Takie cholerstwo mnie atakuje co minute non-stop, pomóżcie proszę...
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 29-03-2020
Uruchomiony przez rob (administrator) ROB-KOMPUTER (Gigabyte Technology Co., Ltd. H87-HD3) (30-03-2020 15:54:40)
Uruchomiony z C:\Users\rob\Downloads
Załadowane profile: rob (Dostępne profile: rob)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Adobe Inc. - & gt; Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. - & gt; Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(DEVGURU CO LTD - & gt; DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(DT Soft Ltd - & gt; DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(eCOSM) [Brak podpisu cyfrowego] C:\Program Files (x86)\MailWasher Pro\MailWasher.exe
(GG Network S.A. - & gt; GG Network S.A.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
(Ghisler Software GmbH - & gt; Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(InstallShield Software Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation - Intel® Management Engine Firmware - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology - & gt; Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology - & gt; Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products - & gt; Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Jan G.P. Sijm) [Brak podpisu cyfrowego] C:\Program Files (x86)\Poppy\Poppy.exe
(mfbot.de) [Brak podpisu cyfrowego] C:\Users\rob\Downloads\sfgame\S34\MFBot.exe
(Microsoft Corporation - & gt; Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation - & gt; Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) [Brak podpisu cyfrowego] C:\Users\rob\AppData\Local\windows\igfxpl.exe
(Microsoft Corporation) [Brak podpisu cyfrowego] C:\Users\rob\AppData\Roaming\system32\svchost.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation - & gt; Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera.exe
(Opera Software AS - & gt; Opera Software) C:\Program Files\Opera\66.0.3515.31\opera_crashreporter.exe
(Oracle America, Inc. - & gt; Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. - & gt; Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp - & gt; Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skillbrains) [Brak podpisu cyfrowego] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Symantec Corporation - & gt; Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\17.9.0.12\ccsvchst.exe
(Symantec Corporation - & gt; Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\17.9.0.12\ccsvchst.exe
(Symantec Corporation - & gt; Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\17.9.0.12\mcui32.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TEFINCOM S.A. - & gt; ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
==================== Rejestr (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [RTHDVCPL] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor Corp - & gt; Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] = & gt; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation - Intel® Rapid Storage Technology - & gt; Intel Corporation)
HKLM\...\Run: [itype] = & gt; C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] = & gt; C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated - & gt; Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] = & gt; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. - & gt; Adobe Systems, Incorporated)
HKLM-x32\...\Run: [IMSS] = & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation - Software and Firmware Products - & gt; Intel Corporation)
HKLM-x32\...\Run: [USB3MON] = & gt; C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation - & gt; Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] = & gt; C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [BCSSync] = & gt; C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM-x32\...\Run: [Lightshot] = & gt; C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot - & gt; )
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. - & gt; Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] = & gt; " C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe " --showwindow=false --onOSstartup=true
HKU\S-1-5-21-4206829922-995924665-1112165028-1000\...\Run: [ISUSPM Startup] = & gt; c:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation) [Brak podpisu cyfrowego]
HKU\S-1-5-21-4206829922-995924665-1112165028-1000\...\Run: [MailWasher] = & gt; C:\PROGRA~2\MAILWA~1\MAILWA~1.EXE* [4388864 2003-12-17] () [Brak podpisu cyfrowego]
HKU\S-1-5-21-4206829922-995924665-1112165028-1000\...\Run: [Gadu-Gadu 10] = & gt; C:\Program Files (x86)\Gadu-Gadu 10\gg.exe [13345376 2011-05-10] (GG Network S.A. - & gt; GG Network S.A.) [Brak podpisu cyfrowego]
HKU\S-1-5-21-4206829922-995924665-1112165028-1000\...\Winlogon: [Shell] explorer.exe, C:\Users\rob\WinLog.exe & lt; ==== UWAGA
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-18] (Google LLC - & gt; Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] - & gt; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation - & gt; Microsoft Corp.)
Startup: C:\Users\rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.it.lnk [2020-03-30]
ShortcutTarget: desktop.it.lnk - & gt; C:\Users\rob\AppData\Local\system32\hostd.vbs () [Brak podpisu cyfrowego]
Startup: C:\Users\rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igfxpl.lnk [2020-03-30]
ShortcutTarget: igfxpl.lnk - & gt; C:\Users\rob\AppData\Local\windows\igfxpl.exe (Microsoft Corporation) [Brak podpisu cyfrowego]
Startup: C:\Users\rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poppy for Windows.lnk [2017-12-28]
ShortcutTarget: Poppy for Windows.lnk - & gt; C:\Program Files (x86)\Poppy\Poppy.exe (Jan G.P. Sijm) [Brak podpisu cyfrowego]
==================== Zaplanowane zadania (filtrowane) ============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {10CEFE36-1B9A-434C-B4D8-A2569AC6AC03} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {33CBDCC1-F5AC-4F19-B53C-D017C9A6B926} - System32\Tasks\update-sys = & gt; C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot - & gt; TODO: & lt; Company name & gt; )
Task: {400CA762-5CD6-40C3-9930-26438CDE67E2} - System32\Tasks\Adobe Flash Player Updater = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-12] (Adobe Inc. - & gt; Adobe)
Task: {41BCD869-EB26-42B0-975D-281D2B43DD12} - System32\Tasks\Opera scheduled Autoupdate 1514386695 = & gt; C:\Program Files\Opera\launcher.exe [1532440 2020-01-10] (Opera Software AS - & gt; Opera Software)
Task: {50A2B11C-1C20-472C-A6DB-2A175FB2C4D2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {58C92CF2-36FA-4960-9A7F-E317E55BDA8A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {5F26940B-098A-422A-A54C-7372C0A9EF96} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {6597DE18-9CB4-4451-BE80-300F71A3E2B6} - System32\Tasks\AdobeGCInvoker-1.0 = & gt; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. - & gt; Adobe Systems, Incorporated)
Task: {882A70A1-23FC-44E7-86D3-2D3377F3C7B6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task = & gt; {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {937A6C8C-DA44-4471-890C-5F359B23C7F6} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe = & gt; C:\Program Files\Microsoft IntelliType Pro\IType.exe [1873256 2011-08-10] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {96DF5CE2-6CF4-4257-9F1B-06945CD62FBD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {A43E1FB1-2653-435A-B667-963CC6C288FB} - System32\Tasks\update-S-1-5-21-4206829922-995924665-1112165028-1000 = & gt; C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot - & gt; TODO: & lt; Company name & gt; )
Task: {B65FCD60-914A-422D-9B76-C82514680943} - System32\Tasks\Adobe Flash Player PPAPI Notifier = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-12] (Adobe Inc. - & gt; Adobe)
Task: {C2710D38-AEE0-4155-9619-1ABE632E7E40} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {C8E3E0E8-15C9-4B98-9D6B-19CA826EAD5A} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-27] (Google Inc - & gt; Google Inc.)
Task: {D0708D0F-BA0B-4E46-9455-628DD6757BE6} - System32\Tasks\Adobe Flash Player NPAPI Notifier = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-12] (Adobe Inc. - & gt; Adobe)
Task: {F46DCA2B-D7FF-4968-A3EB-184F04AD475D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {F5FB2F34-7625-4035-93F5-B991D0D8D6F8} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-27] (Google Inc - & gt; Google Inc.)
Task: {F9710140-7DF5-4944-9EB0-D1DE5B825B23} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
Task: C:\Windows\Tasks\update-S-1-5-21-4206829922-995924665-1112165028-1000.job = & gt; C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job = & gt; C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation - & gt; Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation - & gt; Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation - & gt; Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation - & gt; Microsoft Corp.)
Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip\..\Interfaces\{A9177742-94EB-4648-8BAD-EF2AF5571E98}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{A9177742-94EB-4648-8BAD-EF2AF5571E98}: [DhcpNameServer] 62.179.1.62 62.179.1.63
Internet Explorer:
==================
HKU\S-1-5-21-4206829922-995924665-1112165028-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://s36.sfgame.pl/
BHO: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation - & gt; Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-12-08] (Oracle America, Inc. - & gt; Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation - & gt; Microsoft Corp.)
BHO: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation - & gt; Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-08] (Oracle America, Inc. - & gt; Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - & gt; {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - & gt; C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated)
BHO-x32: Symantec Intrusion Prevention - & gt; {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - & gt; C:\Program Files (x86)\Norton AntiVirus\Engine\17.9.0.12\IPSBHO.DLL [2010-05-14] (Symantec Corporation - & gt; Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation - & gt; Microsoft Corporation)
BHO-x32: Pomocnik logowania za pomocą konta Microsoft - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation - & gt; Microsoft Corp.)
BHO-x32: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation - & gt; Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 0mymb8qv.default
FF DefaultProfile: srtixuv2.default
FF ProfilePath: C:\Users\rob\AppData\Roaming\Mozilla\Firefox\Profiles\0mymb8qv.default [2020-02-05]
FF Homepage: Mozilla\Firefox\Profiles\0mymb8qv.default - & gt; w22.sfgame.net
FF ProfilePath: C:\Users\rob\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\srtixuv2.default [2019-08-30]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\srtixuv2.default - & gt; hxxps://s36.sfgame.pl/
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn
FF Extension: (Norton IPS) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn [2019-11-14] [Przestarzałe] [Brak podpisu cyfrowego]
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-12] (Adobe Inc. - & gt; )
FF Plugin: @java.com/DTPlugin,version=11.231.2 - & gt; C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-08] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 - & gt; C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-08] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-12] (Adobe Inc. - & gt; )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel® Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel® Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 - & gt; NVIDIA Corporation) [Brak podpisu cyfrowego]
FF Plugin-x32: @nvidia.com/3DVisionStreaming - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 - & gt; NVIDIA Corporation) [Brak podpisu cyfrowego]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN - & gt; VideoLAN)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems, Incorporated - & gt; Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default [2020-03-30]
CHR Notifications: Default - & gt; hxxps://poczta.home.pl; hxxps://www.facebook.com
CHR HomePage: Default - & gt; hxxps://inteligo.pl/secure
CHR StartupUrls: Default - & gt; " hxxps://inteligo.pl/secure "
CHR Extension: (Dokumenty) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-27]
CHR Extension: (Dysk Google) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-27]
CHR Extension: (YouTube) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-27]
CHR Extension: (ScreenShot Link) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\enpnchlhkihnlkcebnhldokajmkfgldi [2018-01-03]
CHR Extension: (Urban Free VPN proxy Unblocker - Best VPN) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2020-02-06]
CHR Extension: (Arkusze) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-06]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-03-29]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (Gmail) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
Opera:
=======
OPR Notifications: hxxps://betonunduld.info; hxxps://ebok.pgnig.pl; hxxps://forum.audio.com.pl; hxxps://forum.vw-passat.pl; hxxps://p3.maranhesduve.club; hxxps://teams.microsoft.com; hxxps://www.scigacz.pl
OPR StartupUrls: " hxxp://wp.pl/ "
OPR Extension: (DotVPN — a better way to VPN) - C:\Users\rob\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiegahbgoabbpoieploedhfnobmpgbeg [2018-05-17]
==================== Usługi (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. - & gt; Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. - & gt; Adobe Systems, Incorporated)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology - & gt; )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Trusted Connect Service - & gt; Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation - Intel® Management Engine Firmware - & gt; Intel Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation - & gt; Symantec Corporation)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [234528 2020-02-28] (TEFINCOM S.A. - & gt; )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
S4 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [209920 2010-12-21] (Solid Documents, LLC) [Brak podpisu cyfrowego]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD - & gt; DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate - & gt; Adobe Systems Incorporated) [Brak podpisu cyfrowego]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216272 2020-03-20] (TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH)
S4 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [494088 2008-02-27] (Acronis, Inc - & gt; )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows - & gt; Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation - & gt; Microsoft Corp.)
R2 NVDisplay.ContainerLocalSystem; " C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe " -s NVDisplay.ContainerLocalSystem -f " C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log " -l 3 -d " C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem " -r -p 30000
R2 NvTelemetryContainer; " C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe " -s NvTelemetryContainer -f " C:\ProgramData\NVIDIA\NvTelemetryContainer.log " -l 3 -d " C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins " -r
===================== Sterowniki (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] (Giga-Byte Technology - & gt; )
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20200318.003\BHDrvx64.sys [1952136 2019-11-05] (Symantec Corporation - & gt; Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NAVx64\1109000.00C\ccHPx64.sys [593544 2011-08-04] (Symantec Corporation - & gt; Symantec Corporation)
S3 CMUACWO; C:\Windows\System32\DRIVERS\CMUACWO.sys [386560 2015-06-03] (C-MEDIA ELECTRONICS INC. - & gt; C-Media Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [110488 2014-12-03] (Samsung Electronics CO., LTD. - & gt; DEVGURU Co., LTD.(www.devguru.co.kr))
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2017-12-27] (DT Soft Ltd - & gt; DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516784 2019-11-11] (Symantec Corporation - & gt; Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154288 2019-11-14] (Symantec Corporation - & gt; Symantec Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation - Intel® Rapid Storage Technology - & gt; Intel Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20200327.061\IDSvia64.sys [1309192 2019-11-08] (Symantec Corporation - & gt; Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20200330.002\ENG64.SYS [138832 2019-12-17] (Symantec Corporation - & gt; Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20200330.002\EX64.SYS [2153040 2019-12-17] (Symantec Corporation - & gt; Symantec Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-12-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1109000.00C\SRTSP64.SYS [505392 2010-04-22] (Symantec Corporation - & gt; Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-22] (Symantec Corporation - & gt; Symantec Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. - & gt; DEVGURU Co., LTD.(www.devguru.co.kr))
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1109000.00C\SYMDS64.SYS [433200 2009-08-30] (Symantec Corporation - & gt; Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-22] (Symantec Corporation - & gt; Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2019-11-11] (Symantec Corporation - & gt; Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1109000.00C\Ironx64.SYS [150064 2010-04-29] (Symantec Corporation - & gt; Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NAVx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-22] (Symantec Corporation - & gt; Symantec Corporation)
R3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. - & gt; The OpenVPN Project)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-06] (Windscribe Limited - & gt; The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop - & gt; )
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] (Giga-Byte Technology - & gt; )
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation - & gt; Intel Corporation)
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc (utworzone) ===================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2020-03-30 15:54 - 2020-03-30 15:56 - 000033627 _____ C:\Users\rob\Downloads\FRST.txt
2020-03-30 15:14 - 2020-03-30 15:14 - 002280448 _____ (Farbar) C:\Users\rob\Downloads\FRST64.exe
2020-03-30 13:06 - 2020-03-30 13:06 - 000000000 ____D C:\Users\rob\AppData\Roaming\system32
2020-03-30 13:06 - 2020-03-30 13:06 - 000000000 ____D C:\Users\rob\AppData\Local\system32
2020-03-30 13:04 - 2020-03-30 15:35 - 000000000 ____D C:\Users\rob\AppData\Local\windows
2020-03-30 13:04 - 2020-03-30 13:06 - 000000000 ____D C:\Users\rob\AppData\Local\MSfree Inc
2020-03-30 13:04 - 2020-03-30 13:04 - 000000000 ____D C:\Users\rob\AppData\Roaming\windows
2020-03-29 17:18 - 2020-03-29 17:18 - 000001237 _____ C:\Users\rob\Desktop\PITy 2019.lnk
2020-03-29 17:17 - 2020-03-29 17:17 - 047920152 _____ (IPS Przedsiębiorstwo Informatyczne ) C:\Users\rob\Downloads\pity2019ngsetup.exe
2020-03-25 23:56 - 2020-03-25 23:56 - 000412464 _____ C:\Windows\Minidump\032520-44803-01.dmp
2020-03-25 20:03 - 2020-03-25 20:03 - 000071975 _____ C:\Users\rob\Downloads\etykieta_2020-03-25_19-03-10_1922.pdf
2020-03-24 15:26 - 2020-03-24 15:26 - 015751460 _____ C:\Users\rob\Downloads\paczka-03-24-1426.zip
2020-03-24 15:22 - 2020-03-24 15:22 - 008153662 _____ C:\Users\rob\Downloads\junior-explorer-4-zeszyt-cwiczen-units-6-8.pdf
2020-03-23 22:22 - 2020-03-23 22:22 - 000000960 _____ C:\Users\rob\Desktop\Luminar.lnk
2020-03-23 22:22 - 2020-03-23 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luminar
2020-03-22 12:53 - 2020-03-22 12:53 - 000002189 _____ C:\Users\rob\Desktop\Google Earth Pro.lnk
2020-03-22 12:46 - 2020-03-22 12:46 - 000000000 ____D C:\Users\rob\AppData\LocalLow\Google
2020-03-22 12:45 - 2020-03-22 12:45 - 000002189 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2020-03-20 16:18 - 2020-03-20 16:18 - 000561984 _____ C:\Users\rob\Downloads\menu www.pdf
2020-03-19 18:00 - 2020-03-19 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-03-19 18:00 - 2020-03-19 18:00 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-03-19 17:59 - 2020-03-19 18:00 - 000001975 _____ C:\Users\Public\Desktop\NordVPN.lnk
2020-03-19 17:59 - 2020-03-19 18:00 - 000001975 _____ C:\ProgramData\Desktop\NordVPN.lnk
2020-03-19 17:59 - 2020-03-19 18:00 - 000000000 ____D C:\Users\rob\AppData\Local\NordVPN
2020-03-19 17:59 - 2020-03-19 18:00 - 000000000 ____D C:\ProgramData\NordVpn
2020-03-19 17:58 - 2020-03-19 17:58 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-03-19 17:57 - 2020-03-19 17:59 - 000000000 ____D C:\Users\rob\AppData\Roaming\NordVPN
2020-03-08 15:21 - 2020-03-08 15:21 - 000000000 ____D C:\ProgramData\Google
2020-03-08 00:10 - 2020-03-08 00:10 - 000000000 ____D C:\ProgramData\DxO
2020-03-08 00:10 - 2020-03-08 00:10 - 000000000 ____D C:\Program Files\DxO
2020-03-08 00:09 - 2020-03-08 15:22 - 000000000 ____D C:\ProgramData\DxO Labs
2020-03-08 00:09 - 2020-03-08 00:09 - 000000000 ____D C:\ProgramData\Reprise
2020-03-08 00:08 - 2020-03-08 00:10 - 000000000 ____D C:\Users\rob\AppData\Local\DxO
2020-03-07 16:01 - 2020-03-08 14:21 - 000000000 ____D C:\Users\rob\Desktop\rsm www
2020-03-02 23:14 - 2020-03-02 23:14 - 000499416 _____ C:\Users\rob\Downloads\ORKE_zaswiadczenie (1).pdf
2020-02-29 16:32 - 2020-02-29 16:32 - 000000000 ____D C:\Users\rob\Downloads\CrawlerNG_2020_02_29
==================== Jeden miesiąc (zmodyfikowane) ==================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2020-03-30 15:55 - 2020-02-05 17:05 - 000000000 ____D C:\FRST
2020-03-30 15:21 - 2011-04-12 15:21 - 000711686 _____ C:\Windows\system32\perfh015.dat
2020-03-30 15:21 - 2011-04-12 15:21 - 000144732 _____ C:\Windows\system32\perfc015.dat
2020-03-30 15:21 - 2009-07-14 07:13 - 001593028 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-30 15:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-03-30 15:06 - 2018-01-06 16:14 - 000000384 _____ C:\Windows\Tasks\update-S-1-5-21-4206829922-995924665-1112165028-1000.job
2020-03-30 15:04 - 2017-12-30 17:01 - 000000000 ____D C:\Users\rob\Documents\Ada
2020-03-30 15:03 - 2017-12-28 16:31 - 000000000 ____D C:\Users\rob\AppData\LocalLow\Mozilla
2020-03-30 14:22 - 2017-12-27 20:54 - 000000000 ____D C:\Users\rob\AppData\Roaming\uTorrent
2020-03-30 13:50 - 2020-01-29 17:15 - 000000000 ____D C:\Users\rob\AppData\Local\BitTorrentHelper
2020-03-30 13:45 - 2017-12-30 17:02 - 000000000 ____D C:\Users\rob\Documents\Dokumenty AFi
2020-03-30 13:38 - 2009-07-14 06:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-30 13:38 - 2009-07-14 06:45 - 000030112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-30 12:25 - 2017-12-27 17:05 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-30 12:02 - 2018-01-06 16:14 - 000000384 _____ C:\Windows\Tasks\update-sys.job
2020-03-30 07:53 - 2019-12-16 18:12 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-03-30 07:53 - 2019-12-16 18:12 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-03-30 07:48 - 2018-01-10 16:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-03-30 07:48 - 2017-12-28 00:17 - 000000000 ____D C:\Users\rob\AppData\Roaming\MailWasherPro
2020-03-30 07:48 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-29 17:18 - 2018-03-05 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Formularze IPS
2020-03-29 17:18 - 2018-03-05 17:52 - 000000000 ____D C:\Program Files (x86)\PITy
2020-03-28 22:12 - 2018-01-10 17:00 - 000000000 ____D C:\Users\rob\AppData\Local\TeamViewer
2020-03-28 18:50 - 2017-12-27 23:04 - 000067696 _____ C:\Users\rob\Desktop\akwa.xlsx
2020-03-27 16:56 - 2020-01-23 00:48 - 000000000 ____D C:\Users\rob\AppData\Roaming\Luminar 4
2020-03-27 16:56 - 2018-05-30 19:45 - 000000000 ____D C:\Users\rob\AppData\Roaming\SNS-HDR
2020-03-25 23:56 - 2018-08-06 21:20 - 000000000 ____D C:\Windows\Minidump
2020-03-25 18:46 - 2017-12-29 17:50 - 000000000 ____D C:\Program Files (x86)\Topaz Labs
2020-03-25 15:29 - 2017-12-27 17:58 - 000000000 ____D C:\Users\rob\AppData\Local\CrashDumps
2020-03-25 09:15 - 2009-07-14 07:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-03-24 22:24 - 2019-12-16 18:12 - 000003446 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-03-23 22:22 - 2020-01-23 00:34 - 000000000 ____D C:\Program Files\Skylum
2020-03-23 16:37 - 2017-12-27 16:16 - 000000000 ____D C:\Users\rob
2020-03-22 12:45 - 2017-12-27 18:42 - 000000000 ____D C:\Program Files (x86)\Google
2020-03-20 21:17 - 2017-12-27 18:42 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 21:17 - 2017-12-27 18:42 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-19 09:58 - 2018-02-03 23:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-03-19 09:58 - 2017-12-28 16:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-18 23:29 - 2017-12-28 00:14 - 000000000 ____D C:\Users\rob\AppData\Roaming\vlc
2020-03-18 21:18 - 2017-12-27 18:42 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-18 16:26 - 2017-12-27 16:58 - 000000000 ____D C:\Program Files\Opera
2020-03-12 16:54 - 2018-03-17 11:29 - 000004424 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-03-12 16:54 - 2017-12-27 18:45 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-03-12 16:54 - 2017-12-27 18:45 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-03-12 16:54 - 2017-12-27 18:45 - 000004578 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-03-12 16:54 - 2017-12-27 18:45 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-03-12 16:54 - 2017-12-27 18:45 - 000000000 ____D C:\Windows\system32\Macromed
2020-03-12 16:23 - 2018-03-17 12:54 - 000004566 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-12 00:44 - 2013-08-17 21:21 - 000000000 ____D C:\Windows\system32\MRT
2020-03-12 00:41 - 2013-08-17 21:21 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-10 17:12 - 2020-01-22 22:55 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-03-09 00:43 - 2017-12-28 01:23 - 000000000 ____D C:\Users\rob\AppData\Local\Windows Live
2020-03-08 23:09 - 2019-09-15 19:36 - 000445215 _____ C:\Users\rob\Downloads\team_up_plus_dla_klasy_v_kartkowki_1-8_z_kluczem.zip
2020-03-08 23:04 - 2019-10-22 20:46 - 062904322 _____ C:\Users\rob\Downloads\epo_unit_tests (1).zip
2020-03-08 00:10 - 2017-12-27 16:16 - 000000000 ____D C:\Users\rob\AppData\Roaming\Adobe
2020-03-07 20:57 - 2018-05-02 15:26 - 000000000 ____D C:\Users\rob\AppData\Local\Spotify
2020-03-07 20:55 - 2018-05-02 15:26 - 000000000 ____D C:\Users\rob\AppData\Roaming\Spotify
2020-02-29 16:32 - 2018-02-11 18:32 - 000000000 ____D C:\Users\rob\AppData\Local\CrawlerNG
==================== Pliki w katalogu głównym wybranych folderów ========
2020-02-05 22:04 - 2020-02-05 22:04 - 000000000 _____ () C:\Users\rob\AppData\Local\oobelibMkey.log
2020-02-05 20:06 - 2020-02-05 20:06 - 000000003 _____ () C:\Users\rob\AppData\Local\updater.log
==================== SigCheck ============================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
LastRegBack: 2020-03-28 14:06
==================== Koniec FRST.txt ========================