API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 22nd, 2018
381
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 25.70 KB | None | 0 0
raw download clone embed print report
  1. Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 20.06.2018
  2. Uruchomiony przez Ela (administrator) KOMPUTER (22-06-2018 17:41:54)
  3. Uruchomiony z C:\Users\Ela\Downloads
  4. Załadowane profile: Ela (Dostępne profile: Ela)
  5. Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Język: Polski (Polska)
  6. Internet Explorer Wersja 11 (Domyślna przeglądarka: IE)
  7. Tryb startu: Normal
  8. Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Procesy (filtrowane) =================
  11.  
  12. (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
  13.  
  14. () C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
  15. (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  16. (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
  17. (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
  18. (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
  19. (Intel Corporation) C:\Windows\System32\igfxtray.exe
  20. (Intel Corporation) C:\Windows\System32\hkcmd.exe
  21. (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
  22. (Intel Corporation) C:\Windows\System32\igfxpers.exe
  23. (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
  24. (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
  25. (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
  26. (OLYMPUS IMAGING CORP.) C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
  27. (Microsoft Corporation) C:\Windows\System32\rundll32.exe
  28. (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
  29. (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
  30. (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  31. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  32. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  33. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  34. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  35. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  36. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  37. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  38. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  39. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  40. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  41. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  42. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  43. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  44. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  45. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  46. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  47. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  48. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  49. (AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
  50. (AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
  51. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  52. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  53. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  54. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  55. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  56. (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
  57.  
  58. ==================== Rejestr (filtrowane) ===========================
  59.  
  60. (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
  61.  
  62. HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2017-03-06] ()
  63. HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
  64. HKLM\...\Run: [] => [X]
  65. HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
  66. HKU\S-1-5-21-530610989-3515677142-4144176666-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27793888 2017-05-05] (Skype Technologies S.A.)
  67. HKU\S-1-5-21-530610989-3515677142-4144176666-1000\...\Run: [Google Update] => C:\Users\Ela\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-20] (Google Inc.)
  68. HKU\S-1-5-21-530610989-3515677142-4144176666-1000\...\MountPoints2: {127b1832-5194-11e7-81c4-6c626d8467b2} - E:\HiSuiteDownLoader.exe
  69. HKU\S-1-5-21-530610989-3515677142-4144176666-1000\...\MountPoints2: {127b183d-5194-11e7-81c4-6c626d8467b2} - E:\HiSuiteDownLoader.exe
  70. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk [2017-03-11]
  71. ShortcutTarget: Device Detector 3.lnk -> C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.)
  72. Startup: C:\Users\Ela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP DeskJet 3630 series.lnk [2018-06-22]
  73. ShortcutTarget: Powiadomienia monitorowania tuszu - HP DeskJet 3630 series.lnk -> C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
  74.  
  75. ==================== Internet (filtrowane) ====================
  76.  
  77. (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
  78.  
  79. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  80. Tcpip\..\Interfaces\{81011129-77A5-4320-9ADA-F17F4F55A55D}: [DhcpNameServer] 192.168.1.1
  81.  
  82. Internet Explorer:
  83. ==================
  84. HKU\S-1-5-21-530610989-3515677142-4144176666-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wp.pl/
  85. HKU\S-1-5-21-530610989-3515677142-4144176666-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=pl-pl
  86. SearchScopes: HKU\S-1-5-21-530610989-3515677142-4144176666-1000 -> DefaultScope {36B54FCE-B8AF-470D-BF97-CDAC9242FE9A} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
  87. SearchScopes: HKU\S-1-5-21-530610989-3515677142-4144176666-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
  88. SearchScopes: HKU\S-1-5-21-530610989-3515677142-4144176666-1000 -> {36B54FCE-B8AF-470D-BF97-CDAC9242FE9A} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
  89. BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-17] (AO Kaspersky Lab)
  90. BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
  91. BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-06-22] (Oracle Corporation)
  92. BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
  93. BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-22] (Oracle Corporation)
  94. Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
  95. Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-17] (AO Kaspersky Lab)
  96. Toolbar: HKU\S-1-5-21-530610989-3515677142-4144176666-1000 -> Brak nazwy - {093F479D-712E-46CD-9E06-62E734A05F68} - Brak pliku
  97. Toolbar: HKU\S-1-5-21-530610989-3515677142-4144176666-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
  98.  
  99. FireFox:
  100. ========
  101. FF DefaultProfile: 9vk3ob1f.default-1489243759327-1528354998213
  102. FF ProfilePath: C:\Users\Ela\AppData\Roaming\Mozilla\Firefox\Profiles\9vk3ob1f.default-1489243759327-1528354998213 [2018-06-07]
  103. FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => nie znaleziono
  104. FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
  105. FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-05-17]
  106. FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
  107. FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-22] (Oracle Corporation)
  108. FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-22] (Oracle Corporation)
  109. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
  110. FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
  111. FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
  112. FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
  113. FF Plugin HKU\S-1-5-21-530610989-3515677142-4144176666-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Ela\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
  114. FF Plugin HKU\S-1-5-21-530610989-3515677142-4144176666-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Ela\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
  115.  
  116. Chrome:
  117. =======
  118. CHR Profile: C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default [2018-06-22]
  119. CHR Extension: (Prezentacje) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-22]
  120. CHR Extension: (Dokumenty) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-22]
  121. CHR Extension: (Dysk Google) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-24]
  122. CHR Extension: (YouTube) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-24]
  123. CHR Extension: (Dokumenty Google offline) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-24]
  124. CHR Extension: (Kaspersky Protection) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-06-22]
  125. CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-22]
  126. CHR Extension: (Gmail) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-04]
  127. CHR Extension: (Chrome Media Router) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-22]
  128. CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
  129.  
  130. ==================== Usługi (filtrowane) ====================
  131.  
  132. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  133.  
  134. S2 AVP18.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
  135. R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-04-11] () [Brak podpisu cyfrowego]
  136. R2 KSDE2.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
  137. R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes)
  138. R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego]
  139. R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego]
  140. R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
  141.  
  142. ===================== Sterowniki (filtrowane) ======================
  143.  
  144. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  145.  
  146. R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [176864 2016-12-26] (AO Kaspersky Lab)
  147. R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128736 2018-05-24] (Malwarebytes)
  148. R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [165296 2016-10-01] (AO Kaspersky Lab)
  149. R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [62184 2017-12-25] (AO Kaspersky Lab)
  150. R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [98504 2018-05-17] (AO Kaspersky Lab)
  151. R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [69000 2016-05-31] (AO Kaspersky Lab)
  152. R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [164032 2018-05-17] (AO Kaspersky Lab)
  153. R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [659136 2018-05-17] (AO Kaspersky Lab)
  154. R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [835272 2018-05-17] (AO Kaspersky Lab)
  155. R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49344 2018-05-17] (AO Kaspersky Lab)
  156. R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [50400 2016-12-23] (AO Kaspersky Lab)
  157. R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [51424 2016-12-07] (AO Kaspersky Lab)
  158. R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45552 2017-12-25] (AO Kaspersky Lab)
  159. R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48056 2016-06-07] (The OpenVPN Project)
  160. R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75760 2017-12-25] (AO Kaspersky Lab)
  161. R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [121544 2018-05-17] (AO Kaspersky Lab)
  162. R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [165088 2017-12-25] (AO Kaspersky Lab)
  163. R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [165088 2018-06-22] (Malwarebytes)
  164. R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [93920 2018-06-22] (Malwarebytes)
  165. R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40160 2018-06-22] (Malwarebytes)
  166. R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [220896 2018-06-22] (Malwarebytes)
  167. R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [73848 2018-06-22] (Malwarebytes)
  168. S3 VNUSB; C:\Windows\System32\DRIVERS\VNUSB.sys [38496 2006-04-07] (OLYMPUS IMAGING CORP.) [Brak podpisu cyfrowego]
  169. U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2017-04-11] (Huawei Technologies Co., Ltd.)
  170.  
  171. ==================== NetSvcs (filtrowane) ===================
  172.  
  173. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  174.  
  175.  
  176. ==================== Jeden miesiąc - utworzone pliki i foldery ========
  177.  
  178. (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
  179.  
  180. 2018-06-22 17:41 - 2018-06-22 17:42 - 000016422 _____ C:\Users\Ela\Downloads\FRST.txt
  181. 2018-06-22 17:41 - 2018-06-22 17:41 - 001773056 _____ (Farbar) C:\Users\Ela\Downloads\FRST (1).exe
  182. 2018-06-22 17:41 - 2018-06-22 17:41 - 000000000 ____D C:\FRST
  183. 2018-06-22 17:40 - 2018-06-22 17:40 - 001773056 _____ (Farbar) C:\Users\Ela\Downloads\FRST.exe
  184. 2018-06-22 17:28 - 2018-06-22 17:29 - 007372496 _____ (Malwarebytes) C:\Users\Ela\Downloads\AdwCleaner (1).exe
  185. 2018-06-22 17:25 - 2018-06-22 17:26 - 000000000 ____D C:\AdwCleaner
  186. 2018-06-22 17:25 - 2018-06-22 17:25 - 007372496 _____ (Malwarebytes) C:\Users\Ela\Downloads\AdwCleaner.exe
  187. 2018-06-22 17:15 - 2018-06-22 17:15 - 000000000 ___HD C:\Windows\msdownld.tmp
  188. 2018-06-22 17:12 - 2018-06-22 17:12 - 000002097 _____ C:\Users\Ela\Desktop\ CAPI - przeprowadzanie wywiadów.lnk
  189. 2018-06-22 17:12 - 2018-06-22 17:12 - 000002088 _____ C:\Users\Ela\Desktop\ CMI - synchronizacja wyników.lnk
  190. 2018-06-22 17:12 - 2018-06-22 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CADAS
  191. 2018-06-22 17:12 - 2006-08-09 10:06 - 000413696 _____ C:\Windows\system32\jsound.dll
  192. 2018-06-22 17:12 - 2006-08-09 10:06 - 000380928 _____ C:\Windows\system32\jmmpa.dll
  193. 2018-06-22 17:12 - 2006-08-09 10:06 - 000282624 _____ C:\Windows\system32\jmh261.dll
  194. 2018-06-22 17:12 - 2006-08-09 10:06 - 000184320 _____ C:\Windows\system32\jmvh263.dll
  195. 2018-06-22 17:12 - 2006-08-09 10:06 - 000143360 _____ C:\Windows\system32\jmjpeg.dll
  196. 2018-06-22 17:12 - 2006-08-09 10:06 - 000106496 _____ C:\Windows\system32\jmh263enc.dll
  197. 2018-06-22 17:12 - 2006-08-09 10:06 - 000098304 _____ C:\Windows\system32\jmg723.dll
  198. 2018-06-22 17:12 - 2006-08-09 10:06 - 000077824 _____ C:\Windows\system32\jmmpegv.dll
  199. 2018-06-22 17:12 - 2006-08-09 10:06 - 000073728 _____ C:\Windows\system32\jmutil.dll
  200. 2018-06-22 17:12 - 2006-08-09 10:06 - 000057344 _____ C:\Windows\system32\jmgsm.dll
  201. 2018-06-22 17:12 - 2006-08-09 10:06 - 000053248 _____ C:\Windows\system32\jmam.dll
  202. 2018-06-22 17:12 - 2006-08-09 10:06 - 000049152 _____ C:\Windows\system32\jmcvid.dll
  203. 2018-06-22 17:12 - 2006-08-09 10:06 - 000049152 _____ C:\Windows\system32\jmacm.dll
  204. 2018-06-22 17:12 - 2006-08-09 10:06 - 000045056 _____ C:\Windows\system32\jmvfw.dll
  205. 2018-06-22 17:12 - 2006-08-09 10:06 - 000040960 _____ C:\Windows\system32\jmdaud.dll
  206. 2018-06-22 17:12 - 2006-08-09 10:06 - 000036864 _____ C:\Windows\system32\jmvcm.dll
  207. 2018-06-22 17:12 - 2006-08-09 10:06 - 000036864 _____ C:\Windows\system32\jmgdi.dll
  208. 2018-06-22 17:12 - 2006-08-09 10:06 - 000032768 _____ C:\Windows\system32\jmfjawt.dll
  209. 2018-06-22 17:12 - 2006-08-09 10:06 - 000032768 _____ C:\Windows\system32\jmddraw.dll
  210. 2018-06-22 17:12 - 2006-08-09 10:06 - 000028672 _____ C:\Windows\system32\jmmci.dll
  211. 2018-06-22 17:12 - 2006-08-09 10:06 - 000028672 _____ C:\Windows\system32\jmdaudc.dll
  212. 2018-06-22 17:04 - 2018-06-22 17:05 - 094823000 _____ (CADAS Software ) C:\Users\Ela\Downloads\CAPI4.98.exe
  213. 2018-06-22 17:01 - 2018-06-22 17:01 - 000096712 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
  214. 2018-06-22 17:01 - 2018-06-22 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
  215. 2018-06-22 17:01 - 2018-06-22 17:01 - 000000000 ____D C:\Program Files\Common Files\Oracle
  216. 2018-06-22 17:01 - 2018-06-22 17:01 - 000000000 ____D C:\Program Files\Common Files\Java
  217. 2018-06-22 11:40 - 2018-06-22 17:27 - 000093920 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
  218. 2018-06-22 11:40 - 2018-06-22 17:27 - 000073848 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
  219. 2018-06-22 11:40 - 2018-06-22 17:27 - 000040160 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
  220. 2018-06-22 11:40 - 2018-06-22 11:40 - 000165088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
  221. 2018-06-22 11:39 - 2018-06-22 17:27 - 000220896 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
  222. 2018-06-22 11:39 - 2018-06-22 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
  223. 2018-06-22 11:39 - 2018-06-22 11:39 - 000000000 ____D C:\ProgramData\Malwarebytes
  224. 2018-06-22 11:39 - 2018-06-22 11:39 - 000000000 ____D C:\Program Files\Malwarebytes
  225. 2018-06-22 11:39 - 2018-05-24 06:55 - 000128736 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
  226. 2018-06-22 11:38 - 2018-06-22 11:39 - 074347856 _____ (Malwarebytes ) C:\Users\Ela\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5566.exe
  227. 2018-06-22 11:20 - 2018-06-22 11:25 - 306528624 _____ C:\Users\Ela\Downloads\OM-SrvAdmin-Dell-Web-WINX64-9.1.0-2757_A00.exe
  228. 2018-06-22 11:09 - 2018-06-22 11:09 - 000000000 ____D C:\Program Files\RegCleaner
  229. 2018-06-22 11:08 - 2018-06-22 11:08 - 000553687 _____ C:\Users\Ela\Downloads\RegCleaner(dobreprogramy.pl).exe
  230. 2018-06-21 18:41 - 2018-06-21 18:52 - 000010352 _____ C:\Users\Ela\Desktop\Baza_PKO_Warszawa.xlsx
  231. 2018-06-20 12:34 - 2018-06-20 12:40 - 000000000 ____D C:\Users\Ela\Desktop\Przychodnie lipiec , sierpień, wrzesień
  232. 2018-06-15 17:07 - 2018-06-18 12:00 - 000011453 _____ C:\Users\Ela\Desktop\Proba rodzice - Radom.xlsx
  233. 2018-06-09 16:11 - 2018-06-09 17:07 - 000000000 ____D C:\Users\Ela\Desktop\BP JEDLIŃSK
  234. 2018-06-09 16:11 - 2018-06-09 16:34 - 000000000 ____D C:\Users\Ela\Desktop\BP PROMNA
  235. 2018-05-28 17:59 - 2018-06-04 09:14 - 000000000 ____D C:\Users\Ela\Desktop\ORANGE MAJ
  236. 2018-05-23 22:23 - 2018-06-22 17:29 - 000001520 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
  237. 2018-05-23 22:23 - 2018-05-23 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
  238.  
  239. ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
  240.  
  241. (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
  242.  
  243. 2018-06-22 17:35 - 2009-07-14 06:34 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  244. 2018-06-22 17:35 - 2009-07-14 06:34 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  245. 2018-06-22 17:33 - 2011-04-12 07:08 - 000740098 _____ C:\Windows\system32\perfh015.dat
  246. 2018-06-22 17:33 - 2011-04-12 07:08 - 000155672 _____ C:\Windows\system32\perfc015.dat
  247. 2018-06-22 17:33 - 2010-11-20 23:01 - 001669190 _____ C:\Windows\system32\PerfStringBackup.INI
  248. 2018-06-22 17:33 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
  249. 2018-06-22 17:29 - 2017-03-14 19:42 - 000000000 ____D C:\ProgramData\Kaspersky Lab
  250. 2018-06-22 17:27 - 2018-05-17 14:59 - 000002422 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
  251. 2018-06-22 17:27 - 2017-03-11 17:20 - 000000000 ____D C:\Users\Ela\AppData\Roaming\Skype
  252. 2018-06-22 17:27 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
  253. 2018-06-22 17:01 - 2017-03-06 18:12 - 000000000 ____D C:\Program Files\Java
  254. 2018-06-22 11:26 - 2017-04-25 22:37 - 000000000 ____D C:\Program Files\Google
  255. 2018-06-22 11:16 - 2017-03-11 16:44 - 000000000 ____D C:\Program Files\CADAS
  256. 2018-06-22 11:07 - 2017-03-11 16:33 - 000000000 ____D C:\Users\Ela\AppData\Local\Google
  257. 2018-06-20 12:34 - 2018-04-16 18:39 - 000000000 ____D C:\Users\Ela\Desktop\PRZYCHODNIE
  258. 2018-06-20 12:29 - 2017-03-11 17:29 - 000000000 ___RD C:\Users\Ela\Documents\Scanned Documents
  259. 2018-06-18 20:42 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\NDF
  260. 2018-06-14 16:37 - 2017-03-11 16:34 - 000002365 _____ C:\Users\Ela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  261. 2018-06-14 16:37 - 2017-03-11 16:34 - 000002328 _____ C:\Users\Ela\Desktop\Google Chrome.lnk
  262. 2018-06-14 16:30 - 2017-03-11 16:27 - 000000000 ____D C:\Program Files\Opera
  263. 2018-06-09 17:07 - 2017-06-28 07:40 - 000000000 ____D C:\Users\Ela\Desktop\LINK do zsyłania GFK
  264. 2018-06-08 11:27 - 2018-03-14 17:02 - 000000000 ____D C:\Users\Ela\Desktop\SA D 2018
  265. 2018-06-07 12:26 - 2017-03-07 18:28 - 000000000 ____D C:\Users\Ela\AppData\LocalLow\Mozilla
  266. 2018-06-07 12:22 - 2017-04-25 22:36 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
  267. 2018-06-07 12:22 - 2017-04-25 22:36 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
  268. 2018-06-07 12:22 - 2017-04-25 22:36 - 000000000 ____D C:\Windows\system32\Macromed
  269. 2018-06-06 10:34 - 2009-07-14 06:53 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
  270. 2018-05-23 22:23 - 2017-03-14 19:42 - 000000000 ____D C:\Program Files\Kaspersky Lab
  271.  
  272. Niektóre pliki w TEMP:
  273. ====================
  274. 2017-08-20 11:36 - 2017-08-20 11:36 - 000740416 _____ (Oracle Corporation) C:\Users\Ela\AppData\Local\Temp\jre-8u144-windows-au.exe
  275. 2013-04-10 16:25 - 2013-04-10 16:25 - 001044048 ____N (CANON INC.) C:\Users\Ela\AppData\Local\Temp\MSETUP4.EXE
  276. 2017-04-10 12:01 - 2017-04-10 12:01 - 014456872 _____ (Microsoft Corporation) C:\Users\Ela\AppData\Local\Temp\vc_redist.x86.exe
  277.  
  278. ==================== Bamital & volsnap ======================
  279.  
  280. (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
  281.  
  282. C:\Windows\explorer.exe => Plik podpisany cyfrowo
  283. C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
  284. C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
  285. C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
  286. C:\Windows\system32\services.exe => Plik podpisany cyfrowo
  287. C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
  288. C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
  289. C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
  290. C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
  291. C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
  292.  
  293. LastRegBack: 2018-06-21 12:26
  294.  
  295. ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!