Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 16.01.2019 01 Uruchomiony przez Mati (administrator) MAATI (18-01-2019 15:53:23) Uruchomiony z C:\Users\Mati\Downloads Załadowane profile: Mati (Dostępne profile: Mati & DefaultAppPool) Platform: Windows 10 Pro Wersja 1803 17134.523 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe () C:\ProgramData\MobileBrServ\tray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [1088944 2016-05-11] () HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [KiesTrayAgent] => D:\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-2534086357-1650472834-3664258757-1001\...\Run: [GG] => C:\Users\Mati\AppData\Local\GG\Application\gghub.exe [4078144 2015-03-31] (GG Network S.A.) HKU\S-1-5-21-2534086357-1650472834-3664258757-1001\...\Run: [screenSHU] => D:\screenSHU\screenSHU.exe [2112000 2013-09-04] () HKU\S-1-5-21-2534086357-1650472834-3664258757-1001\...\Run: [Facebook Update] => C:\Users\Mati\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-12-06] (Facebook Inc.) HKU\S-1-5-21-2534086357-1650472834-3664258757-1001\...\Run: [DAEMON Tools Lite Automount] => D:\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd) HKU\S-1-5-21-2534086357-1650472834-3664258757-1001\...\Run: [Spotify Web Helper] => C:\Users\Mati\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-02] (Spotify Ltd) HKU\S-1-5-21-2534086357-1650472834-3664258757-1001\...\MountPoints2: {40e2c997-730b-11e8-a000-0c5b8f279a64} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2534086357-1650472834-3664258757-1001\...\MountPoints2: {e05cc3f0-392f-11e8-9ff0-0c5b8f279a64} - "I:\HiSuiteDownLoader.exe" HKLM\...\Drivers32: [VIDC.CFHD] => C:\WINDOWS\system32\CFHD.dll [1334784 2016-05-11] (CineForm Inc.) HKLM\...\Drivers32-x32: [VIDC.CFHD] => C:\WINDOWS\SysWOW64\CFHD.dll [1119744 2016-05-11] (CineForm Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\Users\Mati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk [2017-05-19] ShortcutTarget: OpenOffice.org 2.4.lnk -> C:\Program Files (x86)\OpenOffice.org 2.4\program\quickstart.exe () CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{0584a56f-ba14-488f-b5d4-43e5044b6ec3}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{12ce2709-2087-45a0-902a-d92cdf044297}: [DhcpNameServer] 37.8.214.2 31.11.202.254 Tcpip\..\Interfaces\{13491d72-9e33-4524-bf47-fbba68f439eb}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{1bd3f707-6e45-445a-81c6-4a80a64ffc7f}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{235be876-8f2c-4143-ab1c-777af161d143}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{2498f8ee-bf49-4cc5-a4be-e3c4307d8be8}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{29a6bd20-b2aa-40d8-8c99-0ed4c4a58408}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{62b52c17-a77a-487a-bcf3-54e685161bff}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{7f83dd4a-7181-48de-a3f6-05b5071e13c1}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{b3fc6bd7-ac92-494c-89df-a430f225655e}: [DhcpNameServer] 37.8.214.2 31.11.202.254 Tcpip\..\Interfaces\{b5c10b82-7ea3-44a5-9f06-0ef6efc99ffb}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{d4dcaaf6-38dd-4b2d-acc4-f075a54dc2d3}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{fe8aa873-7c47-4341-a546-e5e5efc3aa05}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-03] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-03] (Oracle Corporation) BHO-x32: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\Users\Mati\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-11-03] (GG Network S.A.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab FireFox: ======== FF DefaultProfile: 59nkat27.default-1509225104313 FF ProfilePath: C:\Users\Mati\AppData\Roaming\Mozilla\Firefox\Profiles\59nkat27.default-1509225104313 [2019-01-18] FF Extension: (Tab Reloader (page auto refresh)) - C:\Users\Mati\AppData\Roaming\Mozilla\Firefox\Profiles\59nkat27.default-1509225104313\Extensions\jid0-bnmfwWw2w2w4e4edvcdDbnMhdVg@jetpack.xpi [2018-06-18] FF Extension: (AdBlock) - C:\Users\Mati\AppData\Roaming\Mozilla\Firefox\Profiles\59nkat27.default-1509225104313\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-12-05] FF Extension: (Adblock Plus – wersja rozwojowa) - C:\Users\Mati\AppData\Roaming\Mozilla\Firefox\Profiles\59nkat27.default-1509225104313\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-04] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] () FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-03] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-03] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.) FF Plugin HKU\S-1-5-21-2534086357-1650472834-3664258757-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mati\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-2534086357-1650472834-3664258757-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mati\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) StartMenuInternet: Firefox-89C7CB5556C69D1E - D:\firefox.exe Chrome: ======= CHR Profile: C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Default [2019-01-16] CHR Extension: (Prezentacje) - C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-04] CHR Extension: (Dokumenty) - C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-04] CHR Extension: (Dysk Google) - C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-09] CHR Extension: (YouTube) - C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-09] CHR Extension: (Arkusze) - C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-04] CHR Extension: (Dokumenty Google offline) - C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-13] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-13] CHR Extension: (Gmail) - C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-09] CHR Extension: (Chrome Media Router) - C:\Users\Mati\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-18] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-06-06] (Digital Wave Ltd.) S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd) R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-11] () R2 Huawei E3372; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2014-03-07] () R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [Brak podpisu cyfrowego] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes) S3 npggsvc; C:\Windows\system32\GameMon.des [7677008 2017-10-16] (INCA Internet Co., Ltd.) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [41952 2016-10-27] (VIA Technologies, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.) S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-12-18] () [Brak podpisu cyfrowego] S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-12-18] () [Brak podpisu cyfrowego] R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-05-24] (Disc Soft Ltd) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes) S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [226560 2017-07-26] (Huawei Technologies Co., Ltd.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-18] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-18] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-18] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-18] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-18] (Malwarebytes) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek ) R3 RTL8023x64; C:\WINDOWS\System32\drivers\Rtnic64.sys [51712 2018-04-12] (Realtek Semiconductor Corporation ) R3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation) U3 idsvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-01-18 15:53 - 2019-01-18 15:54 - 000017327 _____ C:\Users\Mati\Downloads\FRST.txt 2019-01-18 15:53 - 2019-01-18 15:53 - 000000000 ____D C:\FRST 2019-01-18 15:52 - 2019-01-18 15:52 - 002427904 _____ (Farbar) C:\Users\Mati\Downloads\FRST64.exe 2019-01-18 15:36 - 2019-01-18 15:36 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2019-01-18 15:35 - 2019-01-18 15:35 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2019-01-18 15:35 - 2019-01-18 15:35 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2019-01-18 15:01 - 2019-01-18 15:01 - 000147776 _____ C:\Users\Mati\Desktop\Extras.Txt 2019-01-18 14:59 - 2019-01-18 14:59 - 000223496 _____ C:\Users\Mati\Desktop\OTL.Txt 2019-01-18 14:38 - 2019-01-18 14:38 - 000602112 _____ (OldTimer Tools) C:\Users\Mati\Downloads\OTL.exe 2019-01-18 14:28 - 2019-01-18 14:28 - 007320272 _____ (Malwarebytes) C:\Users\Mati\Downloads\adwcleaner_7.2.6.0.exe 2019-01-18 14:27 - 2019-01-18 14:27 - 000000000 ____D C:\Users\Mati\AppData\Local\mbam 2019-01-18 14:25 - 2019-01-18 14:25 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-01-18 14:25 - 2019-01-18 14:25 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-01-18 14:25 - 2019-01-18 14:25 - 000001918 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-01-18 14:25 - 2019-01-18 14:25 - 000000000 ____D C:\Users\Mati\AppData\Local\mbamtray 2019-01-18 14:25 - 2019-01-18 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-01-18 14:25 - 2019-01-18 14:25 - 000000000 ____D C:\Program Files\Malwarebytes 2019-01-18 14:25 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-01-18 14:24 - 2019-01-18 14:24 - 082357464 _____ (Malwarebytes ) C:\Users\Mati\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8830.exe 2019-01-18 14:24 - 2019-01-18 14:24 - 000000000 ____D C:\ProgramData\MB2Migration 2019-01-10 14:48 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-01-10 14:48 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-01-10 14:48 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-01-10 14:48 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-01-10 14:48 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-01-10 14:48 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-01-10 14:48 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-01-10 14:48 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-01-10 14:48 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-01-10 14:48 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-01-10 14:48 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-01-10 14:48 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-01-10 14:48 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-01-10 14:48 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-01-10 14:48 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-01-10 14:48 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-01-10 14:48 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-01-10 14:48 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-01-10 14:47 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-01-10 14:47 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll 2019-01-10 14:47 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2019-01-10 14:47 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll 2019-01-10 14:47 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-01-10 14:47 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll 2019-01-10 14:47 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2019-01-10 14:47 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll 2019-01-10 14:47 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2019-01-10 14:47 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-01-10 14:47 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-01-10 14:47 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-01-10 14:47 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-01-10 14:47 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-01-10 14:47 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-01-10 14:47 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-01-10 14:47 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-01-10 14:47 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-01-10 14:47 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-01-10 14:47 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-01-10 14:47 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-01-10 14:47 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2019-01-10 14:47 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2019-01-10 14:47 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2019-01-10 14:47 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2019-01-10 14:47 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll 2019-01-10 14:47 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-01-10 14:47 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-01-10 14:47 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll 2019-01-10 14:47 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-01-10 14:47 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-01-10 14:47 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-01-10 14:47 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2019-01-10 14:47 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2019-01-10 14:47 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-01-10 14:47 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-01-10 14:47 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2019-01-10 14:47 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll 2019-01-10 14:47 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-01-10 14:47 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2019-01-10 14:47 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2019-01-10 14:47 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2019-01-10 14:47 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-01-10 14:47 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-01-10 14:47 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2019-01-10 14:47 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-01-10 14:47 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-01-10 14:47 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-01-10 14:47 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2019-01-10 14:47 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-01-10 14:47 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-01-10 14:47 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll 2019-01-10 14:47 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2019-01-10 14:47 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2019-01-10 14:47 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-01-10 14:47 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-01-10 14:47 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-01-10 14:47 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2019-01-10 14:47 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-01-10 14:47 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll 2019-01-10 14:47 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-01-10 14:47 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2019-01-10 14:47 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-01-10 14:47 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2019-01-10 14:47 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2019-01-10 14:47 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-01-10 14:47 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2019-01-10 14:47 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim 2019-01-10 14:47 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-01-08 17:26 - 2019-01-08 17:26 - 006161920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2019-01-05 18:22 - 2019-01-05 18:22 - 000320144 _____ (Mozilla) C:\Users\Mati\Downloads\Firefox Installer(5).exe 2019-01-05 18:20 - 2019-01-05 18:20 - 000320144 _____ (Mozilla) C:\Users\Mati\Downloads\Firefox Installer(4).exe 2019-01-05 12:03 - 2019-01-05 12:03 - 000320144 _____ (Mozilla) C:\Users\Mati\Downloads\Firefox Installer(3).exe 2018-12-31 18:45 - 2018-12-31 18:45 - 001172536 _____ (Roblox Corporation) C:\Users\Mati\Downloads\RobloxPlayerLauncher.exe 2018-12-20 01:21 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2018-12-20 01:21 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2018-12-20 01:21 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-12-20 01:21 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-12-20 01:21 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-12-20 01:21 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2018-12-20 01:21 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-12-20 01:21 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2018-12-20 01:21 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-12-20 01:21 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-12-20 01:21 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2018-12-20 01:21 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2018-12-20 01:21 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2018-12-20 01:21 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-12-20 01:21 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2018-12-20 01:21 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-12-20 01:21 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-01-18 15:52 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-01-18 15:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-01-18 15:35 - 2016-11-18 12:54 - 000000000 ____D C:\Users\Mati\AppData\LocalLow\Mozilla 2019-01-18 15:34 - 2018-05-24 14:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-01-18 15:34 - 2018-05-24 13:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-01-18 15:34 - 2018-01-25 19:13 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-01-18 15:34 - 2014-10-04 15:23 - 000000000 ____D C:\Program Files\Microsoft Silverlight 2019-01-18 15:34 - 2014-10-04 15:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2019-01-18 15:34 - 2014-08-18 21:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-01-18 14:49 - 2017-10-28 19:30 - 000000000 ____D C:\Users\Mati\AppData\Roaming\PopupBlocker 2019-01-18 14:30 - 2015-01-16 17:11 - 000000000 ____D C:\AdwCleaner 2019-01-18 14:25 - 2015-01-16 17:01 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-01-18 09:29 - 2018-05-24 14:14 - 000004204 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9F57249C-AFC9-45D1-9A1F-90A08943AF1F} 2019-01-18 05:28 - 2014-10-09 15:11 - 000032756 _____ C:\Users\Mati\Desktop\Nowy dokument tekstowy.txt 2019-01-17 18:51 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-01-15 23:29 - 2014-10-06 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2019-01-13 14:22 - 2018-01-26 10:41 - 000001317 _____ C:\Users\Mati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-01-13 14:22 - 2018-01-25 19:12 - 000000000 ____D C:\Users\Mati\AppData\Local\Mozilla Firefox 2019-01-11 16:56 - 2018-05-24 13:53 - 000000000 ____D C:\Users\Mati 2019-01-11 14:02 - 2016-10-19 14:59 - 000000000 ___RD C:\Users\Mati\Desktop\Nowy folder (2) 2019-01-10 20:28 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-01-10 20:28 - 2017-07-22 17:39 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2019-01-10 20:27 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-01-10 20:27 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-01-10 14:56 - 2014-07-11 10:08 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-01-10 14:54 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-01-10 14:54 - 2014-07-11 10:08 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-01-08 17:26 - 2018-05-24 14:14 - 000004666 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier 2019-01-08 17:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-01-08 17:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-01-02 20:41 - 2018-09-13 09:59 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-01-02 20:41 - 2018-09-13 09:59 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-12-31 18:41 - 2018-05-27 11:54 - 000001475 _____ C:\Users\Mati\Desktop\Roblox Player.lnk 2018-12-31 18:41 - 2018-05-27 11:53 - 000001290 _____ C:\Users\Mati\Desktop\Roblox Studio.lnk 2018-12-31 18:41 - 2018-05-27 11:53 - 000000254 _____ C:\Users\Mati\AppData\LocalLow\rbxcsettings.rbx 2018-12-31 18:41 - 2018-05-27 11:53 - 000000000 ____D C:\Users\Mati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2018-12-28 13:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-12-28 00:43 - 2015-01-24 22:14 - 000000000 ____D C:\ProgramData\ipla 2018-12-28 00:42 - 2015-01-24 22:14 - 000000000 ____D C:\Users\Mati\AppData\Roaming\ipla 2018-12-20 12:41 - 2018-05-24 14:14 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2534086357-1650472834-3664258757-1001 2018-12-20 12:41 - 2018-05-24 13:53 - 000002451 _____ C:\Users\Mati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-12-20 12:41 - 2016-07-29 20:06 - 000000000 ___RD C:\Users\Mati\OneDrive 2018-12-20 12:38 - 2018-05-24 13:48 - 002046022 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-12-20 12:38 - 2018-04-12 16:54 - 000886622 _____ C:\WINDOWS\system32\perfh015.dat 2018-12-20 12:38 - 2018-04-12 16:54 - 000197722 _____ C:\WINDOWS\system32\perfc015.dat 2018-12-20 12:38 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2018-12-20 01:03 - 2018-05-24 14:14 - 000003568 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-12-20 01:03 - 2018-05-24 14:14 - 000003444 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-10-28 19:30 - 2017-10-28 19:30 - 000003584 _____ () C:\Users\Mati\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-09-03 00:28 - 2017-09-03 00:28 - 000000000 _____ () C:\Users\Mati\AppData\Local\{3618947F-ACDA-4C5A-B18C-4542CA4C38DD} ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo UWAGA: ====> ZeroAccess. Użyj DeleteJunctionsIndirectory: C:\WINDOWS\system64 LastRegBack: 2018-05-24 13:44 ==================== Koniec FRST.txt ============================