wklejto.pl

Dodane przez: ~Anonim (2019-04-15 06:33) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Miki (administrator) on DESKTOP-LL8TNPO (15-04-2019 06:19:53)
Running from C:\Users\Miki\Downloads
Loaded Profiles: Miki (Available Profiles: Miki)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
() [File not signed] C:\Users\Miki\Documents\TransactionServices Inc\transactionservices.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() [File not signed] C:\Users\Miki\Documents\TransactionServices Inc\transactionservices.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCUpdate.exe
(Adobe Inc. -> Adobe) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\OLicenseHeartbeat.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Miki\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2019-02-13] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16464600 2000-01-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2019-04-05] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Multitimer] => C:\Program Files (x86)\Multitimer\Multitimer.exe [281600 2017-12-12] () [File not signed] <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\Run: [Discord] => C:\Users\Miki\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\Run: [transactionservicesmain] => C:\Users\Miki\Documents\TransactionServices Inc\transactionservices.exe.lnk [1962 2019-04-14] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-10] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\c4719f13b2\ceudwuuj.lnk [2019-04-14]
ShortcutTarget: ceudwuuj.lnk -> C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\c4719f13b2\ddjcgvvt.lnk [2019-04-14]
ShortcutTarget: ddjcgvvt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{df450caf-797e-47f1-9d5c-e0a5efd306af}: [NameServer] 82.163.143.146,82.163.142.148
Tcpip\..\Interfaces\{df450caf-797e-47f1-9d5c-e0a5efd306af}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ00r3BrunW_QwvOn21j5upz514xmHPGMmTHRFR4JVoFKIVzrWiyGkAJHhDCEQZMnjZRCLtMu4piMVzu7XpbDlKablmFkXruUmEMFbnaecBXHNvOVtfSHZNscUUtU_8W3QjadBFVR2mY-2wJ8WZaL9WkVkpGn38&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ00r3BrunW_QwvOn21j5upz514xmHPGMmTHRFR4JVoFKIVzrWiyGkAJHhDCEQZMnjZRCLtMu4piMVzu7XpbDlKablmFkXruUmEMFbnaecBXHNvOVtfSHZNscUUtU_8W3QjadBFVR2mY-2wJ8WZaL9WkVkpGn38&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3623133826-1210183299-932913162-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ00r3BrunW_QwvOn21j5upz514xmHPGMmTHRFR4JVoFKIVzrWiyGkAJHhDCEQZMnjZRCLtMu4piMVzu7XpbDlKablmFkXruUmEMFbnaecBXHNvOVtfSHZNscUUtU_8W3QjadBFVR2mY-2wJ8WZaL9WkVkpGn38&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 87m4950n.default
FF ProfilePath: C:\Users\Miki\AppData\Roaming\Mozilla\Firefox\Profiles\87m4950n.default [2019-04-14]
FF Homepage: Mozilla\Firefox\Profiles\87m4950n.default -> file:///C:/ProgramData/Quoteexs/ff.HP
FF NewTab: Mozilla\Firefox\Profiles\87m4950n.default -> file:///C:/ProgramData/Quoteexs/ff.NT
FF SearchPlugin: C:\Users\Miki\AppData\Roaming\Mozilla\Firefox\Profiles\87m4950n.default\searchplugins\findit.xml [2019-04-14]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3623133826-1210183299-932913162-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Miki\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-04-28] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ00r3BrunW_QwvOn21j5upz514xmHPGMmTHRFR4JVoFKIVzrWiyGkAJHhDCEQZMnjZX2hfjPqtMKWPjoRMVmQhou0notCvwpf0BIz7UsISGkuTvlfyofVutVndwjxUDt0t4-g8nAbsW8MSYktzDlujl2OuEP8r
CHR DefaultSearchURL: Default -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccZ00r3BrunW_QwvOn21j5upz514xmHPGMmTHRFR4JVoFKIVzrWiyGkAJHhDCEQZMnjZU_wLPc8CIR0X0muhUrwLKxHFAAppQcNAxBsaOHQBKsyqWyMlbHPtCe2tnPqqAppeuxnw1O9omDw-7NtPTFDcF1oGLGr6&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR Profile: C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default [2019-04-15]
CHR Extension: (Prezentacje) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-14]
CHR Extension: (Dokumenty) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Dysk Google) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-14]
CHR Extension: (YouTube) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-14]
CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-04]
CHR Extension: (Tampermonkey) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-02-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-04-02]
CHR Extension: (Arkusze) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-15]
CHR Extension: (AdBlock) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-13]
CHR Extension: (Bazz Search) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\inafjghmmkmiobijhbgkfekenbfbklhb [2019-04-14]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (No Name) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofohpmdcbdgcchmhmmcfdmbegompidlm [2019-04-14]
CHR Extension: (Gmail) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-14]
CHR Extension: (Chrome Media Router) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR Profile: C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-04-14]
CHR Extension: (chrome_filter) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\kljiogdfigecnffccfpmbeefjdfnhnge [2019-04-14]
CHR Extension: (No Name) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\ofohpmdcbdgcchmhmmcfdmbegompidlm [2019-04-14]
CHR Profile: C:\Users\Miki\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-14]
CHR Extension: (chrome_filter) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\kljiogdfigecnffccfpmbeefjdfnhnge [2019-04-14]
CHR Extension: (No Name) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ofohpmdcbdgcchmhmmcfdmbegompidlmhUTPzkVsbj [2019-04-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR Extension: (Adblocker for Youtube™) - C:\Users\Miki\AppData\Roaming\Opera Software\Opera Stable\Extensions\beablbkeolnmmgfdbpccjbnheidinhbk [2019-04-14]
OPR Extension: (chrome_filter) - C:\Users\Miki\AppData\Roaming\Opera Software\Opera Stable\Extensions\kljiogdfigecnffccfpmbeefjdfnhnge [2019-04-14]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-03-21] (Even Balance, Inc. -> )
S2 rcdll; C:\Users\Miki\AppData\Local\Temp\rcdll.exe [60928 2019-04-14] (Microsoft Corporation) [File not signed] <==== ATTENTION
S2 symsrv; C:\Program Files\windows nt\symsrv.exe [145168 2019-04-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 localNETService; C:\ProgramData\localNETService\localNETService.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 Quoteex; C:\ProgramData\\Quoteex\\Quoteex.exe shuz -f "C:\ProgramData\\Quoteex\\Quoteex.dat" -l -a <==== ATTENTION
S2 Smart Monitoring; "C:\Program Files (x86)\SmartData\bbaassd.exe" /srv [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-03-03] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-04-05] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-04-05] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-04-05] (ESET, spol. s r.o. -> ESET)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-02-04] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-04-15 06:19 - 2019-04-15 06:21 - 000021154 _____ C:\Users\Miki\Downloads\FRST.txt
2019-04-15 06:19 - 2019-04-15 06:19 - 002434048 _____ (Farbar) C:\Users\Miki\Downloads\FRST64.exe
2019-04-15 06:19 - 2019-04-15 06:19 - 000000000 ____D C:\FRST
2019-04-14 22:31 - 2019-04-14 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-04-14 22:31 - 2019-04-14 22:31 - 000000000 ____D C:\ProgramData\ESET
2019-04-14 22:31 - 2019-04-14 22:31 - 000000000 ____D C:\Program Files\ESET
2019-04-14 22:27 - 2019-04-14 22:27 - 348112170 _____ C:\Users\Miki\Downloads\ESET Security Pack 12.1.34.0  ( x32_x64 )( Multi_PL ) + License.rar
2019-04-14 22:27 - 2019-04-14 22:27 - 000000000 ____D C:\Users\Miki\Downloads\ESET Security Pack 12.1.34.0  ( x32_x64 )( Multi_PL ) + License
2019-04-14 22:24 - 2019-04-14 22:29 - 000000000 ____D C:\ProgramData\localNETService
2019-04-14 22:23 - 2019-04-14 22:23 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Miki\Downloads\esetonlinescanner_enu.exe
2019-04-14 22:23 - 2019-04-14 22:23 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Miki\Downloads\esetonlinescanner_enu (1).exe
2019-04-14 22:19 - 2019-04-15 06:10 - 000000000 ____D C:\Users\Miki\AppData\Roaming\gnn1tez3tyg
2019-04-14 22:19 - 2019-04-14 22:48 - 000000000 ____D C:\Program Files\KK5QO0S3A8
2019-04-14 22:19 - 2019-04-14 22:19 - 000000258 __RSH C:\Users\Miki\ntuser.pol
2019-04-14 22:12 - 2019-04-14 23:01 - 000000000 ____D C:\Program Files (x86)\OneSystemCare
2019-04-14 22:12 - 2019-04-14 22:53 - 000000000 ____D C:\Program Files (x86)\BDaKbhYEU
2019-04-14 22:12 - 2019-04-14 22:28 - 000000000 ____D C:\Users\Miki\AppData\Roaming\One System Care
2019-04-14 22:12 - 2019-04-14 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
2019-04-14 22:12 - 2019-04-14 22:12 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-04-14 22:12 - 2019-04-14 22:12 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-04-14 22:12 - 2019-04-14 22:12 - 000002638 _____ C:\WINDOWS\System32\Tasks\AnVDoMYPdlSYoXw
2019-04-14 22:12 - 2019-04-14 22:12 - 000000000 ____D C:\ProgramData\TDX4OEPW3IFW3TO0TJK2
2019-04-14 22:12 - 2019-04-14 22:12 - 000000000 ____D C:\ProgramData\{E998D8DB-85AE-5872-D698-F1D4D67FA885}
2019-04-14 22:12 - 2019-04-14 22:12 - 000000000 ____D C:\ProgramData\{287A7B2D-2658-9990-203B-131520DC4A44}
2019-04-14 22:11 - 2019-04-15 06:10 - 000000000 ____D C:\Users\Miki\AppData\Roaming\nknqvhlyzaw
2019-04-14 22:11 - 2019-04-14 22:53 - 000000000 ____D C:\Program Files (x86)\mhShVMQuuTUn
2019-04-14 22:11 - 2019-04-14 22:53 - 000000000 ____D C:\Program Files (x86)\aliyBIkXlIE
2019-04-14 22:11 - 2019-04-14 22:48 - 000000000 ____D C:\Program Files\ZJK2OJY4CF
2019-04-14 22:11 - 2019-04-14 22:48 - 000000000 ____D C:\Program Files\Homeville
2019-04-14 22:10 - 2019-04-14 22:53 - 000000000 ____D C:\WINDOWS\SysWOW64\fsgljvpt
2019-04-14 22:10 - 2019-04-14 22:53 - 000000000 ____D C:\ProgramData\c4719f13b2
2019-04-14 22:10 - 2019-04-14 22:48 - 000000000 ____D C:\Program Files (x86)\Espace
2019-04-14 22:10 - 2019-04-14 22:20 - 000000000 _____ C:\ProgramData\0
2019-04-14 22:10 - 2019-04-14 22:10 - 000000000 ____D C:\Program Files (x86)\Multitimer
2019-04-14 22:09 - 2019-04-14 23:03 - 000000000 __RHD C:\ProgramData\3FD5E53A
2019-04-14 22:09 - 2019-04-14 22:53 - 000000000 ____D C:\ProgramData\Garbage Cleaner
2019-04-14 22:09 - 2019-04-14 22:18 - 000000414 _____ C:\WINDOWS\Tasks\Updater_Online_Application.job
2019-04-14 22:09 - 2019-04-14 22:18 - 000000382 _____ C:\WINDOWS\Tasks\Online Application V2G6.job
2019-04-14 22:09 - 2019-04-14 22:18 - 000000382 _____ C:\WINDOWS\Tasks\Online Application V2G5.job
2019-04-14 22:09 - 2019-04-14 22:18 - 000000382 _____ C:\WINDOWS\Tasks\Online Application V2G4.job
2019-04-14 22:09 - 2019-04-14 22:18 - 000000382 _____ C:\WINDOWS\Tasks\Online Application V2G3.job
2019-04-14 22:09 - 2019-04-14 22:18 - 000000382 _____ C:\WINDOWS\Tasks\Online Application V2G2.job
2019-04-14 22:09 - 2019-04-14 22:18 - 000000382 _____ C:\WINDOWS\Tasks\Online Application V2G1.job
2019-04-14 22:09 - 2019-04-14 22:11 - 000000000 ____D C:\ProgramData\0eVgaZWLTNRJzN
2019-04-14 22:09 - 2019-04-14 22:09 - 000278528 _____ C:\Users\Miki\AppData\Local\cleartool.exe
2019-04-14 22:09 - 2019-04-14 22:09 - 000003308 _____ C:\WINDOWS\System32\Tasks\Updater_Online_Application
2019-04-14 22:09 - 2019-04-14 22:09 - 000003272 _____ C:\WINDOWS\System32\Tasks\Online Application V2G6
2019-04-14 22:09 - 2019-04-14 22:09 - 000003272 _____ C:\WINDOWS\System32\Tasks\Online Application V2G5
2019-04-14 22:09 - 2019-04-14 22:09 - 000003272 _____ C:\WINDOWS\System32\Tasks\Online Application V2G4
2019-04-14 22:09 - 2019-04-14 22:09 - 000003272 _____ C:\WINDOWS\System32\Tasks\Online Application V2G3
2019-04-14 22:09 - 2019-04-14 22:09 - 000003272 _____ C:\WINDOWS\System32\Tasks\Online Application V2G2
2019-04-14 22:09 - 2019-04-14 22:09 - 000003272 _____ C:\WINDOWS\System32\Tasks\Online Application V2G1
2019-04-14 22:09 - 2019-04-14 22:09 - 000002880 __RSH C:\ProgramData\ntuser.pol
2019-04-14 22:09 - 2019-04-14 22:09 - 000000000 ____D C:\ProgramData\Lamia
2019-04-14 22:09 - 2019-04-14 22:09 - 000000000 ____D C:\Program Files (x86)\Microleaves
2019-04-14 22:08 - 2019-04-14 22:53 - 000000000 ____D C:\Users\Miki\Documents\TransactionServices Inc
2019-04-14 22:08 - 2019-04-14 22:48 - 000000000 ____D C:\Users\Miki\AppData\Local\App
2019-04-14 22:08 - 2019-04-14 22:08 - 000015606 _____ C:\WINDOWS\SysWOW64\findit.xml
2019-04-14 22:08 - 2019-04-14 22:08 - 000001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lightcleaner.lnk
2019-04-14 22:08 - 2019-04-14 22:08 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Microleaves
2019-04-14 22:08 - 2019-04-14 22:08 - 000000000 ____D C:\Users\Miki\AppData\Local\AdvinstAnalytics
2019-04-14 22:08 - 2019-04-14 22:08 - 000000000 ____D C:\Program Files (x86)\TigerTrade
2019-04-14 22:08 - 2019-04-14 22:08 - 000000000 ____D C:\Program Files (x86)\lightcleaner
2019-04-14 22:07 - 2019-04-14 23:56 - 000000000 ____D C:\ProgramData\Quoteex
2019-04-14 22:07 - 2019-04-14 22:54 - 000000000 ____D C:\ProgramData\Logic Cramble
2019-04-14 22:07 - 2019-04-14 22:48 - 000000000 ____D C:\Program Files (x86)\SmartData
2019-04-14 22:07 - 2019-04-14 22:18 - 000000406 _____ C:\WINDOWS\Tasks\{J239HE2K-DJYX-GT3W-4YN2-ABH2SDXTVBVY}.job
2019-04-14 22:07 - 2019-04-14 22:08 - 000000000 ____D C:\ProgramData\Quoteexs
2019-04-14 22:07 - 2019-04-14 22:07 - 007906816 _____ C:\Users\Miki\AppData\Local\agent.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 002037504 _____ C:\Users\Miki\AppData\Local\Viafan.tst
2019-04-14 22:07 - 2019-04-14 22:07 - 000722944 _____ C:\Users\Miki\AppData\Local\sha.db
2019-04-14 22:07 - 2019-04-14 22:07 - 000140800 _____ C:\Users\Miki\AppData\Local\installer.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 000126464 _____ C:\Users\Miki\AppData\Local\noah.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 000070992 _____ C:\Users\Miki\AppData\Local\Config.xml
2019-04-14 22:07 - 2019-04-14 22:07 - 000018432 _____ C:\Users\Miki\AppData\Local\Main.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 000016416 _____ C:\Users\Miki\AppData\Local\InstallationConfiguration.xml
2019-04-14 22:07 - 2019-04-14 22:07 - 000005568 _____ C:\Users\Miki\AppData\Local\md.xml
2019-04-14 22:07 - 2019-04-14 22:07 - 000003482 _____ C:\WINDOWS\System32\Tasks\{J239HE2K-DJYX-GT3W-4YN2-ABH2SDXTVBVY}
2019-04-14 22:07 - 2019-04-14 22:07 - 000000000 ____D C:\ProgramData\fb
2019-04-14 22:06 - 2019-04-14 22:06 - 000000000 ____D C:\Users\Miki\AppData\LocalLow\uTorrent
2019-04-13 21:02 - 2019-04-13 21:02 - 000000000 ____D C:\Users\Miki\AppData\Local\Activision
2019-04-05 11:37 - 2019-04-14 22:38 - 000015800 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2019-04-05 11:37 - 2019-04-05 11:37 - 000188240 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-04-05 11:37 - 2019-04-05 11:37 - 000145600 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-04-05 11:37 - 2019-04-05 11:37 - 000110000 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-04-02 05:51 - 2019-04-02 05:51 - 000063265 _____ C:\Users\Miki\Downloads\TR_DETAILS_20190402055112.pdf
2019-04-01 10:35 - 2019-04-01 10:35 - 000063369 _____ C:\Users\Miki\Downloads\TR_DETAILS_20190401103558.pdf
2019-03-31 16:10 - 2019-03-31 16:11 - 000000000 ____D C:\Users\Miki\Downloads\Natalkowe
2019-03-27 16:42 - 2019-03-29 16:42 - 000004000 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1527442111
2019-03-22 07:16 - 2019-03-22 07:16 - 000001449 _____ C:\Users\Miki\Desktop\farcry3 - Shortcut.lnk
2019-03-21 21:49 - 2019-03-30 22:00 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2019-03-21 21:49 - 2019-03-21 21:49 - 000000000 ____D C:\Users\Miki\AppData\Local\PunkBuster
2019-03-21 21:47 - 2019-03-30 22:00 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2019-03-21 21:47 - 2019-03-30 09:13 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2019-03-21 21:47 - 2019-03-21 21:47 - 000076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2019-03-21 21:47 - 2019-03-21 21:47 - 000001274 _____ C:\Users\Miki\Desktop\Uplay.lnk
2019-03-21 21:47 - 2019-03-21 21:47 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-03-21 21:47 - 2019-03-21 21:47 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2019-03-21 20:02 - 2019-03-21 20:02 - 000001491 _____ C:\Users\Miki\Desktop\Play Call of Duty 5 .lnk
2019-03-21 19:25 - 2019-03-21 19:25 - 000000000 ____D C:\Users\Miki\AppData\Local\OneDrive
2019-03-21 19:07 - 2019-03-21 19:07 - 000000000 __SHD C:\ProgramData\DSS
2019-03-21 18:56 - 2019-03-21 18:56 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Lionhead Studios
2019-03-21 18:55 - 2019-03-21 18:55 - 000000000 ____D C:\Users\Miki\Documents\Games for Windows - LIVE Demos
2019-03-21 18:54 - 2019-03-21 18:54 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2019-03-21 18:54 - 2019-03-21 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2019-03-21 18:54 - 2019-03-21 18:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-04-15 06:20 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-15 06:17 - 2018-05-19 20:25 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-15 06:17 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-15 06:10 - 2019-02-23 21:32 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-15 06:10 - 2018-05-19 20:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-15 00:14 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-14 22:57 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\windows nt
2019-04-14 22:44 - 2018-05-19 20:12 - 000000000 ____D C:\Users\Miki
2019-04-14 22:44 - 2017-09-09 16:16 - 000000000 ____D C:\Users\Miki\AppData\Local\CrashDumps
2019-04-14 22:38 - 2019-02-21 22:46 - 000000000 ____D C:\Users\Miki\AppData\Local\ESET
2019-04-14 22:31 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-14 22:18 - 2018-05-19 20:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-14 22:12 - 2017-09-14 20:19 - 000000000 ____D C:\Users\Miki\AppData\Roaming\uTorrent
2019-04-14 22:09 - 2017-09-09 14:46 - 000000000 ____D C:\Users\Miki\AppData\Local\Battle.net
2019-04-14 22:09 - 2015-10-30 09:24 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2019-04-14 22:08 - 2017-09-18 11:11 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2019-04-14 22:08 - 2017-08-05 22:04 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-14 22:08 - 2017-08-05 22:04 - 000002278 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-14 08:32 - 2018-10-12 11:32 - 000000000 ____D C:\Users\Miki\Desktop\DCIM
2019-04-13 07:38 - 2018-12-03 16:05 - 000000000 ____D C:\Users\Miki\Desktop\Modzelewksi
2019-04-12 06:39 - 2018-05-19 20:32 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3623133826-1210183299-932913162-1001
2019-04-12 06:39 - 2018-05-19 20:12 - 000002360 _____ C:\Users\Miki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-12 06:39 - 2017-08-05 22:02 - 000000000 ___RD C:\Users\Miki\OneDrive
2019-04-11 17:23 - 2017-09-15 13:03 - 000000000 ____D C:\Users\Miki\AppData\Roaming\vlc
2019-04-10 08:46 - 2018-06-25 09:09 - 000004598 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-04-10 08:46 - 2018-06-25 09:09 - 000004422 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-10 08:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-10 08:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-10 06:55 - 2017-09-11 13:26 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-06 07:33 - 2018-12-15 16:10 - 000000000 ____D C:\Users\Miki\Desktop\NEW podpieczni
2019-04-04 07:31 - 2017-12-16 01:35 - 000000000 ____D C:\Users\Miki\AppData\Local\Packages
2019-04-02 18:30 - 2019-02-25 19:22 - 000001336 _____ C:\Users\Miki\Desktop\Ankieta.txt
2019-04-02 06:59 - 2017-10-22 18:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-03-30 16:53 - 2017-09-09 14:50 - 000000000 ____D C:\Users\Miki\AppData\Local\Blizzard Entertainment
2019-03-29 16:42 - 2018-05-27 19:28 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk
2019-03-29 16:42 - 2018-05-27 19:28 - 000000000 ____D C:\Program Files\Opera
2019-03-25 14:39 - 2017-09-17 23:37 - 000000000 ____D C:\Users\Miki\Desktop\ANTY-BURDEL
2019-03-24 17:56 - 2018-07-14 08:32 - 000000000 ____D C:\Users\Miki\AppData\Roaming\XnView
2019-03-23 22:18 - 2019-03-09 19:30 - 000000234 _____ C:\Users\Miki\Desktop\Pyszne.pl kody.txt
2019-03-23 14:50 - 2019-02-14 08:45 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-03-21 21:49 - 2019-02-24 22:21 - 000000000 ____D C:\ProgramData\Orbit
2019-03-21 21:49 - 2018-06-14 14:01 - 000000000 ____D C:\Users\Miki\AppData\Local\D3DSCache
2019-03-21 21:49 - 2017-09-14 20:29 - 000000000 ____D C:\Users\Miki\Documents\My Games
2019-03-21 21:24 - 2017-09-10 22:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
 
==================== Files in the root of some directories =======
 
2019-04-14 22:12 - 2019-04-14 22:12 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-04-14 22:12 - 2019-04-14 22:12 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-04-14 22:07 - 2019-04-14 22:07 - 007906816 _____ () C:\Users\Miki\AppData\Local\agent.dat
2019-04-14 22:09 - 2019-04-14 22:09 - 000278528 _____ () C:\Users\Miki\AppData\Local\cleartool.exe
2019-04-14 22:07 - 2019-04-14 22:07 - 000070992 _____ () C:\Users\Miki\AppData\Local\Config.xml
2019-04-14 22:07 - 2019-04-14 22:07 - 000016416 _____ () C:\Users\Miki\AppData\Local\InstallationConfiguration.xml
2019-04-14 22:07 - 2019-04-14 22:07 - 000140800 _____ () C:\Users\Miki\AppData\Local\installer.dat
2018-09-19 11:33 - 2018-09-19 11:33 - 000000001 _____ () C:\Users\Miki\AppData\Local\llftool.4.40.agreement
2019-04-14 22:07 - 2019-04-14 22:07 - 000018432 _____ () C:\Users\Miki\AppData\Local\Main.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 000005568 _____ () C:\Users\Miki\AppData\Local\md.xml
2019-04-14 22:07 - 2019-04-14 22:07 - 000126464 _____ () C:\Users\Miki\AppData\Local\noah.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 000722944 _____ () C:\Users\Miki\AppData\Local\sha.db
2019-04-14 22:08 - 2019-04-14 22:08 - 000032038 _____ () C:\Users\Miki\AppData\Local\uninstall_temp.ico
2019-04-14 22:07 - 2019-04-14 22:07 - 002037504 _____ () C:\Users\Miki\AppData\Local\Viafan.tst
 
Some files in TEMP:
====================
2019-04-14 22:08 - 2019-04-14 22:08 - 025260414 _____ (TigerTrade ) C:\Users\Miki\AppData\Local\Temp\4958579357.exe
2019-04-14 22:08 - 2019-04-14 22:08 - 000606720 _____ () C:\Users\Miki\AppData\Local\Temp\AppOne.exe
2019-04-14 22:07 - 2019-04-14 22:07 - 000710656 _____ () C:\Users\Miki\AppData\Local\Temp\fhalslk.dll
2019-04-14 22:08 - 2019-04-14 22:08 - 001023169 _____ (360dev ) C:\Users\Miki\AppData\Local\Temp\lightcleanerlightcleaner.exe
2019-04-14 22:09 - 2019-04-14 22:09 - 000060928 _____ (Microsoft Corporation) C:\Users\Miki\AppData\Local\Temp\rcdll.exe
2019-04-14 22:07 - 2019-04-14 22:07 - 000550400 _____ () C:\Users\Miki\AppData\Local\Temp\seescenicelfc.exe
2019-04-14 22:07 - 2019-04-14 22:07 - 000096256 _____ () C:\Users\Miki\AppData\Local\Temp\setup.exe
2019-04-14 22:10 - 2019-04-14 22:10 - 000375522 _____ ( ) C:\Users\Miki\AppData\Local\Temp\xt3zyudae1s.exe
2019-04-14 22:07 - 2019-04-14 22:07 - 003786762 _____ () C:\Users\Miki\AppData\Local\Temp\zernvo.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-19 20:06
 
==================== End of FRST.txt ============================
Wygenerowano w 0.058s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!