Cześć. Proszę o sprawdzenie logów FRST. Komputer działał dopóki dzieciaki nie zaczęły się "uczyć" Teraz nie mogę się zalogować do Subiektu i przeglądarki bardzo wolno chodzą. AdwCleaner znalazł kilka rzeczy https://obrazki.elektroda.pl/8898358800_1587659856_thumb.jpg W załącznikach wklejam logi z FRST Z góry dziękuję
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-04-2020
Uruchomiony przez sylwia (administrator) ALIWER (Hewlett-Packard HP Pavilion Sleekbook 15 PC) (23-04-2020 19:56:41)
Uruchomiony z C:\Users\sylwia\Desktop\S_K_A_N_E_R_Y
Załadowane profile: sylwia (Dostępne profile: sylwia & Administrator)
Platform: Windows 8 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Opera
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Apple Inc. - & gt; Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink - & gt; CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink - & gt; CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company - & gt; Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company - & gt; Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company - & gt; Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company - & gt; Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company - & gt; Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company - & gt; Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. - & gt; HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. - & gt; HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(IDT, Inc.) [Brak podpisu cyfrowego] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [Brak podpisu cyfrowego] C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation - & gt; Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - & gt; Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Upgrade Service - & gt; Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IVT Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(IVT Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(IVT Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Malwarebytes Inc - & gt; Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc - & gt; Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. - & gt; McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. - & gt; McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. - & gt; McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC - & gt; McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC - & gt; McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(McAfee, LLC - & gt; McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe & lt; 2 & gt;
(McAfee, LLC. - & gt; McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_1\mcapexe.exe
(McAfee, LLC. - & gt; McAfee, LLC.) C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\McCSPServiceHost.exe
(McAfee, LLC. - & gt; McAfee, LLC.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC. - & gt; McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC. - & gt; McAfee, LLC.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC. - & gt; McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC. - & gt; McAfee, LLC.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Opera Software AS - & gt; Opera Software) C:\Users\sylwia\AppData\Local\Programs\Opera\launcher.exe
(Opera Software AS - & gt; Opera Software) C:\Users\sylwia\Downloads\opera autoupdate\installer.exe
(pdfforge GmbH - & gt; pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(pdfforge GmbH - & gt; pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Realsil Microelectronics Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Wondershare software CO., LIMITED - & gt; Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Rejestr (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [SysTrayApp] = & gt; C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.) [Brak podpisu cyfrowego]
HKLM\...\Run: [SynTPEnh] = & gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated - & gt; Synaptics Incorporated)
HKLM-x32\...\Run: [BtTray] = & gt; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [363520 2012-08-02] (IVT Corporation) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [RemoteControl10] = & gt; C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink - & gt; CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-31] (Hewlett-Packard Company - & gt; Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] = & gt; C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Company - & gt; Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] = & gt; C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company - & gt; Hewlett-Packard)
HKLM-x32\...\Run: [] = & gt; [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] = & gt; C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare software CO., LIMITED - & gt; Wondershare)
HKU\S-1-5-21-1863739931-2668292151-2535542212-1001\...\Run: [Opera Browser Assistant] = & gt; C:\Users\sylwia\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3002904 2020-04-21] (Opera Software AS - & gt; Opera Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] - & gt; regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-22] (Google LLC - & gt; Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; " C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe " --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeEraser Service.lnk [2016-01-06]
ShortcutTarget: SafeEraser Service.lnk - & gt; C:\Program Files (x86)\Wondershare\SafeEraser\SafeEraserNotifier.exe (Shenzhen Wondershare Information Technology Co., Ltd. - & gt; Wondershare)
==================== Zaplanowane zadania (filtrowane) ============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {313F45CE-D6FE-40BC-80A3-D75578852E10} - System32\Tasks\Avast Software\Overseer = & gt; C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [1660520 2020-02-28] (Avast Software s.r.o. - & gt; Avast Software)
Task: {362EEEB1-A1AE-49AB-8FDB-A1B96D1F6CC2} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series = & gt; C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [4119656 2012-10-02] (Hewlett Packard - & gt; Hewlett-Packard Co.)
Task: {37ADA75F-5776-4E8B-8177-F962BB2B5298} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [219512 2018-12-24] (HP Inc. - & gt; HP Inc.)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage = & gt; {5F074BDF-4BA3-4E68-AE86-2A6B0B5963B0} C:\WINDOWS\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows - & gt; Microsoft Corporation)
Task: {4EB1DD29-051B-40C2-BD6B-92D33EFD13B5} - System32\Tasks\McAfee\DAD.Execute.Updates = & gt; C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.134\DADUpdater.exe [4147336 2020-03-20] (McAfee, Inc. - & gt; McAfee, LLC)
Task: {5134FFC9-1B1F-4BAD-88AD-A85115AFB928} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. - & gt; HP Inc.)
Task: {5EF4A31C-2109-47F1-8C0B-9B20678572F7} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent = & gt; {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1072312 2020-02-04] (McAfee, LLC. - & gt; McAfee, LLC.)
Task: {6E4063F8-4BC3-43D7-B644-A9CAB5941F85} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-17] (HP Inc. - & gt; )
Task: {775101C5-8E6B-4EE7-8A3E-5A1AAD08192B} - System32\Tasks\HPCeeScheduleForsylwia = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company - & gt; Hewlett-Packard)
Task: {88C9F9FC-C987-4249-BC38-CB44AAFCA78B} - System32\Tasks\MirageAgent = & gt; C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink - & gt; CyberLink)
Task: {89134A97-FE6C-4F0C-AEB9-1B0A585EF4BF} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc - & gt; Google Inc.)
Task: {8B449D26-28EF-4611-9D4F-9DDE427E2261} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard - & gt; HP Inc.)
Task: {9C808500-7AFC-4987-879B-A3B6986A18E0} - System32\Tasks\Opera scheduled Autoupdate 1550919470 = & gt; C:\Users\sylwia\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-27] (Opera Software AS - & gt; Opera Software)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask = & gt; {0AC1DBCA-7F9F-47FC-A090-34E5FEB291E8} C:\WINDOWS\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows - & gt; Microsoft Corporation)
Task: {AE200243-5E31-4199-977D-09D591688D34} - System32\Tasks\Synaptics TouchPad Enhancements = & gt; \Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated - & gt; Synaptics Incorporated)
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask = & gt; {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} C:\WINDOWS\system32\SettingSyncInfo.dll [128512 2015-08-04] (Microsoft Windows - & gt; Microsoft Corporation)
Task: {B10AFD04-2E39-4338-8595-AC51C8375809} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. - & gt; HP Inc.)
Task: {B6D5A141-CD2F-422D-ABDF-4DD94C66935A} - System32\Tasks\Opera scheduled assistant Autoupdate 1582785053 = & gt; C:\Users\sylwia\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-27] (Opera Software AS - & gt; Opera Software)
Task: {D1B675B7-D93C-4F72-BAAD-AEA1EA86A6BE} - System32\Tasks\McAfeeLogon = & gt; C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [761424 2020-02-05] (McAfee, LLC. - & gt; McAfee, LLC.)
Task: {D239ED0F-F9DA-4DE5-AA48-F54ABCF4A660} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task = & gt; {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D6CA88D9-D69C-4FA6-B8DC-6B57DB79DBC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. - & gt; HP Inc.)
Task: {D767D25C-D3A9-4184-84FD-2A8A0D8FE910} - System32\Tasks\McAfee\McAfee DAT Built in test = & gt; C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.9.577\mcdatrep.exe [1826656 2020-02-12] (McAfee, Inc. - & gt; McAfee, LLC.)
Task: {D8B54E7C-159D-4CD6-8C63-17D9635CD77F} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-21] (Google Inc - & gt; Google Inc.)
Task: {E4B29758-1A97-409E-8F33-F7C8BA92A6DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. - & gt; HP Inc.)
" C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task " został odblokowany. & lt; ==== UWAGA
Task: {F260D6E7-9BCF-4DF6-8CD1-F32AC907D909} - System32\Tasks\McAfee\McAfee Idle Detection Task = & gt; {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1072312 2020-02-04] (McAfee, LLC. - & gt; McAfee, LLC.)
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForsylwia.job = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. - & gt; Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. - & gt; Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{523F9E39-A7F2-45B1-94AB-FC4F38FFC86F}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9C43565D-C41D-433F-992F-B1CFED53A636}: [DhcpNameServer] 192.168.100.183 192.168.100.184
Tcpip\..\Interfaces\{F22A47BB-127C-44C9-8964-E4041A0C846B}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPALL13/175
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPALL13/175
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL13/175
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL13/175
HKU\S-1-5-21-1863739931-2668292151-2535542212-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.pl/
HKU\S-1-5-21-1863739931-2668292151-2535542212-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL13/175
SearchScopes: HKLM - & gt; {B12CCC10-B7BD-48A9-A848-59D20AC3B3FC} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8 & tag=hp-uk3-vsb-21 & link%5Fcode=qs & index=aps & field-keywords={searchTerms}
SearchScopes: HKLM - & gt; {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms} & ei={inputEncoding} & fr=chr-hp-psg & type=HPNTDF
SearchScopes: HKLM-x32 - & gt; {B12CCC10-B7BD-48A9-A848-59D20AC3B3FC} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8 & tag=hp-uk3-vsb-21 & link%5Fcode=qs & index=aps & field-keywords={searchTerms}
SearchScopes: HKLM-x32 - & gt; {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms} & ei={inputEncoding} & fr=chr-hp-psg & type=HPNTDF
SearchScopes: HKU\S-1-5-21-1863739931-2668292151-2535542212-1001 - & gt; DefaultScope {06651016-6D44-4AB1-8648-82FE3528D0AB} URL = hxxp://www.global-pl.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1863739931-2668292151-2535542212-1001 - & gt; {06651016-6D44-4AB1-8648-82FE3528D0AB} URL = hxxp://www.global-pl.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1863739931-2668292151-2535542212-1001 - & gt; {B12CCC10-B7BD-48A9-A848-59D20AC3B3FC} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8 & tag=hp-uk3-vsb-21 & link%5Fcode=qs & index=aps & field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1863739931-2668292151-2535542212-1001 - & gt; {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms} & ei={inputEncoding} & fr=chr-hp-psg & type=HPNTDF
BHO: McAfee WebAdvisor - & gt; {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - & gt; C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-04-21] (McAfee, LLC - & gt; McAfee, LLC)
BHO-x32: PDF Architect 4 Helper - & gt; {38279E1A-7019-40C1-B579-E99DFB3312E8} - & gt; C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge GmbH - & gt; pdfforge GmbH)
BHO-x32: McAfee WebAdvisor - & gt; {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - & gt; C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-04-21] (McAfee, LLC - & gt; McAfee, LLC)
BHO-x32: HP Network Check Helper - & gt; {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (Hewlett-Packard Company - & gt; HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2015-10-19] (pdfforge GmbH - & gt; pdfforge GmbH)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2012-07-10] (Skype Technologies SA - & gt; Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-02-05] (McAfee, LLC. - & gt; McAfee, LLC.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-02-05] (McAfee, LLC. - & gt; McAfee, LLC.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-10-30] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-04-21] [UpdateUrl:hxxps://www.siteadvisor.com/waffinstall/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @mcafee.com/MSC,version=10 - & gt; C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-02-05] (McAfee, LLC. - & gt; )
FF Plugin-x32: @adobe.com/ShockwavePlayer - & gt; C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [Brak podpisu cyfrowego]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - & gt; C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-02-05] (McAfee, LLC. - & gt; )
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: PDF Architect 2 - & gt; C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH - & gt; pdfforge GmbH)
FF Plugin-x32: PDF Architect 4 - & gt; C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH - & gt; pdfforge GmbH)
Chrome:
=======
CHR Profile: C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default [2020-04-23]
CHR Notifications: Default - & gt; hxxp://poczta.onet.pl; hxxps://poczta.onet.pl; hxxps://www.facebook.com; hxxps://www.o2.pl
CHR HomePage: Default - & gt; hxxp://www.global-pl.com/
CHR StartupUrls: Default - & gt; " hxxp://www.google.pl/ "
CHR Extension: (Prezentacje) - C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Dysk Google) - C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Arkusze) - C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-23]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-16]
CHR Extension: (Gmail) - C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-04]
CHR Extension: (Chrome Media Router) - C:\Users\sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Usługi (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1544192 2012-08-02] (IVT Corporation) [Brak podpisu cyfrowego]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-07-10] (IVT Corporation) [Brak podpisu cyfrowego]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. - & gt; HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. - & gt; HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Brak podpisu cyfrowego]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation - & gt; Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation - & gt; Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-14] (Malwarebytes Inc - & gt; Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [916712 2020-04-21] (McAfee, LLC - & gt; McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_1\McApExe.exe [758864 2020-02-05] (McAfee, LLC. - & gt; McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\\McCSPServiceHost.exe [2687856 2020-01-25] (McAfee, LLC. - & gt; McAfee, LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. - & gt; McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. - & gt; McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. - & gt; McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1737992 2020-02-06] (McAfee, LLC - & gt; McAfee, LLC.)
R2 MSSQL$INSERTGT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH - & gt; pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH - & gt; pdfforge GmbH)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH - & gt; pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH - & gt; pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH - & gt; pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH - & gt; pdfforge GmbH)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1373912 2020-02-04] (McAfee, LLC. - & gt; McAfee, LLC.)
S4 SQLAgent$INSERTGT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-21] (IDT, Inc.) [Brak podpisu cyfrowego]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Windows - & gt; Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\SafeEraser\DriverInstall.exe [103736 2015-12-02] (Shenzhen Wondershare Information Technology Co., Ltd. - & gt; Wondershare)
===================== Sterowniki (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [42400 2012-08-10] (Hewlett-Packard Company - & gt; Hewlett-Packard Company)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Technology Corporation - & gt; Ralink Corporation.)
R3 BtAudioBusSrv; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (Ralink Technology Corporation - & gt; IVT Corporation)
R3 BthL2caScoIfSrv; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Technology Corporation - & gt; Ralink Corporation)
R3 btUrbFilterDrv; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-08] (Ralink Technology Corporation - & gt; Ralink Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75896 2020-01-15] (McAfee, Inc. - & gt; McAfee, LLC)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-04-22] (Malwarebytes Corporation - & gt; Malwarebytes)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC - & gt; McAfee, Inc.)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [29600 2012-08-10] (Hewlett-Packard Company - & gt; Hewlett-Packard Company)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-22] (Malwarebytes Inc - & gt; Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-04-22] (Malwarebytes Inc - & gt; Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-04-23] (Malwarebytes Corporation - & gt; Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-22] (Malwarebytes Inc - & gt; Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [124560 2020-04-22] (Malwarebytes Inc - & gt; Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [527272 2020-01-15] (McAfee, Inc. - & gt; McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [380840 2020-01-15] (McAfee, Inc. - & gt; McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85920 2020-01-15] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521128 2020-01-15] (McAfee, Inc. - & gt; McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [997800 2020-01-15] (McAfee, Inc. - & gt; McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [594360 2019-12-23] (McAfee, Inc. - & gt; McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107960 2019-12-23] (McAfee, Inc. - & gt; McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116856 2020-01-15] (McAfee, Inc. - & gt; McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252328 2020-01-15] (McAfee, Inc. - & gt; McAfee, LLC)
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2505904 2013-12-04] (Mediatek Inc. - & gt; Ralink Technology, Corp.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp - & gt; Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1204424 2013-12-02] (Mediatek Inc. - & gt; Ralink Technology, Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated - & gt; Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated - & gt; Synaptics Incorporated)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [540160 2012-07-21] (Microsoft Windows Hardware Compatibility Publisher - & gt; IDT, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation - & gt; Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Company - & gt; Hewlett-Packard Development Company, L.P.)
U0 aswVmm; Brak ImagePath
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Technology Corporation - & gt; Ralink Corporation.)
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc (utworzone) ===================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2020-04-23 19:53 - 2020-04-23 19:53 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-04-23 18:28 - 2020-04-23 19:59 - 000000000 ____D C:\Users\sylwia\Desktop\S_K_A_N_E_R_Y
2020-04-23 16:33 - 2020-04-23 16:34 - 218002168 _____ C:\Users\sylwia\Downloads\rpdtfvcc.exe
2020-04-23 08:54 - 2020-04-23 08:54 - 000146246 _____ C:\Users\sylwia\Downloads\plik1 (3).odt
2020-04-23 08:54 - 2020-04-23 08:54 - 000011471 _____ C:\Users\sylwia\Downloads\informacja dla ucz. 23.04 mat.kl.V.odt
2020-04-23 08:51 - 2020-04-23 08:51 - 000020183 _____ C:\Users\sylwia\Downloads\kl V Geografia 16.04.odt
2020-04-22 22:53 - 2020-04-22 22:53 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-22 22:53 - 2020-04-22 22:53 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-22 22:53 - 2020-04-22 22:53 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-04-22 22:53 - 2020-04-22 22:53 - 000124560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-04-22 19:55 - 2020-04-22 19:55 - 000130727 _____ C:\Users\sylwia\Downloads\orlicka.pdf
2020-04-22 19:53 - 2020-04-22 19:53 - 000011193 _____ C:\Users\sylwia\Downloads\informacja przed sprawdzianem.odt
2020-04-22 18:45 - 2020-04-22 18:46 - 000101588 _____ C:\Users\sylwia\Downloads\KRÓL KWADRATÓW (1).odt
2020-04-22 18:42 - 2020-04-22 18:42 - 000101588 _____ C:\Users\sylwia\Downloads\KRÓL KWADRATÓW.odt
2020-04-21 12:08 - 2020-04-21 12:09 - 001849952 _____ C:\Users\sylwia\Downloads\Dane_Kreatora_PSZ-PKDG_2020-04-21_12_08.dkr
2020-04-21 12:07 - 2020-04-21 12:09 - 001849952 _____ C:\Users\sylwia\Downloads\Dane_Kreatora_PSZ-PKDG_2020-04-21_12_07.dkr
2020-04-21 12:07 - 2020-04-21 12:07 - 000081205 _____ C:\Users\sylwia\Downloads\PSZ-PKDG.pdf
2020-04-21 12:04 - 2020-04-21 12:05 - 001848176 _____ C:\Users\sylwia\Downloads\Dane_Kreatora_PSZ-PKDG_2020-04-21_12_04.dkr
2020-04-21 11:35 - 2020-04-21 11:35 - 000042496 _____ C:\Users\sylwia\Downloads\15zzd_załacznik_nr_1_do_wniosku_pozyczka_v1 (2).xls
2020-04-21 11:35 - 2020-04-21 11:35 - 000019456 _____ C:\Users\sylwia\Downloads\zaącznik do pozyczki dominik orlicki.xls
2020-04-21 11:31 - 2020-04-21 11:31 - 000042496 _____ C:\Users\sylwia\Downloads\15zzd_załacznik_nr_1_do_wniosku_pozyczka_v1 (1).xls
2020-04-21 11:29 - 2020-04-21 11:29 - 000019456 _____ C:\Users\sylwia\Desktop\załacznik do wniosku o pozyczkę sylwia orlicka.xls
2020-04-21 11:23 - 2020-04-21 11:23 - 000042496 _____ C:\Users\sylwia\Downloads\15zzd_załacznik_nr_1_do_wniosku_pozyczka_v1.xls
2020-04-21 09:34 - 2020-04-21 09:34 - 000325894 _____ C:\Users\sylwia\Downloads\FAKTURA-P-12764459-20040544328868-00001607.pdf
2020-04-19 07:35 - 2020-04-19 07:35 - 000217927 _____ C:\Users\sylwia\Downloads\EFL-FV82928212.pdf
2020-04-17 16:21 - 2020-04-17 16:22 - 000113977 _____ C:\Users\sylwia\Downloads\STOPNIOWANIE PRZYMIOTNIKÓW - stopień najwyższy-1.pdf
2020-04-16 17:12 - 2020-04-16 17:12 - 000192333 _____ C:\Users\sylwia\Downloads\O06_Wezwanie_do_zaplaty_000-082-4086-4029_20_04_W001_U2004081031840625801.pdf
2020-04-16 17:12 - 2020-04-16 17:12 - 000069055 _____ C:\Users\sylwia\Downloads\O06_Specyfikacja_faktury_zbiorowej_000-082-4086-4029_20_04__U2004081031838512992.pdf
2020-04-16 17:10 - 2020-04-16 17:10 - 000179850 _____ C:\Users\sylwia\Downloads\O06_Faktura_zbiorowa_000-082-4086-4029_20_04_F003_U2004081031820875941.pdf
2020-04-16 10:35 - 2020-04-23 16:14 - 000000000 ____D C:\Users\sylwia\opera autoupdate
2020-04-15 09:56 - 2020-04-15 09:56 - 000096357 _____ C:\Users\sylwia\Downloads\test niemiecki.pdf
2020-04-15 09:55 - 2020-04-15 09:55 - 000095958 _____ C:\Users\sylwia\Downloads\matma.odt
2020-04-15 08:08 - 2020-04-15 08:09 - 002005450 _____ C:\Users\sylwia\Downloads\2020_Covid-19_Kapsula_Czasu_PL.pdf
2020-04-14 13:55 - 2020-04-23 16:38 - 000000000 ____D C:\ProgramData\Doctor Web
2020-04-14 13:50 - 2020-04-14 13:53 - 217408952 _____ C:\Users\sylwia\Downloads\y2xy1fin.exe
2020-04-14 13:00 - 2020-04-14 13:02 - 000000000 ____D C:\Users\sylwia\Downloads\ccsetup565
2020-04-14 12:57 - 2020-04-14 12:58 - 020468499 _____ C:\Users\sylwia\Downloads\ccsetup565.zip
2020-04-14 11:47 - 2020-04-14 11:47 - 000000000 ____D C:\Users\sylwia\AppData\Local\mbam
2020-04-14 11:47 - 2020-04-14 11:47 - 000000000 ____D C:\Users\sylwia\AppData\Local\cache
2020-04-14 11:46 - 2020-04-14 11:46 - 000000000 ____D C:\Users\sylwia\AppData\Local\mbamtray
2020-04-14 11:46 - 2020-04-14 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-14 11:45 - 2020-04-22 22:52 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-14 11:45 - 2020-04-14 11:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-14 11:43 - 2020-04-14 11:43 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-14 11:42 - 2020-04-14 11:42 - 001965536 _____ (Malwarebytes) C:\Users\sylwia\Downloads\MBSetup.exe
2020-04-14 11:26 - 2020-04-14 11:31 - 000000000 ____D C:\Users\sylwia\AppData\Local\TeamViewer
2020-04-14 11:25 - 2020-04-23 19:48 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-14 11:25 - 2020-04-14 11:25 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-04-14 11:25 - 2020-04-14 11:25 - 000001035 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2020-04-14 11:25 - 2020-04-14 11:25 - 000000000 ____D C:\Users\sylwia\AppData\Roaming\TeamViewer
2020-04-09 12:58 - 2020-04-09 12:59 - 000156226 _____ C:\Users\sylwia\Downloads\Easter 5SP (1).pdf
2020-04-08 18:39 - 2020-04-08 18:40 - 000156226 _____ C:\Users\sylwia\Downloads\Easter 5SP.pdf
2020-04-08 10:12 - 2020-04-08 10:12 - 000181990 _____ C:\Users\sylwia\Downloads\plik1 (2).odt
2020-04-08 09:43 - 2020-04-08 09:43 - 000037557 _____ C:\Users\sylwia\Downloads\zin1-01-16.pdf
2020-04-08 09:34 - 2020-04-08 09:34 - 000063542 _____ C:\Users\sylwia\Downloads\in1-01-23.pdf
2020-04-07 19:39 - 2020-04-07 19:39 - 000156560 _____ C:\Users\sylwia\Downloads\hartowanie weronika orlicka.odt
2020-04-07 19:36 - 2020-04-07 19:36 - 000156560 _____ C:\Users\sylwia\Desktop\hartowanie weronika orlicka.odt
2020-04-07 10:25 - 2020-04-07 10:25 - 000067903 _____ C:\Users\sylwia\Downloads\plik1 (1).odt
2020-04-07 10:25 - 2020-04-07 10:25 - 000012195 _____ C:\Users\sylwia\Downloads\informacja dla ucz.7IV mat.kl.V.odt
2020-04-07 08:55 - 2020-04-07 08:55 - 000004334 _____ C:\Users\sylwia\Downloads\listy_07-04-2020_08_42_55.pdf
2020-04-07 08:53 - 2020-04-07 08:54 - 000047700 _____ C:\Users\sylwia\Downloads\ALIWER_07-04-20.pdf
2020-04-06 17:20 - 2020-04-06 17:20 - 000048382 _____ C:\Users\sylwia\Downloads\FS 154-2020.pdf
2020-04-05 20:07 - 2020-04-05 20:08 - 000024806 _____ C:\Users\sylwia\Downloads\geografia.odt
2020-04-03 16:03 - 2020-04-03 16:03 - 000049222 _____ C:\Users\sylwia\Downloads\FS 138-2020 (1).pdf
2020-04-03 16:02 - 2020-04-03 16:02 - 000049092 _____ C:\Users\sylwia\Downloads\FS 125-2020 (1).pdf
2020-04-03 15:19 - 2020-04-03 15:20 - 000226210 _____ C:\Users\sylwia\Downloads\Comparative 5 SP.PDF
2020-04-03 13:32 - 2020-04-03 13:32 - 000035974 _____ C:\Users\sylwia\Downloads\Dokument_VAT_I_-_02_06097_03_2020_6198_FVS.pdf
2020-04-03 13:31 - 2020-04-03 13:31 - 000209221 _____ C:\Users\sylwia\Downloads\FAKTURA-P-17600164-20030504639813-00000465.pdf
2020-04-03 13:30 - 2020-04-03 13:30 - 000183602 _____ C:\Users\sylwia\Downloads\O06_Faktura_zbiorowa_000-082-4086-4029_20_03_F002_U2003081011046475805.pdf
2020-04-03 13:27 - 2020-04-03 13:27 - 000029762 _____ C:\Users\sylwia\Downloads\FAV_183856_26914697_2020.pdf
2020-04-03 10:22 - 2020-04-03 10:22 - 000365297 _____ C:\Users\sylwia\Downloads\0000AX5261_Apr032020_Invoices.zip
2020-04-02 13:58 - 2020-04-02 13:58 - 000033339 _____ C:\Users\sylwia\Downloads\Potwierdzenie_transakcji_nr_0071363138_020420.pdf
2020-04-02 12:02 - 2020-04-02 12:02 - 000049222 _____ C:\Users\sylwia\Downloads\FS 138-2020.pdf
2020-04-02 10:30 - 2020-04-02 10:30 - 000106724 _____ C:\Users\sylwia\Downloads\plik1.odt
2020-04-02 10:30 - 2020-04-02 10:30 - 000079932 _____ C:\Users\sylwia\Downloads\plik2.odt
2020-04-02 10:29 - 2020-04-02 10:29 - 000118917 _____ C:\Users\sylwia\Downloads\plik1 sroda 1 kwiet (2).odt
2020-04-02 10:29 - 2020-04-02 10:29 - 000011587 _____ C:\Users\sylwia\Downloads\info dla ucz.2kwiet.odt
2020-04-02 10:29 - 2020-04-02 10:29 - 000011061 _____ C:\Users\sylwia\Downloads\instrukcja dla ucz. 1 kwietnia.odt
2020-04-02 09:55 - 2020-04-02 09:55 - 000010532 _____ C:\Users\sylwia\Downloads\ALIWER LISTY PRZEWOZOWE.pdf
2020-04-02 09:29 - 2020-04-02 09:30 - 000049475 _____ C:\Users\sylwia\Downloads\ALIWER_01-04-20.pdf
2020-04-02 09:26 - 2020-04-02 09:26 - 000048551 _____ C:\Users\sylwia\Downloads\ALIWER_31-03-20.pdf
2020-04-01 16:26 - 2020-04-01 16:26 - 000236580 _____ C:\Users\sylwia\Downloads\STOPNIOWANIE KL. 5 KM.PDF
2020-04-01 15:52 - 2020-04-01 15:52 - 000000155 _____ C:\Users\sylwia\Downloads\0000AX5261_P_01042020_895_1A.csv
2020-04-01 15:23 - 2020-04-01 15:23 - 000049373 _____ C:\Users\sylwia\Downloads\Invoice Aliwer 4_20 - Invoice.pdf
2020-04-01 14:15 - 2020-04-01 14:15 - 000429376 _____ C:\Users\sylwia\Downloads\klasa V, program telewizyjny.pdf
2020-04-01 14:13 - 2020-04-01 14:13 - 000090644 _____ C:\Users\sylwia\Downloads\plik2 sroda 1 kwietnia (1).odt
2020-04-01 14:13 - 2020-04-01 14:13 - 000011422 _____ C:\Users\sylwia\Downloads\informacja dla ucznia 31III (1).odt
2020-04-01 14:12 - 2020-04-01 14:12 - 000118917 _____ C:\Users\sylwia\Downloads\plik1 sroda 1 kwiet (1).odt
2020-04-01 14:12 - 2020-04-01 14:12 - 000090644 _____ C:\Users\sylwia\Downloads\plik2 sroda 1 kwietnia.odt
2020-04-01 14:11 - 2020-04-01 14:11 - 000118917 _____ C:\Users\sylwia\Downloads\plik1 sroda 1 kwiet.odt
2020-04-01 14:10 - 2020-04-01 14:10 - 000011422 _____ C:\Users\sylwia\Downloads\informacja dla ucznia 31III.odt
2020-04-01 14:05 - 2020-04-01 14:05 - 000056231 _____ C:\Users\sylwia\Downloads\1.04.2020_5a.pdf
2020-03-30 10:36 - 2020-03-30 10:36 - 000537669 _____ C:\Users\sylwia\Downloads\Zwązek Kitowców s.1.pdf
2020-03-24 12:46 - 2020-03-24 12:46 - 000029449 _____ C:\Users\sylwia\Downloads\Print data (4).PDF
==================== Jeden miesiąc (zmodyfikowane) ==================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2020-04-23 20:02 - 2014-09-08 22:25 - 000000000 ____D C:\FRST
2020-04-23 19:56 - 2012-08-10 17:45 - 000000821 _____ C:\WINDOWS\SysWOW64\bscs.ini
2020-04-23 19:55 - 2012-08-21 21:32 - 000892976 _____ C:\WINDOWS\system32\perfh015.dat
2020-04-23 19:55 - 2012-08-21 21:32 - 000200314 _____ C:\WINDOWS\system32\perfc015.dat
2020-04-23 19:55 - 2012-07-26 09:28 - 002119232 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-23 19:55 - 2012-07-26 07:37 - 000000000 ____D C:\WINDOWS\Inf
2020-04-23 19:53 - 2020-02-28 09:38 - 000000000 ____D C:\Users\sylwia\Downloads\opera autoupdate
2020-04-23 19:52 - 2012-10-04 15:27 - 000004524 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2020-04-23 19:52 - 2012-10-04 15:27 - 000000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2020-04-23 19:47 - 2019-11-01 13:01 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForsylwia.job
2020-04-23 19:47 - 2012-07-26 09:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-23 18:33 - 2014-09-09 05:35 - 000000000 ____D C:\AdwCleaner
2020-04-23 16:32 - 2015-09-17 17:50 - 000000000 ____D C:\Users\sylwia
2020-04-23 15:11 - 2019-03-22 19:02 - 000017542 _____ C:\Users\sylwia\Desktop\obroty.ods
2020-04-23 15:11 - 2013-12-03 16:52 - 001844224 ___SH C:\Users\sylwia\Desktop\Thumbs.db
2020-04-23 08:08 - 2020-02-27 08:30 - 000004286 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582785053
2020-04-22 16:31 - 2020-02-12 18:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2020-04-22 14:00 - 2019-02-21 14:21 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-22 14:00 - 2019-02-21 14:21 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-22 13:53 - 2019-11-01 13:01 - 000003166 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForsylwia
2020-04-22 08:19 - 2012-07-26 07:26 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2020-04-21 15:09 - 2015-09-18 14:23 - 000010752 _____ C:\Users\sylwia\Documents\ALIWER.i01
2020-04-21 15:08 - 2015-09-18 14:23 - 067896320 _____ C:\Users\sylwia\Documents\ALIWER.iar
2020-04-20 19:50 - 2013-12-01 21:16 - 003445248 ___SH C:\Users\sylwia\Downloads\Thumbs.db
2020-04-20 11:54 - 2018-07-30 12:10 - 000000000 ____D C:\Users\sylwia\Desktop\młody roboczy
2020-04-20 10:46 - 2012-07-26 10:12 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-20 10:46 - 2012-07-26 10:12 - 000000000 ____D C:\WINDOWS\AUInstallAgent
2020-04-15 08:03 - 2015-04-12 15:18 - 000000000 ____D C:\Users\sylwia\Desktop\KATALOGI
2020-04-14 15:33 - 2015-09-17 18:12 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1863739931-2668292151-2535542212-1001
2020-04-14 14:35 - 2017-04-19 05:53 - 000327512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-14 14:35 - 2012-07-26 07:26 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2020-04-14 14:30 - 2016-01-08 20:51 - 000000000 ____D C:\Program Files (x86)\FreeCodecPack
2020-04-14 14:22 - 2015-09-17 20:17 - 000000000 ____D C:\Users\sylwia\Doctor Web
2020-04-14 13:38 - 2016-12-28 19:33 - 000000000 ____D C:\Users\sylwia\AppData\Local\PDFCreator
2020-04-14 13:38 - 2015-09-18 20:43 - 000000000 ____D C:\Program Files\PDFCreator
2020-04-14 13:36 - 2019-01-25 07:39 - 000000000 ____D C:\Users\sylwia\AppData\Local\CrashDumps
2020-04-14 13:36 - 2015-09-17 17:42 - 000000000 ____D C:\WINDOWS\Minidump
2020-04-14 13:36 - 2012-08-04 01:21 - 000000000 ___DC C:\WINDOWS\Panther
2020-04-14 12:42 - 2015-09-17 19:47 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-04-14 12:41 - 2012-07-26 10:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-14 12:39 - 2016-10-16 20:28 - 000000000 ____D C:\Program Files\Common Files\AV
2020-04-14 12:08 - 2020-02-12 17:34 - 000000000 ____D C:\ProgramData\McAfee
2020-04-14 10:46 - 2012-07-26 10:12 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-04-03 08:20 - 2015-05-15 20:48 - 000000000 ____D C:\Users\sylwia\Desktop\COMBI
2020-04-02 15:27 - 2019-02-23 12:57 - 000004092 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1550919470
2020-04-02 15:27 - 2019-02-23 12:57 - 000001327 _____ C:\Users\sylwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk
2020-04-02 14:08 - 2015-03-27 09:49 - 000012771 _____ C:\Users\sylwia\Desktop\ROZRACHUNKI - ALMIS.ods
2020-04-01 11:48 - 2015-04-02 11:29 - 000009216 _____ C:\Users\sylwia\Desktop\KALAKULATOR-koszty dostawy.ods
2020-03-24 14:00 - 2020-02-12 18:25 - 000000000 ____D C:\Program Files (x86)\McAfee
==================== SigCheck ============================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
LastRegBack: 2020-04-16 23:01
==================== Koniec FRST.txt ========================