Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15.04.2019 01 Uruchomiony przez Rox (administrator) T540P (16-04-2019 18:18:12) Uruchomiony z C:\Users\Rox\Downloads Załadowane profile: Rox (Dostępne profile: Rox) Platform: Windows 8.1 Pro (Update) (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe (Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Users\Rox\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe (Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe (Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Users\Rox\AppData\Local\Temp\TeamViewer\TeamViewer.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Users\Rox\AppData\Local\Temp\TeamViewer\tv_w32.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Users\Rox\AppData\Local\Temp\TeamViewer\tv_x64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Users\Rox\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [347216 2017-02-23] (Lenovo -> Lenovo Group Limited) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2823848 2015-02-05] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1203488 2016-12-05] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-13] (Google LLC -> Google Inc.) IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll GroupPolicy: Ograniczenia ? <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{59077F04-83BC-48A2-92D7-1250A5F175F7}: [NameServer] 194.204.152.34,8.8.8.8 Tcpip\..\Interfaces\{59077F04-83BC-48A2-92D7-1250A5F175F7}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{E3145421-C4B3-4ECC-93C9-F57AE18992DF}: [DhcpNameServer] 192.168.137.1 Internet Explorer: ================== BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-30] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-30] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR NewTab: Default -> Active:"chrome-extension://dpjamkmjmigaoobjbekmfgabipmfilij/empty_ntp.html" CHR DefaultSearchKeyword: Default -> lp CHR Profile: C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default [2019-04-16] CHR Extension: (Prezentacje) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-21] CHR Extension: (Dokumenty) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-21] CHR Extension: (Dysk Google) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-21] CHR Extension: (YouTube) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-21] CHR Extension: (uBlock Origin) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-04-03] CHR Extension: (Empty New Tab Page) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij [2018-10-21] CHR Extension: (Arkusze) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-21] CHR Extension: (Nano Defender) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggolfgbegefeeoocgjbmkembbncoadlb [2019-04-16] CHR Extension: (Dokumenty Google offline) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-21] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-03-24] CHR Extension: (Backspace to go Back) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlffgllnjjkheddehpolbanogdeaogbc [2018-10-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-21] CHR Extension: (Gmail) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-21] CHR Extension: (Chrome Media Router) - C:\Users\Rox\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344184 2016-06-03] (Intel Corporation - pGFX -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-12-05] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [774560 2018-03-28] (Lenovo -> Lenovo.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-06-25] (Intel Corporation -> ) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324552 2018-03-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 TeamViewer; C:\Users\Rox\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe [11786992 2018-11-14] (TeamViewer GmbH -> TeamViewer GmbH) <==== UWAGA R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848800 2018-06-25] (Intel Corporation -> Intel® Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [529904 2015-08-13] (Intel(R) Intel Network Drivers -> Intel Corporation) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [145424 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-10-04] (Intel(R) Software -> Intel Corporation) R3 MbmUsbSerial; C:\Windows\System32\Drivers\MbmUsbSerial.sys [72704 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Ericsson AB) R3 MkBusFilter; C:\Windows\System32\drivers\MbmDeviceFilter.sys [26624 2013-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Ericsson AB) R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3586072 2018-05-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [43216 2018-03-28] (Lenovo -> Lenovo.) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [32936 2015-02-05] (Synaptics Incorporated -> Synaptics Incorporated) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [725264 2016-12-07] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) R3 wmbclass; C:\Windows\System32\drivers\wmbclass.sys [267264 2017-12-10] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-04-16 18:18 - 2019-04-16 18:19 - 000015080 _____ C:\Users\Rox\Downloads\FRST.txt 2019-04-16 18:17 - 2019-04-16 18:18 - 000000000 ____D C:\FRST 2019-04-16 18:16 - 2019-04-16 18:17 - 002434048 _____ (Farbar) C:\Users\Rox\Downloads\FRST64.exe 2019-04-16 16:07 - 2019-04-16 16:07 - 000000000 ____D C:\Users\Rox\AppData\Local\mbamtray 2019-04-16 16:07 - 2019-04-16 16:07 - 000000000 ____D C:\Users\Rox\AppData\Local\mbam 2019-04-16 16:02 - 2019-04-16 16:03 - 062787888 _____ (Malwarebytes ) C:\Users\Rox\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.10170.exe 2019-04-16 16:00 - 2019-04-16 16:00 - 007025360 _____ (Malwarebytes) C:\Users\Rox\Downloads\adwcleaner_7.3 (1).exe 2019-04-16 15:42 - 2019-04-02 03:16 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-04-16 15:42 - 2019-03-30 22:57 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2019-04-16 15:42 - 2019-03-26 18:11 - 007079936 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2019-04-16 15:42 - 2019-03-26 17:57 - 005276160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2019-04-16 15:42 - 2019-03-26 17:40 - 007798272 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2019-04-16 15:42 - 2019-03-26 17:35 - 005270528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2019-04-16 15:42 - 2019-03-26 10:16 - 001311976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-04-16 15:42 - 2019-03-26 08:14 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-04-16 15:42 - 2019-03-26 08:00 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll 2019-04-16 15:42 - 2019-03-26 07:52 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-04-16 15:42 - 2019-03-26 07:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-04-16 15:42 - 2019-03-26 07:40 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-04-16 15:42 - 2019-03-26 07:12 - 020280832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-04-16 15:42 - 2019-03-26 07:08 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-04-16 15:42 - 2019-03-26 07:06 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-04-16 15:42 - 2019-03-26 07:05 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-04-16 15:42 - 2019-03-26 07:00 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-04-16 15:42 - 2019-03-26 06:56 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-04-16 15:42 - 2019-03-26 06:51 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-04-16 15:42 - 2019-03-26 06:48 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-04-16 15:42 - 2019-03-26 06:48 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-04-16 15:42 - 2019-03-26 06:24 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-04-16 15:42 - 2019-03-26 06:21 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2019-04-16 15:42 - 2019-03-26 06:08 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-04-16 15:42 - 2019-03-26 06:04 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-04-16 15:42 - 2019-03-21 03:29 - 002452432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2019-04-16 15:42 - 2019-03-16 06:03 - 002535664 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-04-16 15:42 - 2019-03-16 05:46 - 000805176 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-04-16 15:42 - 2019-03-16 05:36 - 001902752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-04-16 15:42 - 2019-03-16 05:29 - 000611656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-04-16 15:42 - 2019-03-16 04:51 - 001755136 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2019-04-16 15:42 - 2019-03-16 04:49 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2019-04-16 15:42 - 2019-03-16 04:48 - 003324416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-04-16 15:42 - 2019-03-16 04:47 - 003617280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2019-04-16 15:42 - 2019-03-16 04:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-04-16 15:42 - 2019-03-16 04:39 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2019-04-16 15:42 - 2019-03-14 07:57 - 007368952 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-04-16 15:42 - 2019-03-14 07:56 - 001677024 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-04-16 15:42 - 2019-03-14 07:56 - 001537560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-04-16 15:42 - 2019-03-13 21:13 - 001369096 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2019-04-16 15:42 - 2019-03-09 18:51 - 001115136 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2019-04-16 15:42 - 2019-03-09 18:43 - 003822080 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2019-04-16 15:42 - 2019-03-09 18:35 - 001085952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2019-04-16 15:42 - 2019-03-09 18:31 - 003274752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2019-04-16 15:42 - 2019-03-09 18:28 - 002348544 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-04-16 15:42 - 2019-03-09 18:19 - 001550848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2019-04-16 15:42 - 2019-03-09 18:01 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2019-04-16 15:42 - 2019-03-09 16:20 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-04-16 15:42 - 2019-03-09 16:20 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2019-04-16 15:42 - 2019-03-09 16:20 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll 2019-04-16 15:42 - 2019-03-09 16:20 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-04-16 15:42 - 2019-03-09 16:20 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2019-04-16 15:42 - 2019-02-24 16:43 - 001308456 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-04-16 15:42 - 2019-02-21 19:34 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2019-04-16 15:42 - 2019-02-12 05:48 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll 2019-04-16 15:42 - 2019-02-09 20:55 - 022373096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2019-04-16 15:42 - 2019-02-09 20:23 - 019790664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2019-04-16 15:41 - 2019-03-26 07:40 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-04-16 15:41 - 2019-03-26 07:22 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-04-16 15:41 - 2019-03-26 07:15 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-04-16 15:41 - 2019-03-26 07:10 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-04-16 15:41 - 2019-03-26 07:09 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-04-16 15:41 - 2019-03-26 06:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-04-16 15:41 - 2019-03-26 06:36 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-04-16 15:41 - 2019-03-26 06:29 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-04-16 15:41 - 2019-03-26 06:26 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2019-04-16 15:41 - 2019-03-26 06:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2019-04-16 15:41 - 2019-03-26 06:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-04-16 15:41 - 2019-03-26 06:22 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2019-04-16 15:41 - 2019-03-26 06:02 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-04-16 15:41 - 2019-03-09 19:08 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll 2019-04-16 15:41 - 2019-03-09 18:47 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll 2019-04-16 15:41 - 2019-02-21 19:36 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-04-16 15:41 - 2019-02-21 19:35 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-04-16 15:41 - 2019-02-21 19:34 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-04-16 15:41 - 2019-02-21 18:31 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2019-04-13 20:30 - 2019-04-13 20:31 - 000000000 ____D C:\AdwCleaner 2019-04-13 20:30 - 2019-04-13 20:30 - 007025360 _____ (Malwarebytes) C:\Users\Rox\Downloads\adwcleaner_7.3.exe 2019-04-07 12:58 - 2019-04-02 10:59 - 000018432 _____ C:\Windows\system32\SppExtComObjHook.dll 2019-04-07 12:55 - 2019-04-07 12:55 - 000088058 _____ C:\Users\Rox\Downloads\KMS_VL_ALL-master.zip 2019-04-05 10:15 - 2019-04-05 10:15 - 001669922 _____ C:\Users\Rox\Desktop\Obraz.jpg.jpeg 2019-04-05 10:13 - 2019-04-05 10:13 - 000000000 ___RD C:\Users\Rox\Documents\Scanned Documents 2019-04-05 10:13 - 2019-04-05 10:13 - 000000000 ____D C:\Users\Rox\Documents\Fax 2019-04-02 14:55 - 2019-04-02 14:55 - 000045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys 2019-03-31 21:40 - 2019-03-31 21:40 - 003248140 _____ C:\Users\Rox\Desktop\Kobiety_z_bloku_10.pdf 2019-03-31 21:38 - 2019-03-31 21:38 - 007705625 _____ C:\Users\Rox\Desktop\Finansowy ninja - Michał Szafrański.pdf 2019-03-31 21:37 - 2019-03-31 21:38 - 000007855 _____ C:\Users\Rox\Downloads\abc kosmetyki naturalnej magdalena przybylak.pdf 2019-03-31 20:25 - 2014-04-30 15:14 - 000000000 ____D C:\Users\Rox\Desktop\matemaks 2019-03-31 20:00 - 2019-03-31 20:01 - 106989577 _____ C:\Users\Rox\Desktop\matemaks.zip 2019-03-30 22:27 - 2019-03-30 22:28 - 034637478 _____ C:\Users\Rox\Downloads\Bestiariusz Słowianski.rar 2019-03-30 22:22 - 2019-03-30 22:22 - 002048798 _____ C:\Users\Rox\Downloads\Slow_Fashion.pdf 2019-03-30 22:22 - 2019-03-30 22:22 - 002048798 _____ C:\Users\Rox\Desktop\Slow_Fashion.pdf 2019-03-30 22:21 - 2019-03-30 22:21 - 001847944 _____ C:\Users\Rox\Desktop\Slow Life. Zwolnij i zacznij zy - Joanna Glogaza.pdf 2019-03-30 22:20 - 2019-03-30 22:21 - 001847944 _____ C:\Users\Rox\Downloads\Slow Life. Zwolnij i zacznij zy - Joanna Glogaza.pdf 2019-03-30 22:20 - 2017-04-10 17:51 - 000688557 _____ C:\Users\Rox\Desktop\Minimalizm dla zaawansowanych - Anna Mularczyk-Meyer.pdf 2019-03-30 22:19 - 2019-03-30 22:19 - 001328565 _____ C:\Users\Rox\Downloads\Minimalizm dla zaawansowanych.zip 2019-03-30 22:19 - 2019-03-30 22:19 - 001328565 _____ C:\Users\Rox\Desktop\Minimalizm dla zaawansowanych.zip 2019-03-30 21:27 - 2019-03-30 21:27 - 000057740 _____ C:\Users\Rox\Downloads\Sapała Marta - Mniej. Intymny portret zakupowy Polaków.pdf 2019-03-30 21:23 - 2015-10-15 19:11 - 000764107 _____ C:\Users\Rox\Desktop\Magia sprzatania - Marie Kondo.pdf 2019-03-30 21:22 - 2019-03-30 21:22 - 000000000 ____D C:\Users\Rox\Desktop\Magia sprzatania - Marie Kondo 2019-03-30 21:21 - 2019-03-30 21:21 - 003897319 _____ C:\Users\Rox\Downloads\Magia sprzatania - Marie Kondo.rar 2019-03-19 19:50 - 2019-03-19 19:50 - 004656026 _____ C:\Users\Rox\Downloads\Masuria.pdf ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-04-16 18:14 - 2018-10-21 21:44 - 000000000 __SHD C:\Users\Rox\IntelGraphicsProfiles 2019-04-16 18:14 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-04-16 18:13 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-04-16 18:10 - 2013-08-22 16:44 - 000411400 _____ C:\Windows\system32\FNTCACHE.DAT 2019-04-16 18:10 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf 2019-04-16 18:09 - 2018-10-26 19:04 - 000000000 ____D C:\Windows\system32\MRT 2019-04-16 18:09 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData 2019-04-16 17:52 - 2018-10-26 19:03 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-04-16 17:43 - 2018-10-21 21:05 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2082278982-3105163005-1747690810-1001 2019-04-16 17:35 - 2018-10-21 21:30 - 000003274 _____ C:\Windows\System32\Tasks\DolbySelectorTask 2019-04-16 17:28 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp 2019-04-16 15:19 - 2019-02-14 17:37 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-04-16 09:09 - 2018-10-21 23:27 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update 2019-04-13 21:18 - 2018-10-21 23:13 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-04-13 20:18 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\LiveKernelReports 2019-04-13 19:41 - 2018-10-21 21:15 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-04-13 19:41 - 2018-10-21 21:15 - 000002209 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-04-07 13:07 - 2014-11-21 01:03 - 001825074 _____ C:\Windows\system32\PerfStringBackup.INI 2019-04-07 13:07 - 2014-11-21 00:04 - 000807160 _____ C:\Windows\system32\perfh015.dat 2019-04-07 13:07 - 2014-11-21 00:04 - 000163478 _____ C:\Windows\system32\perfc015.dat 2019-04-07 13:02 - 2018-12-01 22:09 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi 2019-04-07 13:02 - 2018-12-01 22:09 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi 2019-04-05 10:15 - 2018-10-21 22:28 - 000001760 _____ C:\Users\Rox\Desktop\MPC-HC x64.lnk 2019-04-05 10:04 - 2018-10-21 21:00 - 000000000 ____D C:\Users\Rox\AppData\Local\Packages 2019-03-31 13:01 - 2019-02-17 17:25 - 000000000 ____D C:\Users\Rox\Desktop\anglijskij jazyk 2019-03-30 18:10 - 2018-10-21 21:15 - 000003480 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2019-03-30 18:10 - 2018-10-21 21:15 - 000003352 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2019-03-29 22:07 - 2014-11-21 09:06 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-03-29 22:07 - 2014-11-21 09:06 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-03-19 19:41 - 2019-03-16 23:00 - 020158415 _____ C:\Users\Rox\Desktop\presentation.pptx ==================== Pliki w katalogu głównym wybranych folderów ======= 2018-10-21 23:19 - 2018-10-21 23:19 - 000007599 _____ () C:\Users\Rox\AppData\Local\Resmon.ResmonCfg Niektóre pliki w TEMP: ==================== 2018-10-21 23:16 - 2012-11-10 20:29 - 000178760 ____R (Microsoft Corporation) C:\Users\Rox\AppData\Local\Temp\ose00000.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\dllhost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\dllhost.exe => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2019-03-31 17:46 ==================== Koniec FRST.txt ============================