Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 20.06.2018
- Uruchomiony przez Ela (administrator) KOMPUTER (22-06-2018 17:41:54)
- Uruchomiony z C:\Users\Ela\Downloads
- Załadowane profile: Ela (Dostępne profile: Ela)
- Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Język: Polski (Polska)
- Internet Explorer Wersja 11 (Domyślna przeglądarka: IE)
- Tryb startu: Normal
- Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- () C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
- (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
- (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
- (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
- (Intel Corporation) C:\Windows\System32\igfxtray.exe
- (Intel Corporation) C:\Windows\System32\hkcmd.exe
- (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
- (Intel Corporation) C:\Windows\System32\igfxpers.exe
- (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
- (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
- (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
- (OLYMPUS IMAGING CORP.) C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
- (Microsoft Corporation) C:\Windows\System32\rundll32.exe
- (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
- (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
- (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
- (AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Users\Ela\AppData\Local\Google\Chrome\Application\chrome.exe
- ==================== Rejestr (filtrowane) ===========================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2017-03-06] ()
- HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
- HKLM\...\Run: [] => [X]
- HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
- HKU\S-1-5-21-530610989-3515677142-4144176666-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27793888 2017-05-05] (Skype Technologies S.A.)
- HKU\S-1-5-21-530610989-3515677142-4144176666-1000\...\Run: [Google Update] => C:\Users\Ela\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-20] (Google Inc.)
- HKU\S-1-5-21-530610989-3515677142-4144176666-1000\...\MountPoints2: {127b1832-5194-11e7-81c4-6c626d8467b2} - E:\HiSuiteDownLoader.exe
- HKU\S-1-5-21-530610989-3515677142-4144176666-1000\...\MountPoints2: {127b183d-5194-11e7-81c4-6c626d8467b2} - E:\HiSuiteDownLoader.exe
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk [2017-03-11]
- ShortcutTarget: Device Detector 3.lnk -> C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.)
- Startup: C:\Users\Ela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP DeskJet 3630 series.lnk [2018-06-22]
- ShortcutTarget: Powiadomienia monitorowania tuszu - HP DeskJet 3630 series.lnk -> C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{81011129-77A5-4320-9ADA-F17F4F55A55D}: [DhcpNameServer] 192.168.1.1
- Internet Explorer:
- ==================
- HKU\S-1-5-21-530610989-3515677142-4144176666-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wp.pl/
- HKU\S-1-5-21-530610989-3515677142-4144176666-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=pl-pl
- SearchScopes: HKU\S-1-5-21-530610989-3515677142-4144176666-1000 -> DefaultScope {36B54FCE-B8AF-470D-BF97-CDAC9242FE9A} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
- SearchScopes: HKU\S-1-5-21-530610989-3515677142-4144176666-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
- SearchScopes: HKU\S-1-5-21-530610989-3515677142-4144176666-1000 -> {36B54FCE-B8AF-470D-BF97-CDAC9242FE9A} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
- BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-17] (AO Kaspersky Lab)
- BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
- BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-06-22] (Oracle Corporation)
- BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
- BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-22] (Oracle Corporation)
- Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
- Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-17] (AO Kaspersky Lab)
- Toolbar: HKU\S-1-5-21-530610989-3515677142-4144176666-1000 -> Brak nazwy - {093F479D-712E-46CD-9E06-62E734A05F68} - Brak pliku
- Toolbar: HKU\S-1-5-21-530610989-3515677142-4144176666-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
- FireFox:
- ========
- FF DefaultProfile: 9vk3ob1f.default-1489243759327-1528354998213
- FF ProfilePath: C:\Users\Ela\AppData\Roaming\Mozilla\Firefox\Profiles\9vk3ob1f.default-1489243759327-1528354998213 [2018-06-07]
- FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => nie znaleziono
- FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
- FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-05-17]
- FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
- FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-22] (Oracle Corporation)
- FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-22] (Oracle Corporation)
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
- FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
- FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
- FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
- FF Plugin HKU\S-1-5-21-530610989-3515677142-4144176666-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Ela\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
- FF Plugin HKU\S-1-5-21-530610989-3515677142-4144176666-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Ela\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
- Chrome:
- =======
- CHR Profile: C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default [2018-06-22]
- CHR Extension: (Prezentacje) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-22]
- CHR Extension: (Dokumenty) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-22]
- CHR Extension: (Dysk Google) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-24]
- CHR Extension: (YouTube) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-24]
- CHR Extension: (Dokumenty Google offline) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-24]
- CHR Extension: (Kaspersky Protection) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-06-22]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-22]
- CHR Extension: (Gmail) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-04]
- CHR Extension: (Chrome Media Router) - C:\Users\Ela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-22]
- CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
- ==================== Usługi (filtrowane) ====================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- S2 AVP18.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
- R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-04-11] () [Brak podpisu cyfrowego]
- R2 KSDE2.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
- R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes)
- R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego]
- R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego]
- R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
- ===================== Sterowniki (filtrowane) ======================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [176864 2016-12-26] (AO Kaspersky Lab)
- R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128736 2018-05-24] (Malwarebytes)
- R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [165296 2016-10-01] (AO Kaspersky Lab)
- R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [62184 2017-12-25] (AO Kaspersky Lab)
- R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [98504 2018-05-17] (AO Kaspersky Lab)
- R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [69000 2016-05-31] (AO Kaspersky Lab)
- R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [164032 2018-05-17] (AO Kaspersky Lab)
- R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [659136 2018-05-17] (AO Kaspersky Lab)
- R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [835272 2018-05-17] (AO Kaspersky Lab)
- R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49344 2018-05-17] (AO Kaspersky Lab)
- R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [50400 2016-12-23] (AO Kaspersky Lab)
- R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [51424 2016-12-07] (AO Kaspersky Lab)
- R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45552 2017-12-25] (AO Kaspersky Lab)
- R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48056 2016-06-07] (The OpenVPN Project)
- R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75760 2017-12-25] (AO Kaspersky Lab)
- R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [121544 2018-05-17] (AO Kaspersky Lab)
- R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [165088 2017-12-25] (AO Kaspersky Lab)
- R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [165088 2018-06-22] (Malwarebytes)
- R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [93920 2018-06-22] (Malwarebytes)
- R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40160 2018-06-22] (Malwarebytes)
- R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [220896 2018-06-22] (Malwarebytes)
- R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [73848 2018-06-22] (Malwarebytes)
- S3 VNUSB; C:\Windows\System32\DRIVERS\VNUSB.sys [38496 2006-04-07] (OLYMPUS IMAGING CORP.) [Brak podpisu cyfrowego]
- U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2017-04-11] (Huawei Technologies Co., Ltd.)
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Jeden miesiąc - utworzone pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-06-22 17:41 - 2018-06-22 17:42 - 000016422 _____ C:\Users\Ela\Downloads\FRST.txt
- 2018-06-22 17:41 - 2018-06-22 17:41 - 001773056 _____ (Farbar) C:\Users\Ela\Downloads\FRST (1).exe
- 2018-06-22 17:41 - 2018-06-22 17:41 - 000000000 ____D C:\FRST
- 2018-06-22 17:40 - 2018-06-22 17:40 - 001773056 _____ (Farbar) C:\Users\Ela\Downloads\FRST.exe
- 2018-06-22 17:28 - 2018-06-22 17:29 - 007372496 _____ (Malwarebytes) C:\Users\Ela\Downloads\AdwCleaner (1).exe
- 2018-06-22 17:25 - 2018-06-22 17:26 - 000000000 ____D C:\AdwCleaner
- 2018-06-22 17:25 - 2018-06-22 17:25 - 007372496 _____ (Malwarebytes) C:\Users\Ela\Downloads\AdwCleaner.exe
- 2018-06-22 17:15 - 2018-06-22 17:15 - 000000000 ___HD C:\Windows\msdownld.tmp
- 2018-06-22 17:12 - 2018-06-22 17:12 - 000002097 _____ C:\Users\Ela\Desktop\ CAPI - przeprowadzanie wywiadów.lnk
- 2018-06-22 17:12 - 2018-06-22 17:12 - 000002088 _____ C:\Users\Ela\Desktop\ CMI - synchronizacja wyników.lnk
- 2018-06-22 17:12 - 2018-06-22 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CADAS
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000413696 _____ C:\Windows\system32\jsound.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000380928 _____ C:\Windows\system32\jmmpa.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000282624 _____ C:\Windows\system32\jmh261.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000184320 _____ C:\Windows\system32\jmvh263.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000143360 _____ C:\Windows\system32\jmjpeg.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000106496 _____ C:\Windows\system32\jmh263enc.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000098304 _____ C:\Windows\system32\jmg723.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000077824 _____ C:\Windows\system32\jmmpegv.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000073728 _____ C:\Windows\system32\jmutil.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000057344 _____ C:\Windows\system32\jmgsm.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000053248 _____ C:\Windows\system32\jmam.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000049152 _____ C:\Windows\system32\jmcvid.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000049152 _____ C:\Windows\system32\jmacm.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000045056 _____ C:\Windows\system32\jmvfw.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000040960 _____ C:\Windows\system32\jmdaud.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000036864 _____ C:\Windows\system32\jmvcm.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000036864 _____ C:\Windows\system32\jmgdi.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000032768 _____ C:\Windows\system32\jmfjawt.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000032768 _____ C:\Windows\system32\jmddraw.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000028672 _____ C:\Windows\system32\jmmci.dll
- 2018-06-22 17:12 - 2006-08-09 10:06 - 000028672 _____ C:\Windows\system32\jmdaudc.dll
- 2018-06-22 17:04 - 2018-06-22 17:05 - 094823000 _____ (CADAS Software ) C:\Users\Ela\Downloads\CAPI4.98.exe
- 2018-06-22 17:01 - 2018-06-22 17:01 - 000096712 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
- 2018-06-22 17:01 - 2018-06-22 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
- 2018-06-22 17:01 - 2018-06-22 17:01 - 000000000 ____D C:\Program Files\Common Files\Oracle
- 2018-06-22 17:01 - 2018-06-22 17:01 - 000000000 ____D C:\Program Files\Common Files\Java
- 2018-06-22 11:40 - 2018-06-22 17:27 - 000093920 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
- 2018-06-22 11:40 - 2018-06-22 17:27 - 000073848 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
- 2018-06-22 11:40 - 2018-06-22 17:27 - 000040160 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
- 2018-06-22 11:40 - 2018-06-22 11:40 - 000165088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
- 2018-06-22 11:39 - 2018-06-22 17:27 - 000220896 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
- 2018-06-22 11:39 - 2018-06-22 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
- 2018-06-22 11:39 - 2018-06-22 11:39 - 000000000 ____D C:\ProgramData\Malwarebytes
- 2018-06-22 11:39 - 2018-06-22 11:39 - 000000000 ____D C:\Program Files\Malwarebytes
- 2018-06-22 11:39 - 2018-05-24 06:55 - 000128736 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
- 2018-06-22 11:38 - 2018-06-22 11:39 - 074347856 _____ (Malwarebytes ) C:\Users\Ela\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5566.exe
- 2018-06-22 11:20 - 2018-06-22 11:25 - 306528624 _____ C:\Users\Ela\Downloads\OM-SrvAdmin-Dell-Web-WINX64-9.1.0-2757_A00.exe
- 2018-06-22 11:09 - 2018-06-22 11:09 - 000000000 ____D C:\Program Files\RegCleaner
- 2018-06-22 11:08 - 2018-06-22 11:08 - 000553687 _____ C:\Users\Ela\Downloads\RegCleaner(dobreprogramy.pl).exe
- 2018-06-21 18:41 - 2018-06-21 18:52 - 000010352 _____ C:\Users\Ela\Desktop\Baza_PKO_Warszawa.xlsx
- 2018-06-20 12:34 - 2018-06-20 12:40 - 000000000 ____D C:\Users\Ela\Desktop\Przychodnie lipiec , sierpień, wrzesień
- 2018-06-15 17:07 - 2018-06-18 12:00 - 000011453 _____ C:\Users\Ela\Desktop\Proba rodzice - Radom.xlsx
- 2018-06-09 16:11 - 2018-06-09 17:07 - 000000000 ____D C:\Users\Ela\Desktop\BP JEDLIŃSK
- 2018-06-09 16:11 - 2018-06-09 16:34 - 000000000 ____D C:\Users\Ela\Desktop\BP PROMNA
- 2018-05-28 17:59 - 2018-06-04 09:14 - 000000000 ____D C:\Users\Ela\Desktop\ORANGE MAJ
- 2018-05-23 22:23 - 2018-06-22 17:29 - 000001520 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
- 2018-05-23 22:23 - 2018-05-23 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
- ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-06-22 17:35 - 2009-07-14 06:34 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2018-06-22 17:35 - 2009-07-14 06:34 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2018-06-22 17:33 - 2011-04-12 07:08 - 000740098 _____ C:\Windows\system32\perfh015.dat
- 2018-06-22 17:33 - 2011-04-12 07:08 - 000155672 _____ C:\Windows\system32\perfc015.dat
- 2018-06-22 17:33 - 2010-11-20 23:01 - 001669190 _____ C:\Windows\system32\PerfStringBackup.INI
- 2018-06-22 17:33 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
- 2018-06-22 17:29 - 2017-03-14 19:42 - 000000000 ____D C:\ProgramData\Kaspersky Lab
- 2018-06-22 17:27 - 2018-05-17 14:59 - 000002422 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
- 2018-06-22 17:27 - 2017-03-11 17:20 - 000000000 ____D C:\Users\Ela\AppData\Roaming\Skype
- 2018-06-22 17:27 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
- 2018-06-22 17:01 - 2017-03-06 18:12 - 000000000 ____D C:\Program Files\Java
- 2018-06-22 11:26 - 2017-04-25 22:37 - 000000000 ____D C:\Program Files\Google
- 2018-06-22 11:16 - 2017-03-11 16:44 - 000000000 ____D C:\Program Files\CADAS
- 2018-06-22 11:07 - 2017-03-11 16:33 - 000000000 ____D C:\Users\Ela\AppData\Local\Google
- 2018-06-20 12:34 - 2018-04-16 18:39 - 000000000 ____D C:\Users\Ela\Desktop\PRZYCHODNIE
- 2018-06-20 12:29 - 2017-03-11 17:29 - 000000000 ___RD C:\Users\Ela\Documents\Scanned Documents
- 2018-06-18 20:42 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\NDF
- 2018-06-14 16:37 - 2017-03-11 16:34 - 000002365 _____ C:\Users\Ela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2018-06-14 16:37 - 2017-03-11 16:34 - 000002328 _____ C:\Users\Ela\Desktop\Google Chrome.lnk
- 2018-06-14 16:30 - 2017-03-11 16:27 - 000000000 ____D C:\Program Files\Opera
- 2018-06-09 17:07 - 2017-06-28 07:40 - 000000000 ____D C:\Users\Ela\Desktop\LINK do zsyłania GFK
- 2018-06-08 11:27 - 2018-03-14 17:02 - 000000000 ____D C:\Users\Ela\Desktop\SA D 2018
- 2018-06-07 12:26 - 2017-03-07 18:28 - 000000000 ____D C:\Users\Ela\AppData\LocalLow\Mozilla
- 2018-06-07 12:22 - 2017-04-25 22:36 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
- 2018-06-07 12:22 - 2017-04-25 22:36 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
- 2018-06-07 12:22 - 2017-04-25 22:36 - 000000000 ____D C:\Windows\system32\Macromed
- 2018-06-06 10:34 - 2009-07-14 06:53 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
- 2018-05-23 22:23 - 2017-03-14 19:42 - 000000000 ____D C:\Program Files\Kaspersky Lab
- Niektóre pliki w TEMP:
- ====================
- 2017-08-20 11:36 - 2017-08-20 11:36 - 000740416 _____ (Oracle Corporation) C:\Users\Ela\AppData\Local\Temp\jre-8u144-windows-au.exe
- 2013-04-10 16:25 - 2013-04-10 16:25 - 001044048 ____N (CANON INC.) C:\Users\Ela\AppData\Local\Temp\MSETUP4.EXE
- 2017-04-10 12:01 - 2017-04-10 12:01 - 014456872 _____ (Microsoft Corporation) C:\Users\Ela\AppData\Local\Temp\vc_redist.x86.exe
- ==================== Bamital & volsnap ======================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- C:\Windows\explorer.exe => Plik podpisany cyfrowo
- C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
- C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
- C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
- C:\Windows\system32\services.exe => Plik podpisany cyfrowo
- C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
- C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
- C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
- C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
- C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
- LastRegBack: 2018-06-21 12:26
- ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement