wklejto.pl

Dodane przez: ~Anonim (2019-04-17 09:42) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.04.2019 01
Ran by Miki (administrator) on DESKTOP-LL8TNPO (17-04-2019 09:32:10)
Running from C:\Users\Miki\Downloads
Loaded Profiles: Miki (Available Profiles: Miki)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
() [File not signed] C:\Users\Miki\Documents\TransactionServices Inc\transactionservices.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() [File not signed] C:\Users\Miki\Documents\TransactionServices Inc\transactionservices.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2019-02-13] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16464600 2000-01-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2019-04-05] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\Run: [Discord] => C:\Users\Miki\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\Run: [transactionservicesmain] => C:\Users\Miki\Documents\TransactionServices Inc\transactionservices.exe.lnk [1962 2019-04-14] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => c:\windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-16] (Google LLC -> Google Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{df450caf-797e-47f1-9d5c-e0a5efd306af}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 87m4950n.default
FF ProfilePath: C:\Users\Miki\AppData\Roaming\Mozilla\Firefox\Profiles\87m4950n.default [2019-04-16]
FF NewTab: Mozilla\Firefox\Profiles\87m4950n.default -> file:///C:/ProgramData/Quoteexs/ff.NT
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3623133826-1210183299-932913162-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Miki\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-04-28] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://o2.pl/
CHR Profile: C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default [2019-04-17]
CHR Extension: (Prezentacje) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-14]
CHR Extension: (Dokumenty) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Dysk Google) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-14]
CHR Extension: (YouTube) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-14]
CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-04]
CHR Extension: (Tampermonkey) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-02-14]
CHR Extension: (Arkusze) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-15]
CHR Extension: (AdBlock) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-13]
CHR Extension: (Magic Enhancer For YouTube™) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2019-04-16]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (No Name) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofohpmdcbdgcchmhmmcfdmbegompidlm [2019-04-14]
CHR Extension: (Gmail) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-14]
CHR Extension: (Chrome Media Router) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR Profile: C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-04-14]
CHR Extension: (chrome_filter) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\kljiogdfigecnffccfpmbeefjdfnhnge [2019-04-14]
CHR Extension: (No Name) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\ofohpmdcbdgcchmhmmcfdmbegompidlm [2019-04-14]
CHR Profile: C:\Users\Miki\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-14]
CHR Extension: (chrome_filter) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\kljiogdfigecnffccfpmbeefjdfnhnge [2019-04-14]
CHR Extension: (No Name) - C:\Users\Miki\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ofohpmdcbdgcchmhmmcfdmbegompidlmhUTPzkVsbj [2019-04-14]
 
Opera: 
=======
OPR Extension: (Adblocker for Youtube™) - C:\Users\Miki\AppData\Roaming\Opera Software\Opera Stable\Extensions\beablbkeolnmmgfdbpccjbnheidinhbk [2019-04-14]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-03-21] (Even Balance, Inc. -> )
S2 symsrv; C:\Program Files\windows nt\symsrv.exe [145168 2019-04-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-03-03] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-04-05] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-04-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-04-05] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-04-05] (ESET, spol. s r.o. -> ESET)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-02-04] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-04-16 16:17 - 2019-04-16 16:17 - 000063312 _____ C:\Users\Miki\Downloads\TR_DETAILS_20190416161703.pdf
2019-04-16 07:45 - 2019-04-16 07:46 - 000000000 ____D C:\AdwCleaner
2019-04-16 07:45 - 2019-04-16 07:45 - 007025360 _____ (Malwarebytes) C:\Users\Miki\Downloads\adwcleaner_7.3.exe
2019-04-16 07:43 - 2019-04-16 07:43 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-16 07:43 - 2019-04-16 07:43 - 000002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-16 07:42 - 2019-04-16 07:42 - 001214008 _____ (Google LLC) C:\Users\Miki\Desktop\ChromeSetup.exe
2019-04-16 07:42 - 2019-04-16 07:42 - 000003566 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-16 07:42 - 2019-04-16 07:42 - 000003442 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-16 07:40 - 2019-04-16 07:40 - 000000008 __RSH C:\Users\Miki\ntuser.pol
2019-04-16 07:40 - 2019-04-16 07:40 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-04-16 07:30 - 2019-04-16 07:30 - 000000000 ____D C:\Users\Miki\Downloads\FRST-OlderVersion
2019-04-15 06:19 - 2019-04-17 09:33 - 000016998 _____ C:\Users\Miki\Downloads\FRST.txt
2019-04-15 06:19 - 2019-04-17 09:32 - 000000000 ____D C:\FRST
2019-04-15 06:19 - 2019-04-16 07:30 - 002434048 _____ (Farbar) C:\Users\Miki\Downloads\FRST64.exe
2019-04-14 22:31 - 2019-04-14 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-04-14 22:31 - 2019-04-14 22:31 - 000000000 ____D C:\ProgramData\ESET
2019-04-14 22:31 - 2019-04-14 22:31 - 000000000 ____D C:\Program Files\ESET
2019-04-14 22:27 - 2019-04-14 22:27 - 348112170 _____ C:\Users\Miki\Downloads\ESET Security Pack 12.1.34.0  ( x32_x64 )( Multi_PL ) + License.rar
2019-04-14 22:27 - 2019-04-14 22:27 - 000000000 ____D C:\Users\Miki\Downloads\ESET Security Pack 12.1.34.0  ( x32_x64 )( Multi_PL ) + License
2019-04-14 22:24 - 2019-04-14 22:29 - 000000000 ____D C:\ProgramData\localNETService
2019-04-14 22:23 - 2019-04-14 22:23 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Miki\Downloads\esetonlinescanner_enu.exe
2019-04-14 22:12 - 2019-04-14 22:12 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-04-14 22:12 - 2019-04-14 22:12 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-04-14 22:09 - 2019-04-14 22:09 - 000000000 ____D C:\ProgramData\Lamia
2019-04-14 22:08 - 2019-04-14 22:53 - 000000000 ____D C:\Users\Miki\Documents\TransactionServices Inc
2019-04-14 22:08 - 2019-04-14 22:48 - 000000000 ____D C:\Users\Miki\AppData\Local\App
2019-04-14 22:08 - 2019-04-14 22:08 - 000001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lightcleaner.lnk
2019-04-14 22:08 - 2019-04-14 22:08 - 000000000 ____D C:\Users\Miki\AppData\Local\AdvinstAnalytics
2019-04-14 22:08 - 2019-04-14 22:08 - 000000000 ____D C:\Program Files (x86)\TigerTrade
2019-04-14 22:08 - 2019-04-14 22:08 - 000000000 ____D C:\Program Files (x86)\lightcleaner
2019-04-14 22:07 - 2019-04-14 22:48 - 000000000 ____D C:\Program Files (x86)\SmartData
2019-04-14 22:07 - 2019-04-14 22:07 - 007906816 _____ C:\Users\Miki\AppData\Local\agent.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 002037504 _____ C:\Users\Miki\AppData\Local\Viafan.tst
2019-04-14 22:07 - 2019-04-14 22:07 - 000722944 _____ C:\Users\Miki\AppData\Local\sha.db
2019-04-14 22:07 - 2019-04-14 22:07 - 000140800 _____ C:\Users\Miki\AppData\Local\installer.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 000126464 _____ C:\Users\Miki\AppData\Local\noah.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 000070992 _____ C:\Users\Miki\AppData\Local\Config.xml
2019-04-14 22:07 - 2019-04-14 22:07 - 000005568 _____ C:\Users\Miki\AppData\Local\md.xml
2019-04-14 22:07 - 2019-04-14 22:07 - 000000000 ____D C:\ProgramData\fb
2019-04-14 22:06 - 2019-04-14 22:06 - 000000000 ____D C:\Users\Miki\AppData\LocalLow\uTorrent
2019-04-13 21:02 - 2019-04-13 21:02 - 000000000 ____D C:\Users\Miki\AppData\Local\Activision
2019-04-05 11:37 - 2019-04-14 22:38 - 000015800 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2019-04-05 11:37 - 2019-04-05 11:37 - 000188240 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-04-05 11:37 - 2019-04-05 11:37 - 000145600 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-04-05 11:37 - 2019-04-05 11:37 - 000110000 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-04-02 05:51 - 2019-04-02 05:51 - 000063265 _____ C:\Users\Miki\Downloads\TR_DETAILS_20190402055112.pdf
2019-04-01 10:35 - 2019-04-01 10:35 - 000063369 _____ C:\Users\Miki\Downloads\TR_DETAILS_20190401103558.pdf
2019-03-31 16:10 - 2019-03-31 16:11 - 000000000 ____D C:\Users\Miki\Downloads\Natalkowe
2019-03-22 07:16 - 2019-03-22 07:16 - 000001449 _____ C:\Users\Miki\Desktop\farcry3 - Shortcut.lnk
2019-03-21 21:49 - 2019-03-30 22:00 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2019-03-21 21:49 - 2019-03-21 21:49 - 000000000 ____D C:\Users\Miki\AppData\Local\PunkBuster
2019-03-21 21:47 - 2019-03-30 22:00 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2019-03-21 21:47 - 2019-03-30 09:13 - 000281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2019-03-21 21:47 - 2019-03-21 21:47 - 000076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2019-03-21 21:47 - 2019-03-21 21:47 - 000001274 _____ C:\Users\Miki\Desktop\Uplay.lnk
2019-03-21 21:47 - 2019-03-21 21:47 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-03-21 21:47 - 2019-03-21 21:47 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2019-03-21 20:02 - 2019-03-21 20:02 - 000001491 _____ C:\Users\Miki\Desktop\Play Call of Duty 5 .lnk
2019-03-21 19:25 - 2019-03-21 19:25 - 000000000 ____D C:\Users\Miki\AppData\Local\OneDrive
2019-03-21 19:07 - 2019-03-21 19:07 - 000000000 __SHD C:\ProgramData\DSS
2019-03-21 18:56 - 2019-03-21 18:56 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Lionhead Studios
2019-03-21 18:55 - 2019-03-21 18:55 - 000000000 ____D C:\Users\Miki\Documents\Games for Windows - LIVE Demos
2019-03-21 18:54 - 2019-03-21 18:54 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2019-03-21 18:54 - 2019-03-21 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2019-03-21 18:54 - 2019-03-21 18:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-04-17 09:29 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-17 09:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-17 08:45 - 2018-05-19 20:25 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-17 08:45 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-17 08:39 - 2019-02-23 21:32 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-17 08:39 - 2018-05-19 20:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-16 17:11 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-16 16:16 - 2018-05-19 20:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-16 10:36 - 2017-09-09 14:46 - 000000000 ____D C:\Users\Miki\AppData\Local\Battle.net
2019-04-16 07:40 - 2018-05-19 20:12 - 000000000 ____D C:\Users\Miki
2019-04-16 07:31 - 2015-10-30 09:24 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2019-04-15 20:53 - 2018-12-03 16:05 - 000000000 ____D C:\Users\Miki\Desktop\Modzelewksi
2019-04-15 18:03 - 2018-12-15 16:10 - 000000000 ____D C:\Users\Miki\Desktop\NEW podpieczni
2019-04-15 13:56 - 2019-02-21 22:46 - 000000000 ____D C:\Users\Miki\AppData\Local\ESET
2019-04-15 10:09 - 2017-12-16 01:35 - 000000000 ____D C:\Users\Miki\AppData\Local\Packages
2019-04-14 22:57 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\windows nt
2019-04-14 22:44 - 2017-09-09 16:16 - 000000000 ____D C:\Users\Miki\AppData\Local\CrashDumps
2019-04-14 22:31 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-14 22:12 - 2017-09-14 20:19 - 000000000 ____D C:\Users\Miki\AppData\Roaming\uTorrent
2019-04-14 22:08 - 2017-09-18 11:11 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2019-04-14 08:32 - 2018-10-12 11:32 - 000000000 ____D C:\Users\Miki\Desktop\DCIM
2019-04-12 06:39 - 2018-05-19 20:32 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3623133826-1210183299-932913162-1001
2019-04-12 06:39 - 2018-05-19 20:12 - 000002360 _____ C:\Users\Miki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-12 06:39 - 2017-08-05 22:02 - 000000000 ___RD C:\Users\Miki\OneDrive
2019-04-11 17:23 - 2017-09-15 13:03 - 000000000 ____D C:\Users\Miki\AppData\Roaming\vlc
2019-04-10 08:46 - 2018-06-25 09:09 - 000004598 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-04-10 08:46 - 2018-06-25 09:09 - 000004422 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-10 08:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-10 08:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-10 06:55 - 2017-09-11 13:26 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-02 18:30 - 2019-02-25 19:22 - 000001336 _____ C:\Users\Miki\Desktop\Ankieta.txt
2019-04-02 06:59 - 2017-10-22 18:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-03-30 16:53 - 2017-09-09 14:50 - 000000000 ____D C:\Users\Miki\AppData\Local\Blizzard Entertainment
2019-03-29 16:42 - 2018-05-27 19:28 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk
2019-03-29 16:42 - 2018-05-27 19:28 - 000000000 ____D C:\Program Files\Opera
2019-03-25 14:39 - 2017-09-17 23:37 - 000000000 ____D C:\Users\Miki\Desktop\ANTY-BURDEL
2019-03-24 17:56 - 2018-07-14 08:32 - 000000000 ____D C:\Users\Miki\AppData\Roaming\XnView
2019-03-23 22:18 - 2019-03-09 19:30 - 000000234 _____ C:\Users\Miki\Desktop\Pyszne.pl kody.txt
2019-03-23 14:50 - 2019-02-14 08:45 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-03-21 21:49 - 2019-02-24 22:21 - 000000000 ____D C:\ProgramData\Orbit
2019-03-21 21:49 - 2018-06-14 14:01 - 000000000 ____D C:\Users\Miki\AppData\Local\D3DSCache
2019-03-21 21:49 - 2017-09-14 20:29 - 000000000 ____D C:\Users\Miki\Documents\My Games
2019-03-21 21:24 - 2017-09-10 22:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
 
==================== Files in the root of some directories =======
 
2019-04-14 22:12 - 2019-04-14 22:12 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-04-14 22:12 - 2019-04-14 22:12 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-04-14 22:07 - 2019-04-14 22:07 - 007906816 _____ () C:\Users\Miki\AppData\Local\agent.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 000070992 _____ () C:\Users\Miki\AppData\Local\Config.xml
2019-04-14 22:07 - 2019-04-14 22:07 - 000140800 _____ () C:\Users\Miki\AppData\Local\installer.dat
2018-09-19 11:33 - 2018-09-19 11:33 - 000000001 _____ () C:\Users\Miki\AppData\Local\llftool.4.40.agreement
2019-04-14 22:07 - 2019-04-14 22:07 - 000005568 _____ () C:\Users\Miki\AppData\Local\md.xml
2019-04-14 22:07 - 2019-04-14 22:07 - 000126464 _____ () C:\Users\Miki\AppData\Local\noah.dat
2019-04-14 22:07 - 2019-04-14 22:07 - 000722944 _____ () C:\Users\Miki\AppData\Local\sha.db
2019-04-14 22:08 - 2019-04-14 22:08 - 000032038 _____ () C:\Users\Miki\AppData\Local\uninstall_temp.ico
2019-04-14 22:07 - 2019-04-14 22:07 - 002037504 _____ () C:\Users\Miki\AppData\Local\Viafan.tst
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
ATTENTION: ==> Could not access BCD. 
 
LastRegBack: 2018-05-19 20:06
 
==================== End of FRST.txt ============================
Wygenerowano w 0.042s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!