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation)
  194. S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation)
  195. R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel Corporation)
  196. R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
  197. S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] ()
  198. R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-12-16] (NVIDIA Corporation)
  199. S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-12-16] (NVIDIA Corporation)
  200. R2 osrss; C:\WINDOWS\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
  201. R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [314624 2016-08-15] (Realtek Semiconductor)
  202. S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
  203. S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego]
  204. R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [360456 2018-03-05] (Synaptics Incorporated)
  205. R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-07-31] (Microsoft Corporation)
  206. R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-07-31] (Microsoft Corporation)
  207. R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel® Corporation)
  208. R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
  209. R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
  210.  
  211. ===================== Sterowniki (filtrowane) ======================
  212.  
  213. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  214.  
  215. R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53752 2018-05-15] (HP)
  216. R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2016-05-30] (Intel Corporation)
  217. R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-09] (Disc Soft Ltd)
  218. R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-09] (Disc Soft Ltd)
  219. R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2016-05-30] (Intel Corporation)
  220. R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [40960 2018-05-15] (HP)
  221. R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel Corporation)
  222. R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-06] (Malwarebytes)
  223. R1 MpKsl330ba5bf; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0CD96674-C988-44C2-B980-B08159FF5585}\MpKsl330ba5bf.sys [58120 2018-08-06] (Microsoft Corporation)
  224. R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)
  225. R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_9172c4e962e5b3ee\nvlddmkm.sys [17200384 2018-07-04] (NVIDIA Corporation)
  226. S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-12-16] (NVIDIA Corporation)
  227. R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-12-16] (NVIDIA Corporation)
  228. R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-12-16] (NVIDIA Corporation)
  229. S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2018-02-07] ()
  230. R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-05] (Realtek )
  231. S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [779232 2016-08-22] (Realsil Semiconductor Corporation)
  232. R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55304 2018-03-05] (Synaptics Incorporated)
  233. R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2017-04-01] (Duplex Secure Ltd)
  234. S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46584 2018-07-31] (Microsoft Corporation)
  235. R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-07-31] (Microsoft Corporation)
  236. R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-07-31] (Microsoft Corporation)
  237. R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP)
  238.  
  239. ==================== NetSvcs (filtrowane) ===================
  240.  
  241. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  242.  
  243.  
  244. ==================== Jeden miesiąc - utworzone pliki i foldery ========
  245.  
  246. (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
  247.  
  248. 2018-08-06 22:48 - 2018-08-06 22:48 - 000024826 _____ C:\Users\mike\Downloads\FRST.txt
  249. 2018-08-06 22:47 - 2018-08-06 22:48 - 000000000 ____D C:\FRST
  250. 2018-08-06 21:35 - 2018-08-06 21:35 - 002412544 _____ (Farbar) C:\Users\mike\Downloads\FRST64.exe
  251. 2018-08-06 21:23 - 2018-08-06 20:32 - 000000000 ____D C:\Windows.old
  252. 2018-08-06 21:21 - 2018-08-06 21:23 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
  253. 2018-08-06 21:20 - 2018-08-06 21:21 - 000000000 ____D C:\WINDOWS\ServiceProfiles
  254. 2018-08-06 21:20 - 2018-08-06 21:20 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
  255. 2018-08-06 21:19 - 2018-08-06 21:19 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
  256. 2018-08-06 21:19 - 2018-08-06 21:19 - 000000000 ____D C:\Program Files\Reference Assemblies
  257. 2018-08-06 21:19 - 2018-08-06 21:19 - 000000000 ____D C:\Program Files\MSBuild
  258. 2018-08-06 21:19 - 2018-08-06 21:19 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
  259. 2018-08-06 21:19 - 2018-08-06 21:19 - 000000000 ____D C:\Program Files (x86)\MSBuild
  260. 2018-08-06 21:19 - 2018-08-06 21:19 - 000000000 ____D C:\inetpub
  261. 2018-08-06 21:18 - 2018-04-11 07:48 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
  262. 2018-08-06 21:18 - 2018-04-11 07:45 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
  263. 2018-08-06 21:18 - 2018-04-11 07:41 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
  264. 2018-08-06 21:18 - 2018-04-11 06:14 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
  265. 2018-08-06 21:18 - 2018-04-11 06:12 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
  266. 2018-08-06 21:18 - 2018-04-11 06:09 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
  267. 2018-08-06 21:18 - 2018-03-05 17:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
  268. 2018-08-06 21:18 - 2018-03-05 17:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
  269. 2018-08-06 21:18 - 2018-03-05 17:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
  270. 2018-08-06 21:18 - 2018-02-14 17:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
  271. 2018-08-06 21:18 - 2018-02-14 17:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
  272. 2018-08-06 21:18 - 2018-02-14 17:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
  273. 2018-08-06 21:18 - 2017-10-29 19:03 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
  274. 2018-08-06 21:18 - 2017-10-29 17:42 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
  275. 2018-08-06 21:14 - 2018-08-06 21:14 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
  276. 2018-08-06 21:14 - 2018-08-06 21:14 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
  277. 2018-08-06 21:14 - 2018-08-06 21:14 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
  278. 2018-08-06 21:14 - 2018-08-06 21:14 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
  279. 2018-08-06 21:14 - 2018-08-06 21:14 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
  280. 2018-08-06 21:14 - 2018-08-06 21:14 - 000058524 _____ C:\WINDOWS\system32\srms.dat
  281. 2018-08-06 21:00 - 2018-08-06 21:01 - 000000000 ____D C:\AdwCleaner
  282. 2018-08-06 21:00 - 2018-08-06 21:00 - 007407312 _____ (Malwarebytes) C:\Users\mike\Downloads\AdwCleaner.exe
  283. 2018-08-06 20:48 - 2018-08-06 20:54 - 175755584 _____ C:\Users\mike\Downloads\a7ykymh6.exe
  284. 2018-08-06 20:43 - 2018-08-06 20:43 - 000000000 ___HD C:\$SysReset
  285. 2018-08-06 20:42 - 2018-08-06 21:02 - 001388448 _____ C:\Users\Public\ASR.dat
  286. 2018-08-06 20:39 - 2018-08-06 20:39 - 000000000 ____D C:\Users\mike\AppData\Local\D3DSCache
  287. 2018-08-06 20:38 - 2018-08-06 20:38 - 000001417 _____ C:\Users\mike\Desktop\Microsoft Edge.lnk
  288. 2018-08-06 20:38 - 2018-08-06 20:38 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
  289. 2018-08-06 20:32 - 2018-08-06 21:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
  290. 2018-08-06 20:32 - 2018-08-06 20:32 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
  291. 2018-08-06 20:32 - 2018-08-06 20:32 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  292. 2018-08-06 20:32 - 2018-08-06 20:32 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  293. 2018-08-06 20:32 - 2018-08-06 20:32 - 000003120 _____ C:\WINDOWS\System32\Tasks\klcp_update
  294. 2018-08-06 20:32 - 2018-08-06 20:32 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
  295. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  296. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  297. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  298. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3813753414-3908090346-2982434286-1001
  299. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  300. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002796 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFormike
  301. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  302. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002772 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-LAPTOP-J1V626MB-mike
  303. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  304. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002726 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-J1V626MB-mike
  305. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002566 _____ C:\WINDOWS\System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
  306. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002502 _____ C:\WINDOWS\System32\Tasks\HPEA3JOBS
  307. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002488 _____ C:\WINDOWS\System32\Tasks\HPAudioSwitch
  308. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002298 _____ C:\WINDOWS\System32\Tasks\{43BEEED5-6310-44E9-8759-87C8339D3DC8}
  309. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002294 _____ C:\WINDOWS\System32\Tasks\{75D65BFB-08BD-4AA8-8352-A9E2FD3CDAF7}
  310. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002252 _____ C:\WINDOWS\System32\Tasks\HPJumpStartProvider
  311. 2018-08-06 20:32 - 2018-08-06 20:32 - 000002226 _____ C:\WINDOWS\System32\Tasks\{D8F20098-6426-4715-9F67-0322AD99BEB3}
  312. 2018-08-06 20:32 - 2018-08-06 20:32 - 000000020 ___SH C:\Users\mike\ntuser.ini
  313. 2018-08-06 20:32 - 2018-08-06 20:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\HP
  314. 2018-08-06 20:32 - 2018-08-06 20:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
  315. 2018-08-06 20:32 - 2018-08-06 20:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
  316. 2018-08-06 20:32 - 2018-08-06 20:32 - 000000000 ____D C:\ProgramData\Synaptics
  317. 2018-08-06 20:31 - 2018-08-06 20:32 - 000011433 _____ C:\WINDOWS\diagwrn.xml
  318. 2018-08-06 20:31 - 2018-08-06 20:32 - 000011433 _____ C:\WINDOWS\diagerr.xml
  319. 2018-08-06 20:29 - 2018-08-06 21:02 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
  320. 2018-08-06 20:28 - 2018-08-06 20:28 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
  321. 2018-08-06 20:26 - 2018-08-06 21:09 - 001969820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
  322. 2018-08-06 20:26 - 2018-08-06 21:04 - 000000000 ____D C:\Users\mike
  323. 2018-08-06 20:26 - 2018-08-06 20:30 - 000000000 ____D C:\Users\defaultuser0
  324. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\Ustawienia lokalne
  325. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\Szablony
  326. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\Moje dokumenty
  327. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\Menu Start
  328. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\Documents\Moje wideo
  329. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\Documents\Moje obrazy
  330. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\Documents\Moja muzyka
  331. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\Dane aplikacji
  332. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
  333. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\AppData\Local\Historia
  334. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\mike\AppData\Local\Dane aplikacji
  335. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\Ustawienia lokalne
  336. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\Szablony
  337. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\Moje dokumenty
  338. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\Menu Start
  339. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Moje wideo
  340. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Moje obrazy
  341. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Moja muzyka
  342. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\Dane aplikacji
  343. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
  344. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Historia
  345. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Dane aplikacji
  346. 2018-08-06 20:26 - 2018-08-06 20:26 - 000000000 ____D C:\ProgramData\USOShared
  347. 2018-08-06 20:26 - 2018-04-12 01:34 - 000001105 _____ C:\Users\mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
  348. 2018-08-06 20:26 - 2018-04-12 01:34 - 000001105 _____ C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
  349. 2018-08-06 20:25 - 2018-08-06 20:25 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bang & Olufsen Audio Control.lnk
  350. 2018-08-06 20:25 - 2018-08-06 20:25 - 000000000 ____D C:\Program Files\Synaptics
  351. 2018-08-06 20:25 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
  352. 2018-08-06 20:25 - 2018-03-05 05:23 - 000055304 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
  353. 2018-08-06 20:25 - 2017-09-01 15:28 - 000140288 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
  354. 2018-08-06 20:25 - 2017-09-01 15:28 - 000116744 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
  355. 2018-08-06 20:24 - 2018-08-06 20:29 - 005143400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
  356. 2018-08-06 20:24 - 2018-08-06 20:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
  357. 2018-08-06 18:43 - 2018-08-06 20:32 - 000000000 ___DC C:\WINDOWS\Panther
  358. 2018-08-05 22:37 - 2018-08-06 21:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
  359. 2018-08-05 22:35 - 2018-08-05 22:35 - 000000000 ____D C:\Program Files\Common Files\Intel
  360. 2018-08-04 22:48 - 2018-08-04 22:48 - 000354554 _____ C:\Users\mike\Downloads\Soybean-Irrigation-and-Water-Use.pdf
  361. 2018-07-13 19:09 - 2018-07-25 03:50 - 000000000 ____D C:\Program Files\rempl
  362. 2018-07-08 10:22 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
  363.  
  364. ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
  365.  
  366. (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
  367.  
  368. 2018-08-06 22:45 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
  369. 2018-08-06 22:12 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
  370. 2018-08-06 21:23 - 2018-06-24 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
  371. 2018-08-06 21:23 - 2018-04-12 01:41 - 000000000 ____D C:\WINDOWS\Setup
  372. 2018-08-06 21:23 - 2018-04-12 01:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
  373. 2018-08-06 21:23 - 2018-04-12 01:38 - 000000000 __RHD C:\Users\Public\Libraries
  374. 2018-08-06 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
  375. 2018-08-06 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
  376. 2018-08-06 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\spool
  377. 2018-08-06 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
  378. 2018-08-06 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
  379. 2018-08-06 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
  380. 2018-08-06 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Help
  381. 2018-08-06 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\system
  382. 2018-08-06 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
  383. 2018-08-06 21:23 - 2018-03-08 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PQStat TRIAL
  384. 2018-08-06 21:23 - 2018-03-04 23:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
  385. 2018-08-06 21:23 - 2018-02-28 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-pity
  386. 2018-08-06 21:23 - 2018-02-28 14:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
  387. 2018-08-06 21:23 - 2018-01-16 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
  388. 2018-08-06 21:23 - 2017-12-28 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
  389. 2018-08-06 21:23 - 2017-12-25 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
  390. 2018-08-06 21:23 - 2017-10-01 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K18
  391. 2018-08-06 21:23 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
  392. 2018-08-06 21:23 - 2017-09-25 05:57 - 000000000 ____D C:\Program Files\Intel
  393. 2018-08-06 21:23 - 2017-09-25 05:57 - 000000000 ____D C:\Program Files (x86)\Intel
  394. 2018-08-06 21:23 - 2017-07-02 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
  395. 2018-08-06 21:23 - 2017-04-13 12:26 - 000000000 ____D C:\Program Files\UNP
  396. 2018-08-06 21:23 - 2017-04-11 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer Pilot
  397. 2018-08-06 21:23 - 2017-04-11 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer
  398. 2018-08-06 21:23 - 2017-03-22 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
  399. 2018-08-06 21:23 - 2017-03-11 01:08 - 000000000 ____D C:\WINDOWS\SHELLNEW
  400. 2018-08-06 21:23 - 2017-03-10 23:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
  401. 2018-08-06 21:23 - 2017-03-10 22:56 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
  402. 2018-08-06 21:23 - 2017-03-09 11:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
  403. 2018-08-06 21:23 - 2016-12-29 01:16 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
  404. 2018-08-06 21:23 - 2016-09-21 03:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016
  405. 2018-08-06 21:23 - 2016-09-21 03:12 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
  406. 2018-08-06 21:23 - 2016-09-21 03:11 - 000000000 ____D C:\Program Files (x86)\HP
  407. 2018-08-06 21:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\appcompat
  408. 2018-08-06 21:21 - 2017-09-25 05:57 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
  409. 2018-08-06 21:21 - 2017-09-25 05:57 - 000000000 ____D C:\Program Files\Realtek
  410. 2018-08-06 21:19 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
  411. 2018-08-06 21:19 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MUI
  412. 2018-08-06 21:19 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\inetsrv
  413. 2018-08-06 21:19 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
  414. 2018-08-06 21:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
  415. 2018-08-06 21:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
  416. 2018-08-06 21:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
  417. 2018-08-06 21:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
  418. 2018-08-06 21:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
  419. 2018-08-06 21:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
  420. 2018-08-06 21:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
  421. 2018-08-06 21:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
  422. 2018-08-06 21:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
  423. 2018-08-06 21:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
  424. 2018-08-06 21:09 - 2018-04-12 17:51 - 000857950 _____ C:\WINDOWS\system32\perfh015.dat
  425. 2018-08-06 21:09 - 2018-04-12 17:51 - 000188504 _____ C:\WINDOWS\system32\perfc015.dat
  426. 2018-08-06 21:09 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
  427. 2018-08-06 21:02 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
  428. 2018-08-06 21:02 - 2017-12-25 16:54 - 000000000 ____D C:\Program Files (x86)\Steam
  429. 2018-08-06 21:02 - 2017-09-25 05:57 - 000000000 ____D C:\ProgramData\NVIDIA
  430. 2018-08-06 21:02 - 2017-03-09 00:35 - 000000000 ____D C:\Users\mike\AppData\LocalLow\Mozilla
  431. 2018-08-06 21:02 - 2017-03-07 22:48 - 000000000 __SHD C:\Users\mike\IntelGraphicsProfiles
  432. 2018-08-06 21:01 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
  433. 2018-08-06 20:52 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
  434. 2018-08-06 20:49 - 2017-12-01 07:33 - 000000000 ____D C:\Users\mike\AppData\Local\Packages
  435. 2018-08-06 20:32 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\windows nt
  436. 2018-08-06 20:32 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Defender
  437. 2018-08-06 20:32 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
  438. 2018-08-06 20:32 - 2017-12-01 07:49 - 000000000 ___RD C:\Users\mike\3D Objects
  439. 2018-08-06 20:32 - 2017-03-07 22:48 - 000000000 ____D C:\Users\mike\AppData\Roaming\Synaptics
  440. 2018-08-06 20:32 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
  441. 2018-08-06 20:31 - 2017-09-25 05:58 - 001966326 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
  442. 2018-08-06 20:30 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
  443. 2018-08-06 20:30 - 2017-09-25 06:03 - 000023140 _____ C:\WINDOWS\system32\emptyregdb.dat
  444. 2018-08-06 20:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
  445. 2018-08-06 20:28 - 2017-12-25 17:08 - 000000000 ____D C:\Users\mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
  446. 2018-08-06 20:28 - 2017-03-09 12:00 - 000000000 ____D C:\Users\mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
  447. 2018-08-06 20:28 - 2017-03-09 11:44 - 000000000 ____D C:\Users\mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
  448. 2018-08-06 20:27 - 2017-12-01 07:33 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
  449. 2018-08-06 20:26 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate
  450. 2018-08-06 20:25 - 2017-09-25 05:57 - 000040114 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
  451. 2018-08-06 20:25 - 2017-09-25 05:57 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
  452. 2018-08-06 20:25 - 2017-09-25 05:57 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
  453. 2018-08-06 20:25 - 2017-09-25 05:57 - 000000000 ____D C:\Program Files\NVIDIA Corporation
  454. 2018-08-06 20:25 - 2016-12-29 01:07 - 000000000 ____D C:\Intel
  455. 2018-08-06 02:00 - 2017-03-10 22:29 - 000000000 ____D C:\Users\mike\AppData\Local\Adobe
  456. 2018-08-05 22:38 - 2017-10-26 19:58 - 000000000 ____D C:\Program Files (x86)\VulkanRT
  457. 2018-08-05 22:38 - 2017-09-25 05:57 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
  458. 2018-08-05 22:36 - 2016-12-29 01:07 - 000000000 ____D C:\ProgramData\Intel
  459. 2018-08-05 22:36 - 2016-09-21 03:13 - 000000000 ____D C:\ProgramData\Package Cache
  460. 2018-08-05 16:22 - 2017-05-27 10:05 - 000000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleFormike.job
  461. 2018-08-05 14:26 - 2018-06-17 15:16 - 000000000 ____D C:\Users\mike\Desktop\Nowy folder
  462. 2018-07-31 05:48 - 2018-03-01 00:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
  463. 2018-07-19 19:48 - 2018-03-13 22:54 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
  464. 2018-07-17 19:24 - 2017-04-01 15:17 - 000563832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
  465. 2018-07-14 08:50 - 2017-03-09 00:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
  466. 2018-07-14 08:50 - 2017-03-09 00:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
  467. 2018-07-13 19:13 - 2017-03-07 22:49 - 000000000 ___RD C:\Users\mike\OneDrive
  468. 2018-07-13 19:07 - 2016-07-16 13:47 - 000000245 _____ C:\WINDOWS\win.ini
  469. 2018-07-11 18:01 - 2017-03-09 11:55 - 000000000 ____D C:\WINDOWS\system32\MRT
  470. 2018-07-11 17:54 - 2017-03-09 11:55 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
  471. 2018-07-07 08:39 - 2017-03-09 00:35 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
  472.  
  473. ==================== Pliki w katalogu głównym wybranych folderów =======
  474.  
  475. 2018-08-06 20:42 - 2018-08-06 21:02 - 001388448 _____ () C:\Users\Public\ASR.dat
  476. 2018-03-03 20:56 - 2018-03-03 20:57 - 000000029 _____ () C:\Users\mike\AppData\Roaming\default.rss
  477. 2018-03-03 20:56 - 2018-03-03 20:56 - 000000000 _____ () C:\Users\mike\AppData\Roaming\downloads.m3u
  478. 2017-03-27 13:46 - 2017-03-27 13:47 - 000038490 _____ () C:\Users\mike\AppData\Roaming\Wartości oddzielone przecinkami.ADR
  479. 2017-09-26 21:35 - 2017-11-08 17:19 - 000004608 _____ () C:\Users\mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  480. 2018-03-01 22:37 - 2018-03-01 22:37 - 000002490 _____ () C:\Users\mike\AppData\Local\recently-used.xbel
  481.  
  482. ==================== Bamital & volsnap ======================
  483.  
  484. (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
  485.  
  486. C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
  487. C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
  488. C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
  489. C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
  490. C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
  491. C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
  492. C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
  493. C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
  494. C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
  495. C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
  496. C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
  497. C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
  498. C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
  499. C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
  500. C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
  501.  
  502. LastRegBack: 2018-08-06 20:24
  503.  
  504. ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!