wklejto.pl

Dodane przez: ~hipcio_stg (2021-02-02 07:51) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 27-01-2021
Uruchomiony przez Marcin (administrator)  DESKTOP-O8F7184 (02-02-2021 02:57:26)
Uruchomiony z C:\Users\Marcin\Downloads
Załadowane profile: Marcin
Platform: Windows 10 Education Wersja 1809 17763.1697 (X64) Język: Polski (Polska)
Domyślna przeglądarka: FF
Tryb startu: Normal
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
 
==================== Rejestr (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\Run: [Discord] => C:\Users\Marcin\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\Run: [FACEIT] => C:\Users\Marcin\AppData\Local\FACEITApp\update.exe [2204608 2020-10-14] (FACE IT LIMITED -> )
HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Marcin\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-19] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\Windows\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-26] (Google LLC -> Google LLC)
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA
 
==================== Zaplanowane zadania (filtrowane) ============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
Task: {21FFA735-8420-4034-B6AD-6A80D57B4562} - System32\Tasks\GoogleUpdateTaskMachineCore1d6c9a290df3b86 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)
Task: {2BDF2E91-36DB-449A-AEF8-6A1BC10A9869} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {381E95C7-C7AE-4196-8338-5EDB851ED36E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe
Task: {539FB378-11A5-4D27-A321-A7475D65F8DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)
Task: {59AE6160-8478-4047-A90B-0B1799719224} - System32\Tasks\GoogleUpdateTaskMachineUA1d6c9a290e2f626 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)
Task: {9D5414BF-78F3-4F51-8948-83BC79663EEF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {9EAC9B9D-A5DC-42A7-A859-9CD17E6C3DF3} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B6BF5539-50FF-4D09-AF79-C440F570B01E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {CC195A36-DBA0-4035-ACCF-EBD4F9C6B2F1} - System32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A} => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe -> /i "C:\Users\Marcin\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi" AI_SETUPEXEPATH="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe" SETUPEXEDIR="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\" ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS="1" PRIMARYFOLDER="APPDIR" ROOTDRIVE="D:\" AI_PREREQFILES="C:\Users\Marcin\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64.exe" AI_PREREQDIRS="C:\Users\Marcin\AppData\Roaming" AI_MISSING_PREREQS="Visual C++ Redistributable for Visual Studio 2017 x64" AI_SETUPEXEPATH="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe" SETUPEXEDIR="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\" AI_INSTALL="1" BIPROCESSTIME="2020-06-25T15:24:06.1829077Z" TARGETLOCKED="TRUE" TARGETDIR="D:\" APPDIR="C:\Program Files (x86)\Wizards of the Coast\MTGA\" AI_SETUPEXEPATH_ORIGINAL="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe"
Task: {FBAFB378-91B6-44E0-AA74-17EE79A1FA04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-14] (Google LLC -> Google LLC)
 
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
 
Task: C:\Windows\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exeѧ/i C:\Users\Marcin\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=D:\ AI_PREREQFILES=C:\Users\Marcin\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64.exe AI_PREREQDIRS=C:\Users\Marcin\AppData\Roaming AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x64 AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2020-06-25T15:24:06.1829077Z TARGETLOCKED=TRUE TARGETDIR=D:\ APPDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\ AI_SETUPEXEPATH_ORIGINAL=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.90.exe <==== UWAGA
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0d594290-18b3-4bc9-91b4-d7b8cbbea640}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ae559fb5-e7c3-455c-b4d8-4e299324293b}: [DhcpNameServer] 172.20.10.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Marcin\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-02]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
FireFox:
========
FF DefaultProfile: nqyura6w.default
FF ProfilePath: C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\nqyura6w.default [2020-01-10]
FF ProfilePath: C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\u3ydp05m.default-release [2021-02-02]
FF Extension: (Tampermonkey) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\u3ydp05m.default-release\Extensions\firefox@tampermonkey.net.xpi [2020-12-28]
FF Extension: (CSGOFloat Market Checker) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\u3ydp05m.default-release\Extensions\{194d0dc6-7ada-41c6-88b8-95d7636fe43c}.xpi [2021-01-25]
FF Extension: (Blockera - darmowy adblocker) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\u3ydp05m.default-release\Extensions\{67cb6b48-cc8d-47ec-aa6a-38ca69888361}.xpi [2020-02-03] [UpdateUrl:hxxps://blockera.org/updates.json]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default [2021-02-02]
CHR Extension: (Prezentacje) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-14]
CHR Extension: (Dokumenty) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-14]
CHR Extension: (Dysk Google) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-30]
CHR Extension: (YouTube) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-14]
CHR Extension: (Arkusze) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-30]
CHR Extension: (CSGOFloat Market Checker) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjicbefpemnphinccgikpdaagjebbnhg [2020-10-30]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-14]
CHR Extension: (Gmail) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-30]
CHR Extension: (Chrome Media Router) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-30]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
==================== Usługi (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
S2 AIRHUBAudioDevMon; C:\Program Files (x86)\M-Audio\AIR HUB\AudioDevMon.exe [289336 2019-07-16] (inMusic Brands Inc -> M-Audio)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-01-10] (Apple Inc. -> Apple Inc.)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [12887096 2021-02-02] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [19039072 2020-08-05] (FACE IT LIMITED -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-02] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6270832 2021-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [526904 2021-02-02] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation
 
===================== Sterowniki (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [460864 2020-01-11] (Ploytec GmbH -> BEHRINGER)
R3 BUSB_AUDIO_WDM; C:\Windows\system32\drivers\busbwdm.sys [49728 2020-01-11] (Ploytec GmbH -> BEHRINGER)
R3 EnigmaFileMonDriver; C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [76744 2021-02-02] (EnigmaSoft Limited -> EnigmaSoft Limited)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2021-02-02] (Malwarebytes Corporation -> Malwarebytes)
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [10401656 2020-08-05] (FACE IT LIMITED -> )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220600 2021-02-02] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-02-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198248 2021-02-02] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-02-02] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-02-02] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [142440 2021-02-02] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2020-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc (utworzone) (filtrowane) =========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2021-02-02 02:57 - 2021-02-02 02:58 - 000017051 _____ C:\Users\Marcin\Downloads\FRST.txt
2021-02-02 02:57 - 2021-02-02 02:57 - 000000000 ____D C:\Users\Marcin\AppData\LocalLow\IGDump
2021-02-02 02:55 - 2021-02-02 02:57 - 000000000 ____D C:\FRST
2021-02-02 02:49 - 2021-02-02 02:49 - 002297856 _____ (Farbar) C:\Users\Marcin\Downloads\FRST64.exe
2021-02-02 02:37 - 2021-02-02 02:37 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-02-02 02:36 - 2021-02-02 02:36 - 000198248 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-02-02 02:36 - 2021-02-02 02:36 - 000142440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-02-02 02:35 - 2021-02-02 02:35 - 008457584 _____ (Malwarebytes) C:\Users\Marcin\Downloads\adwcleaner_8.0.9.1.exe
2021-02-02 02:34 - 2021-02-02 02:34 - 000000000 ____D C:\Users\Marcin\AppData\Local\mbam
2021-02-02 02:33 - 2021-02-02 02:33 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-02-02 02:33 - 2021-02-02 02:33 - 000220600 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-02-02 02:33 - 2021-02-02 02:33 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-02-02 02:33 - 2021-02-02 02:33 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-02-02 02:33 - 2021-02-02 02:33 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-02 02:33 - 2021-02-02 02:33 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-02-02 02:33 - 2021-02-02 02:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-02 02:33 - 2021-02-02 02:33 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-02 02:32 - 2021-02-02 02:32 - 002086424 _____ (Malwarebytes) C:\Users\Marcin\Downloads\MBSetup.exe
2021-02-02 02:26 - 2021-02-02 02:35 - 000000000 ____D C:\AdwCleaner
2021-02-02 01:35 - 2021-02-02 02:30 - 000076744 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2021-02-02 01:35 - 2021-02-02 01:35 - 000001055 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2021-02-02 01:35 - 2021-02-02 01:35 - 000000000 ____D C:\sh5ldr
2021-02-02 01:35 - 2021-02-02 01:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2021-02-02 01:35 - 2021-02-02 01:35 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2021-02-02 01:34 - 2021-02-02 01:34 - 006565432 _____ (EnigmaSoft Limited) C:\Users\Marcin\Downloads\SpyHunter-Installer.exe
2021-02-02 01:34 - 2021-02-02 01:34 - 000000000 ____D C:\Program Files\EnigmaSoft
2021-02-01 23:15 - 2021-02-01 23:15 - 015012440 _____ (ESET spol. s r.o.) C:\Users\Marcin\Downloads\esetonlinescanner.exe
2021-02-01 23:15 - 2021-02-01 23:15 - 000000779 _____ C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-02-01 23:15 - 2021-02-01 23:15 - 000000651 _____ C:\Users\Marcin\Desktop\ESET Online Scanner.lnk
2021-02-01 23:15 - 2021-02-01 23:15 - 000000000 ____D C:\Users\Marcin\AppData\Local\ESET
2021-02-01 22:54 - 2021-02-01 22:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-02-01 20:50 - 2021-02-01 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTG Arena
2021-02-01 20:46 - 2021-02-01 20:47 - 000205711 _____ C:\Users\Marcin\Downloads\Potwierdzenie przelewu.pdf
2021-02-01 20:40 - 2021-02-02 01:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-23 21:05 - 2021-01-23 21:05 - 000610516 _____ C:\Users\Marcin\Desktop\KFT_1.pdf
2021-01-21 22:17 - 2021-01-21 22:17 - 000159075 _____ C:\Users\Marcin\Desktop\Kuhlau-Sonatina-Op.-88-No.-3.pdf
2021-01-19 23:10 - 2021-01-19 23:10 - 000255894 _____ C:\Users\Marcin\Desktop\Minutenwalzer.pdf
2021-01-19 20:51 - 2021-01-19 20:51 - 040018535 _____ C:\Users\Marcin\Downloads\37BA261B-E588-460A-812D-C88C38D86EDE.MOV
2021-01-19 20:51 - 2021-01-19 20:51 - 033304288 _____ C:\Users\Marcin\Downloads\2EE826D6-036D-4215-863C-5DC5D5C690B4.MOV
2021-01-19 20:51 - 2021-01-19 20:51 - 033304288 _____ C:\Users\Marcin\Desktop\2EE826D6-036D-4215-863C-5DC5D5C690B4.MOV
2021-01-19 17:16 - 2021-01-19 17:16 - 000000000 ____D C:\Users\Marcin\Downloads\pusheen z pika pika
2021-01-13 20:21 - 2021-01-13 20:21 - 001182720 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-01-13 20:21 - 2021-01-13 20:21 - 001166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-01-13 20:21 - 2021-01-13 20:21 - 000918528 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2021-01-13 20:21 - 2021-01-13 20:21 - 000858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2021-01-13 20:21 - 2021-01-13 20:21 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2021-01-13 20:21 - 2021-01-13 20:21 - 000577536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2021-01-13 20:21 - 2021-01-13 20:21 - 000571904 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2021-01-13 20:21 - 2021-01-13 20:21 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2021-01-13 20:21 - 2021-01-13 20:21 - 000494080 _____ C:\Windows\system32\AssignedAccessCsp.dll
2021-01-13 20:21 - 2021-01-13 20:21 - 000444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2021-01-13 20:21 - 2021-01-13 20:21 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2021-01-13 20:21 - 2021-01-13 20:21 - 000144384 _____ C:\Windows\system32\uwfcsp.dll
2021-01-13 20:21 - 2021-01-13 20:21 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2021-01-13 20:21 - 2021-01-13 20:21 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-01-13 20:21 - 2021-01-13 20:21 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2021-01-13 20:21 - 2021-01-13 20:21 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll
2021-01-13 20:21 - 2021-01-13 20:21 - 000053248 _____ C:\Windows\SysWOW64\BWContextHandler.dll
2021-01-13 20:20 - 2021-01-13 20:20 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2021-01-13 20:20 - 2021-01-13 20:20 - 000909312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2021-01-13 20:20 - 2021-01-13 20:20 - 000593424 _____ C:\Windows\SysWOW64\InputHost.dll
2021-01-13 20:20 - 2021-01-13 20:20 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2021-01-13 20:20 - 2021-01-13 20:20 - 000462336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2021-01-13 20:20 - 2021-01-13 20:20 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-01-13 20:20 - 2021-01-13 20:20 - 000327680 _____ C:\Windows\SysWOW64\ssdm.dll
2021-01-13 20:20 - 2021-01-13 20:20 - 000209920 _____ C:\Windows\SysWOW64\HeatCore.dll
2021-01-13 20:20 - 2021-01-13 20:20 - 000186368 _____ C:\Windows\system32\BthpanContextHandler.dll
2021-01-13 20:19 - 2021-01-13 20:19 - 000837704 _____ C:\Windows\system32\InputHost.dll
2021-01-13 20:19 - 2021-01-13 20:19 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-01-13 20:19 - 2021-01-13 20:19 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2021-01-13 20:19 - 2021-01-13 20:19 - 000449536 _____ C:\Windows\system32\ssdm.dll
2021-01-13 20:19 - 2021-01-13 20:19 - 000269312 _____ C:\Windows\system32\HeatCore.dll
2021-01-13 20:19 - 2021-01-13 20:19 - 000156672 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-01-13 20:19 - 2021-01-13 20:19 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2021-01-13 20:19 - 2021-01-13 20:19 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2021-01-13 20:19 - 2021-01-13 20:19 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2021-01-13 20:19 - 2021-01-13 20:19 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2021-01-13 20:19 - 2021-01-13 20:19 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2021-01-13 20:19 - 2021-01-13 20:19 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2021-01-13 20:19 - 2021-01-13 20:19 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2021-01-13 20:19 - 2021-01-13 20:19 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
 
==================== Jeden miesiąc (zmodyfikowane) ==================
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2021-02-02 02:45 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-02 02:42 - 2020-01-10 21:59 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-02 02:41 - 2020-01-10 21:59 - 000000000 ____D C:\Users\Marcin\AppData\LocalLow\Mozilla
2021-02-02 02:36 - 2020-01-11 14:01 - 000000000 ____D C:\ProgramData\PACE
2021-02-02 02:36 - 2020-01-10 21:32 - 001678738 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-02 02:36 - 2018-09-15 17:43 - 000747884 _____ C:\Windows\system32\perfh015.dat
2021-02-02 02:36 - 2018-09-15 17:43 - 000144532 _____ C:\Windows\system32\perfc015.dat
2021-02-02 02:36 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2021-02-02 02:33 - 2018-09-15 08:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-02-02 02:30 - 2020-01-10 22:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-02 02:29 - 2020-01-10 21:34 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-02-02 02:29 - 2018-09-15 07:09 - 000524288 _____ C:\Windows\system32\config\BBI
2021-02-02 02:13 - 2020-01-10 22:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-02-02 01:45 - 2020-01-15 18:00 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Discord
2021-02-02 01:40 - 2020-01-10 21:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-02 01:40 - 2020-01-10 21:35 - 000000000 ____D C:\Users\Marcin
2021-02-01 22:54 - 2020-01-10 21:59 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-01 21:33 - 2020-01-10 22:15 - 000000000 ____D C:\Program Files (x86)\Steam
2021-02-01 20:51 - 2020-04-02 15:38 - 000002298 _____ C:\Users\Marcin\Desktop\MTG Arena.lnk
2021-02-01 19:12 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-01 19:12 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2021-02-01 19:10 - 2020-08-24 14:48 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-29 15:12 - 2020-11-05 17:00 - 000921624 _____ C:\img2-001.raw
2021-01-28 14:00 - 2020-01-10 21:37 - 000000000 ____D C:\Users\Marcin\AppData\Local\Packages
2021-01-26 22:54 - 2020-01-14 20:03 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-22 20:46 - 2020-01-10 21:39 - 000799104 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-01-20 15:29 - 2020-10-30 20:13 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA1d6aef0c95e6333
2021-01-20 15:29 - 2020-10-30 20:13 - 000003416 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6aef0c9599e78
2021-01-19 21:09 - 2020-01-11 16:13 - 000000000 ____D C:\Users\Marcin\Documents\REAPER Media
2021-01-19 20:02 - 2020-10-29 15:18 - 000002373 _____ C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-16 17:59 - 2020-10-23 14:50 - 000000000 ____D C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-01-16 17:59 - 2020-10-23 14:50 - 000000000 ____D C:\Users\Marcin\AppData\Local\Ubisoft Game Launcher
2021-01-15 15:36 - 2020-01-10 21:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-15 15:36 - 2020-01-10 21:37 - 000000000 ___RD C:\Users\Marcin\3D Objects
2021-01-15 15:35 - 2020-01-10 22:23 - 000473504 _____ C:\Windows\system32\FNTCACHE.DAT
2021-01-14 03:46 - 2018-09-15 17:45 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-14 03:46 - 2018-09-15 17:45 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-14 03:46 - 2018-09-15 17:45 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\UNP
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\F12
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ___RD C:\Windows\PrintDialog
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\SysWOW64\com
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\setup
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\oobe
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\com
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\ShellExperiences
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\Provisioning
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\IME
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\bcastdvr
2021-01-14 03:46 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-14 03:46 - 2018-09-15 07:09 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2021-01-14 03:46 - 2018-09-15 07:09 - 000000000 ____D C:\Windows\system32\Dism
2021-01-14 03:46 - 2018-09-15 07:09 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2021-01-13 20:29 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2021-01-13 20:27 - 2020-01-10 21:44 - 000000000 ____D C:\Windows\system32\MRT
2021-01-13 20:25 - 2020-01-10 21:44 - 135062968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-01-13 20:19 - 2020-01-10 21:28 - 002868736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-01-04 19:51 - 2020-04-06 18:44 - 000000000 ____D C:\Users\Marcin\AppData\Local\ElevatedDiagnostics
 
==================== Pliki w katalogu głównym wybranych folderów ========
 
2020-01-10 22:16 - 2020-10-15 23:06 - 000007589 _____ () C:\Users\Marcin\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
==================== Koniec  FRST.txt ========================
Wygenerowano w 0.006s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!