Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 06.06.2018 01 Uruchomiony przez MMD (administrator) MD (06-06-2018 19:31:03) Uruchomiony z C:\Users\MMD\Downloads Załadowane profile: MMD (Dostępne profile: MMD) Platform: Windows 10 Home Wersja 1803 17134.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7569624 2014-04-04] (Realtek Semiconductor) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-281455975-2981323210-2720791483-1001\...\Run: [f.lux] => C:\Users\MMD\AppData\Local\FluxSoftware\Flux\flux.exe [1805832 2018-06-01] (f.lux Software LLC) HKU\S-1-5-21-281455975-2981323210-2720791483-1001\...\Run: [Google Update] => C:\Users\MMD\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-16] (Google Inc.) HKU\S-1-5-21-281455975-2981323210-2720791483-1001\...\Run: [Spotify Web Helper] => C:\Users\MMD\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-12-25] (Spotify Ltd) HKU\S-1-5-21-281455975-2981323210-2720791483-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) Startup: C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2015-04-07] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation) CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{a0e3aa59-f51e-42fd-bdaa-0c65c0a91732}: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{b4e60c7a-7c97-457a-8a8a-8f83bc7d87b6}: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{bb5d1848-07d1-437d-b28c-e0c3bae6711e}: [NameServer] 89.108.202.20 89.108.195.20 Tcpip\..\Interfaces\{f4873de7-c751-4225-94b3-cfb8c28a232b}: [DhcpNameServer] 194.168.4.100 194.168.8.100 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-281455975-2981323210-2720791483-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D051618-A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016 HKU\S-1-5-21-281455975-2981323210-2720791483-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/175 SearchScopes: HKLM -> {E171FB04-9356-477C-89CD-75BF397BE28B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {E171FB04-9356-477C-89CD-75BF397BE28B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-281455975-2981323210-2720791483-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D051618-A21ABFDD9D88F4162B1F&form=CONBDF&conlogo=CT3332016&q={searchTerms} SearchScopes: HKU\S-1-5-21-281455975-2981323210-2720791483-1001 -> {E171FB04-9356-477C-89CD-75BF397BE28B} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-23] (HP Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-03] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-03] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-23] (HP Inc.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\MMD\AppData\Roaming\Mozilla\Firefox\Profiles\xg2je891.default [2018-06-06] FF Homepage: Mozilla\Firefox\Profiles\xg2je891.default -> hxxps://program.trwalamotywacja.pl/wiedza/1 FF NewTab: Mozilla\Firefox\Profiles\xg2je891.default -> hxxp://www.bing.com/?pc=COSP&ptag=D051618-A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016 FF Extension: (Screengrab!) - C:\Users\MMD\AppData\Roaming\Mozilla\Firefox\Profiles\xg2je891.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2018-05-20] FF Extension: (LeechBlock) - C:\Users\MMD\AppData\Roaming\Mozilla\Firefox\Profiles\xg2je891.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387} [2017-11-07] [Przestarzałe] FF Extension: (Adblock Plus) - C:\Users\MMD\AppData\Roaming\Mozilla\Firefox\Profiles\xg2je891.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-17] FF Extension: (YouTube mp3 Downloader) - C:\Users\MMD\AppData\Roaming\Mozilla\Firefox\Profiles\xg2je891.default\Extensions\{defe5404-0b6f-4cce-a119-ee0df858e5f9}.xpi [2018-05-01] FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\MMD\AppData\Roaming\Mozilla\Firefox\Profiles\xg2je891.default\features\{10ddc333-ed12-4345-80f6-5df459a46267}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-05-31] [Przestarzałe] FF SearchPlugin: C:\Users\MMD\AppData\Roaming\Mozilla\Firefox\Profiles\xg2je891.default\searchplugins\bing-lavasoft-ff59.xml [2018-05-17] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Brak pliku] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-03] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-03] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Brak pliku] FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\MMD\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [Brak pliku] FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\MMD\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [Brak pliku] FF Plugin HKU\S-1-5-21-281455975-2981323210-2720791483-1001: @citrixonline.com/appdetectorplugin -> C:\Users\MMD\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-01-09] (Citrix Online) FF Plugin HKU\S-1-5-21-281455975-2981323210-2720791483-1001: @tools.google.com/Google Update;version=3 -> C:\Users\MMD\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.) FF Plugin HKU\S-1-5-21-281455975-2981323210-2720791483-1001: @tools.google.com/Google Update;version=9 -> C:\Users\MMD\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.) FF Plugin HKU\S-1-5-21-281455975-2981323210-2720791483-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MMD\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-281455975-2981323210-2720791483-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\MMD\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-09-07] (Zoom Video Communications, Inc.) Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-06-06] CHR Extension: (Tłumacz Google) - C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-31] CHR Extension: (Dokumenty) - C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31] CHR Extension: (Arkusze) - C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31] CHR Extension: (Dokumenty Google offline) - C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-23] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-12] CHR Extension: (Chrome Media Router) - C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-12] CHR Profile: C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-10-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-03] CHR Extension: (e-pity - dodatek) - C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2017-10-03] CHR Extension: (Chrome Media Router) - C:\Users\MMD\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-03] CHR Profile: C:\Users\MMD\AppData\Local\Google\Chrome\User Data\System Profile [2017-06-23] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\MMD\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-02-06] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.) R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor) S4 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] () S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-31] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-31] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 A38CCID; C:\WINDOWS\system32\DRIVERS\a38ccid.sys [62976 2014-11-13] (Advanced Card Systems Ltd.) S3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53760 2017-12-18] (HP) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2018-03-21] () S0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [39936 2017-12-18] (HP) S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] () S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-13] () S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-11-27] (Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-16] (Realtek ) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation) S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-04-11] (Synaptics Incorporated) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated) R1 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-09-12] (Oracle Corporation) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [116232 2015-03-16] (Oracle Corporation) R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-05-31] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313384 2018-05-31] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-31] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34960 2018-02-02] (HP) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-06-06 18:15 - 2018-06-06 18:15 - 000000020 ___SH C:\Users\MMD\ntuser.ini 2018-06-06 18:04 - 2018-06-06 18:05 - 000002762 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForMMD 2018-06-06 18:04 - 2018-06-06 18:04 - 000003730 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-281455975-2981323210-2720791483-1001UA 2018-06-06 18:04 - 2018-06-06 18:04 - 000003696 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-281455975-2981323210-2720791483-1001UA1d259282f821940 2018-06-06 18:04 - 2018-06-06 18:04 - 000003682 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-06-06 18:04 - 2018-06-06 18:04 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2018-06-06 18:04 - 2018-06-06 18:04 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-281455975-2981323210-2720791483-1001Core 2018-06-06 18:04 - 2018-06-06 18:04 - 000003428 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-281455975-2981323210-2720791483-1001Core1d259282f62b3b3 2018-06-06 18:04 - 2018-06-06 18:04 - 000003378 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2018-06-06 18:04 - 2018-06-06 18:04 - 000003334 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1454515065 2018-06-06 18:04 - 2018-06-06 18:04 - 000003168 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-281455975-2981323210-2720791483-1001 2018-06-06 18:04 - 2018-06-06 18:04 - 000003072 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-281455975-2981323210-2720791483-1001 2018-06-06 18:04 - 2018-06-06 18:04 - 000002988 _____ C:\WINDOWS\System32\Tasks\e-pity2015a_kwiecien 2018-06-06 18:04 - 2018-06-06 18:04 - 000002986 _____ C:\WINDOWS\System32\Tasks\e-pity2015a_styczen 2018-06-06 18:04 - 2018-06-06 18:04 - 000002908 _____ C:\WINDOWS\System32\Tasks\e-pity2015_styczen 2018-06-06 18:04 - 2018-06-06 18:04 - 000002908 _____ C:\WINDOWS\System32\Tasks\e-pity2015_kwiecien 2018-06-06 18:04 - 2018-06-06 18:04 - 000002884 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-281455975-2981323210-2720791483-1001 2018-06-06 18:04 - 2018-06-06 18:04 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-281455975-2981323210-2720791483-1001 2018-06-06 18:04 - 2018-06-06 18:04 - 000002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-281455975-2981323210-2720791483-1001 2018-06-06 18:04 - 2018-06-06 18:04 - 000002716 _____ C:\WINDOWS\System32\Tasks\update-sys 2018-06-06 18:04 - 2018-06-06 18:04 - 000002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2018-06-06 18:04 - 2018-06-06 18:04 - 000002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-281455975-2981323210-2720791483-500 2018-06-06 18:04 - 2018-06-06 18:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-06-06 18:04 - 2018-06-06 18:04 - 000000000 _SHDL C:\Users\Default\AppData\Local\Tymczasowe pliki internetowe 2018-06-06 18:04 - 2018-06-06 18:04 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Tymczasowe pliki internetowe 2018-06-06 18:04 - 2018-06-06 18:04 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-281455975-2981323210-2720791483-1001 2018-06-06 18:04 - 2018-06-06 18:04 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard 2018-06-06 18:04 - 2018-06-06 18:04 - 000000000 ____D C:\WINDOWS\System32\Tasks\GenericSettingsHandler 2018-06-06 18:04 - 2014-06-17 18:00 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2619973407-1329570448-1536944319-500 2018-06-06 18:04 - 2014-04-29 08:29 - 000003590 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-37761814-486657476-4141987126-500 2018-06-06 18:04 - 2014-04-02 10:35 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1725350855-1927001909-1276192757-500 2018-06-06 18:02 - 2018-06-06 18:04 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2018-06-06 18:02 - 2018-06-06 18:04 - 000007623 _____ C:\WINDOWS\diagerr.xml 2018-06-06 17:41 - 2018-06-06 18:15 - 000000000 ____D C:\Users\MMD 2018-06-06 17:41 - 2018-06-06 17:53 - 001964594 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-06-06 17:41 - 2018-06-06 17:51 - 000000000 ____D C:\Users\MMD\Documents\hp.system.package.metadata 2018-06-06 17:41 - 2018-06-06 17:47 - 000000000 ____D C:\Users\MMD\AppData\Local\Microsoft Help 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\Ustawienia lokalne 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\Szablony 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\Moje dokumenty 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\Menu Start 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\Documents\Moje wideo 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\Documents\Moje obrazy 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\Documents\Moja muzyka 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\Dane aplikacji 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\AppData\Local\Tymczasowe pliki internetowe 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\AppData\Local\Historia 2018-06-06 17:41 - 2018-06-06 17:41 - 000000000 _SHDL C:\Users\MMD\AppData\Local\Dane aplikacji 2018-06-06 17:41 - 2018-04-12 00:34 - 000001105 _____ C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-06-06 17:41 - 2016-09-28 05:52 - 000000000 ____D C:\Users\MMD\Documents\hp.applications.package.appdata 2018-06-06 17:40 - 2018-06-06 17:40 - 000000000 ____D C:\ProgramData\USOShared 2018-06-06 17:39 - 2018-04-12 00:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2018-06-06 17:39 - 2017-10-20 16:43 - 000095216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2018-06-06 17:39 - 2017-10-20 16:43 - 000091120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2018-06-06 17:35 - 2018-06-06 18:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-06-06 17:35 - 2018-06-06 17:48 - 000403640 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-06-06 17:33 - 2018-06-06 18:05 - 000000000 ____D C:\Windows.old 2018-06-06 17:03 - 2018-06-06 17:34 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2018-06-06 17:02 - 2018-06-06 17:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2018-06-06 16:56 - 2018-06-06 16:56 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2018-06-06 16:56 - 2018-06-06 16:56 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-06-06 16:56 - 2018-06-06 16:56 - 000000000 ____D C:\Program Files\MSBuild 2018-06-06 16:56 - 2018-06-06 16:56 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2018-06-06 16:56 - 2018-06-06 16:56 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-06-06 16:56 - 2018-06-06 16:56 - 000000000 ____D C:\inetpub 2018-06-06 16:55 - 2018-03-05 16:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2018-06-06 16:55 - 2018-03-05 16:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2018-06-06 16:55 - 2018-03-05 16:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2018-06-06 16:54 - 2018-02-14 16:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2018-06-06 16:54 - 2018-02-14 16:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2018-06-06 16:54 - 2018-02-14 16:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2018-06-06 16:45 - 2018-06-06 16:45 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2018-06-06 16:23 - 2018-06-06 18:15 - 000000000 ___DC C:\WINDOWS\Panther 2018-06-06 15:53 - 2018-06-06 15:53 - 000000000 ___HD C:\$Windows.~WS 2018-06-06 14:56 - 2018-06-06 14:56 - 000004849 _____ C:\Users\MMD\Desktop\chrome — skrót .lnk 2018-06-06 14:51 - 2018-06-06 19:30 - 000000000 ____D C:\Users\MMD\Downloads\FRST-OlderVersion 2018-06-06 14:20 - 2018-06-06 14:20 - 028795184 _____ (MEGA Limited) C:\Users\MMD\Downloads\MEGAsyncSetup.exe 2018-06-06 12:04 - 2018-06-06 12:04 - 019119064 _____ (Microsoft Corporation) C:\Users\MMD\Downloads\MediaCreationTool1803.exe 2018-06-06 11:22 - 2018-06-06 11:24 - 000058117 _____ C:\Users\MMD\Downloads\Addition.txt 2018-06-06 11:20 - 2018-06-06 19:34 - 000021658 _____ C:\Users\MMD\Downloads\FRST.txt 2018-06-06 11:20 - 2018-06-06 19:31 - 000000000 ____D C:\FRST 2018-06-06 11:07 - 2018-06-06 19:30 - 002413056 _____ (Farbar) C:\Users\MMD\Downloads\FRST64.exe 2018-06-06 10:33 - 2018-06-06 15:51 - 000000738 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent aktualizacji do systemu Windows 10.lnk 2018-06-06 10:33 - 2018-06-06 15:51 - 000000726 _____ C:\Users\MMD\Desktop\Asystent aktualizacji do systemu Windows 10.lnk 2018-06-06 10:33 - 2018-06-06 10:33 - 000000000 ____D C:\Windows10Upgrade 2018-06-06 10:32 - 2018-06-06 10:32 - 006266272 _____ (Microsoft Corporation) C:\Users\MMD\Downloads\Windows10Upgrade9252.exe 2018-06-06 05:58 - 2018-06-06 06:43 - 000000000 _____ C:\Recovery.txt 2018-06-05 20:26 - 2018-06-05 20:26 - 000000000 ____D C:\Users\MMD\AppData\Local\D3DSCache 2018-06-05 20:16 - 2018-06-05 20:16 - 000014778 _____ C:\Users\MMD\Desktop\Dadas_AdaptiveRVI_Cross.ex4 2018-06-03 10:41 - 2018-06-03 12:58 - 000000000 ____D C:\Users\MMD\AppData\Local\PlaceholderTileLogoFolder 2018-06-02 21:14 - 2018-06-06 17:34 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal 2018-06-02 21:14 - 2018-06-06 17:34 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal 2018-06-02 21:14 - 2018-06-06 17:34 - 000000000 ___RD C:\WINDOWS\WebManagement 2018-05-31 20:11 - 2018-05-31 20:11 - 000000000 ____D C:\Users\MMD\Downloads\dyplom - dzien dziecka - 2018 2018-05-30 22:22 - 2018-05-30 22:22 - 000000000 ____D C:\Users\MMD\Downloads\dyplom - turniej cup - 2018 2018-05-30 22:17 - 2018-05-30 22:19 - 000000000 ____D C:\Users\MMD\AppData\Local\HP 2018-05-30 22:16 - 2018-05-30 22:19 - 000000000 ____D C:\Users\MMD\AppData\Roaming\HP_Easy_Start 2018-05-30 22:16 - 2018-05-30 22:16 - 005990280 _____ C:\Users\MMD\Downloads\HPEasyStart_7_5_3599_24.exe 2018-05-17 00:22 - 2018-06-06 19:31 - 000000000 ____D C:\KMPlayer 2018-05-17 00:16 - 2018-05-17 00:21 - 000000000 ____D C:\Users\MMD\.filmaura 2018-05-14 00:19 - 2018-05-14 00:19 - 001116414 _____ C:\Users\MMD\Desktop\Dominik Rettinger - Klasa.epub 2018-05-13 00:12 - 2018-05-13 00:12 - 000000997 _____ C:\Users\MMD\Desktop\Dadas.lnk 2018-05-13 00:11 - 2018-05-13 00:11 - 000001029 _____ C:\Users\MMD\Desktop\Norton PA.lnk 2018-05-10 14:23 - 2018-05-10 14:23 - 249710296 _____ C:\Users\MMD\Downloads\four-hour-chef_audio-book-64kps-higher-fidelity.zip 2018-05-10 10:28 - 2018-05-10 10:28 - 000010017 _____ C:\Users\MMD\AppData\Local\recently-used.xbel ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-06-06 18:35 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-06-06 18:35 - 2016-11-18 18:42 - 000000000 ____D C:\Users\MMD\AppData\LocalLow\Mozilla 2018-06-06 18:28 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-06-06 18:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-06-06 18:23 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2018-06-06 18:16 - 2017-12-12 15:36 - 000000000 ___RD C:\Users\MMD\3D Objects 2018-06-06 18:16 - 2014-08-31 21:52 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-06-06 18:15 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2018-06-06 18:15 - 2017-12-12 14:42 - 000000000 ____D C:\Users\MMD\AppData\Local\Packages 2018-06-06 18:15 - 2017-05-17 14:12 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2018-06-06 18:15 - 2014-09-01 00:00 - 000000000 __SHD C:\Users\MMD\IntelGraphicsProfiles 2018-06-06 18:05 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2018-06-06 18:04 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\windows nt 2018-06-06 18:04 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Defender 2018-06-06 18:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Registration 2018-06-06 18:01 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-06-06 17:57 - 2018-04-12 00:38 - 000000000 __RSD C:\WINDOWS\media 2018-06-06 17:57 - 2016-02-24 16:26 - 000023140 _____ C:\WINDOWS\system32\emptyregdb.dat 2018-06-06 17:53 - 2018-04-12 16:51 - 000855914 _____ C:\WINDOWS\system32\perfh015.dat 2018-06-06 17:53 - 2018-04-12 16:51 - 000187484 _____ C:\WINDOWS\system32\perfc015.dat 2018-06-06 17:53 - 2017-05-17 14:13 - 001992840 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2018-06-06 17:49 - 2014-10-12 15:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-06-06 17:47 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-06-06 17:47 - 2017-09-07 21:50 - 000000000 ____D C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2018-06-06 17:47 - 2017-04-18 12:09 - 000000000 ____D C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SBProV2 2018-06-06 17:47 - 2017-04-03 14:22 - 000000000 ____D C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber 2018-06-06 17:47 - 2017-02-16 22:41 - 000000000 ____D C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2018-06-06 17:47 - 2016-12-12 12:25 - 000000000 ____D C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2018-06-06 17:47 - 2015-09-21 10:47 - 000000000 ____D C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer 2018-06-06 17:45 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2018-06-06 17:40 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\USOPrivate 2018-06-06 17:40 - 2017-05-17 14:12 - 000005788 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip 2018-06-06 17:40 - 2017-05-17 14:12 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2018-06-06 17:40 - 2017-05-17 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos 2018-06-06 17:39 - 2017-05-17 14:12 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2018-06-06 17:38 - 2017-05-17 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2018-06-06 17:34 - 2018-04-12 16:53 - 000000000 ____D C:\WINDOWS\system32\nn-NO 2018-06-06 17:34 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2018-06-06 17:34 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\WCN 2018-06-06 17:34 - 2018-04-12 00:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\spool 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InputMethod 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\IME 2018-06-06 17:34 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-06-06 17:34 - 2018-03-30 20:13 - 000000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin 2018-06-06 17:34 - 2017-11-09 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO OpticsPro 11 2018-06-06 17:34 - 2017-09-18 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\QuickTime 2018-06-06 17:34 - 2017-09-18 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7 2018-06-06 17:34 - 2017-09-15 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-06-06 17:34 - 2017-06-26 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstaTrader 2018-06-06 17:34 - 2017-06-07 22:41 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3 2018-06-06 17:34 - 2017-05-17 14:11 - 000000000 ____D C:\Program Files\Intel 2018-06-06 17:34 - 2017-05-12 09:55 - 000000000 ____D C:\Program Files\UNP 2018-06-06 17:34 - 2017-05-09 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-06-06 17:34 - 2017-04-05 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Workrave 2018-06-06 17:34 - 2017-02-16 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2018-06-06 17:34 - 2016-09-24 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2018-06-06 17:34 - 2016-09-24 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2018-06-06 17:34 - 2016-08-02 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture 2018-06-06 17:34 - 2016-04-26 22:58 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers 2018-06-06 17:34 - 2016-04-08 08:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2018-06-06 17:34 - 2016-02-14 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2018-06-06 17:34 - 2015-12-17 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot 2018-06-06 17:34 - 2015-11-11 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NinjaTrader 7 2018-06-06 17:34 - 2015-10-30 20:23 - 000000000 ____D C:\WINDOWS\ShellNew 2018-06-06 17:34 - 2015-10-27 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2018-06-06 17:34 - 2015-10-20 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-pity 2018-06-06 17:34 - 2015-10-06 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MT4 Exchange 2018-06-06 17:34 - 2015-08-31 09:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble 2018-06-06 17:34 - 2015-07-09 08:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forex21 - Fx Pulse 2018-06-06 17:34 - 2015-02-04 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FxPro - MetaTrader 4 2018-06-06 17:34 - 2014-12-16 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2018-06-06 17:34 - 2014-09-12 01:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2018-06-06 17:34 - 2014-09-11 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader 4 Admiral Markets AS 2018-06-06 17:34 - 2014-09-10 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind 2018-06-06 17:34 - 2014-06-17 17:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat 2018-06-06 17:34 - 2014-04-29 08:37 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2018-06-06 17:34 - 2014-04-29 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe 2018-06-06 17:34 - 2014-04-29 08:26 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2018-06-06 17:34 - 2014-04-29 08:25 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2018-06-06 17:34 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-06-06 17:34 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2018-06-06 17:34 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2018-06-06 17:33 - 2018-04-12 00:41 - 000000000 ____D C:\WINDOWS\Setup 2018-06-06 17:07 - 2018-04-12 00:38 - 000000000 __RHD C:\Users\Public\Libraries 2018-06-06 17:04 - 2018-04-12 16:53 - 000000000 ____D C:\WINDOWS\OCR 2018-06-06 17:04 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2018-06-06 17:04 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2018-06-06 17:04 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2018-06-06 17:04 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\winrm 2018-06-06 17:04 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\slmgr 2018-06-06 17:04 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\et-EE 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\en-GB 2018-06-06 17:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2018-06-06 17:04 - 2017-05-17 14:12 - 000000000 ____D C:\WINDOWS\system32\SRSLabs 2018-06-06 17:03 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help 2018-06-06 17:03 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\appcompat 2018-06-06 17:03 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2018-06-06 17:03 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\system 2018-06-06 17:03 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2018-06-06 17:03 - 2017-05-17 14:12 - 000000000 ____D C:\Program Files\Realtek 2018-06-06 17:03 - 2017-05-17 14:10 - 000000000 ____D C:\Program Files\Synaptics 2018-06-06 17:03 - 2016-02-25 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia 2018-06-06 16:56 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2018-06-06 16:56 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MUI 2018-06-06 16:56 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2018-06-06 16:56 - 2018-04-12 00:35 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2018-06-06 16:56 - 2018-04-12 00:35 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2018-06-06 16:56 - 2018-04-12 00:35 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll 2018-06-06 16:56 - 2018-04-12 00:35 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2018-06-06 16:56 - 2018-04-12 00:33 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2018-06-06 16:20 - 2016-02-24 14:59 - 000000000 ____D C:\ESD 2018-06-05 20:18 - 2018-03-02 17:26 - 000000330 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMMD.job 2018-06-05 20:00 - 2015-08-10 09:16 - 000000000 ____D C:\Users\MMD\AppData\Roaming\Skype 2018-06-04 23:56 - 2017-12-14 02:27 - 000002153 _____ C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk 2018-06-03 08:45 - 2016-02-06 14:16 - 000002501 _____ C:\Users\MMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-06-03 08:06 - 2016-09-15 11:09 - 000000000 ____D C:\Program Files (x86)\HP 2018-05-31 21:01 - 2014-09-01 20:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-05-31 11:46 - 2018-03-14 00:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-05-30 18:21 - 2016-12-12 12:25 - 000000000 ____D C:\Users\MMD\AppData\Roaming\Telegram Desktop 2018-05-30 14:18 - 2017-04-18 12:09 - 000000000 ____D C:\Program Files (x86)\SBProV2 2018-05-30 14:17 - 2018-03-30 19:36 - 000001084 _____ C:\Users\Public\Desktop\SBPro.lnk 2018-05-30 08:15 - 2015-02-28 14:16 - 000000000 ____D C:\Users\MMD\AppData\Local\Adobe 2018-05-29 10:09 - 2014-10-23 23:07 - 000000000 ____D C:\Program Files (x86)\Opera 2018-05-24 13:04 - 2017-11-09 19:47 - 000000000 ____D C:\Users\MMD\Documents\DxO OpticsPro 11 logs 2018-05-19 19:09 - 2016-04-26 22:49 - 000000000 ____D C:\Users\MMD\AppData\Local\ElevatedDiagnostics 2018-05-17 12:18 - 2016-10-21 02:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-05-17 12:18 - 2014-09-01 20:28 - 000001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-05-14 22:54 - 2016-02-17 23:07 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-05-10 10:31 - 2015-09-03 11:42 - 000000000 ____D C:\Users\MMD\.gimp-2.8 2018-05-10 10:28 - 2015-09-03 12:46 - 000000000 ____D C:\Users\MMD\AppData\Local\gtk-2.0 2018-05-09 13:05 - 2014-09-02 13:30 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-05-09 13:00 - 2017-10-11 06:44 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-05-09 13:00 - 2014-09-02 13:30 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-09-10 23:42 - 2014-09-10 23:42 - 000000002 _____ () C:\Users\MMD\AppData\Roaming\Stardockfences_debug_info.txt 2017-04-27 22:17 - 2017-09-11 12:06 - 000000272 _____ () C:\Users\MMD\AppData\Local\custom_colors.cfg 2015-08-14 17:36 - 2015-08-14 17:36 - 013545694 _____ () C:\Users\MMD\AppData\Local\package.nw.new 2018-05-10 10:28 - 2018-05-10 10:28 - 000010017 _____ () C:\Users\MMD\AppData\Local\recently-used.xbel 2014-09-24 02:10 - 2015-09-30 20:59 - 000007610 _____ () C:\Users\MMD\AppData\Local\Resmon.ResmonCfg 2015-10-20 08:28 - 2016-02-03 07:16 - 000000002 _____ () C:\Users\MMD\AppData\Local\SendToWorkFiles.txt 2015-12-17 12:56 - 2015-12-17 12:56 - 000000003 _____ () C:\Users\MMD\AppData\Local\updater.log 2015-12-17 12:56 - 2015-12-17 12:56 - 000000424 _____ () C:\Users\MMD\AppData\Local\UserProducts.xml ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-06-06 17:35 ==================== Koniec FRST.txt ============================