Witam, Jak w temacie, NOD wyświetla mi wyżej wymieniony komunikat. Stało się to po instalacji jakiegoś programu. Skanowałem komputer adwCleanerem, nie znalazł zagrożeń, ESETem usunąłem ponad 20 podejrzanych plików, jednakże problem nadal jest. Poniżej zamieszczam dokumenty notatnika z programu FRST64.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 12.01.2019
Uruchomiony przez Michał Bagilcz (administrator) DESKTOP-3VUK5EE (12-01-2019 17:41:36)
Uruchomiony z C:\Users\Michał Bagilcz\Desktop\adwCleaner
Załadowane profile: Michał Bagilcz (Dostępne profile: Michał Bagilcz)
Platform: Windows 10 Pro Wersja 1803 17134.523 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [SecurityHealth] = & gt; C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] = & gt; D:\Programy\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM\...\Run: [egui] = & gt; C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-11-29] (ESET)
HKLM-x32\...\Run: [Autodesk Desktop App] = & gt; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [709416 2018-03-10] (Autodesk, Inc.)
HKLM-x32\...\Run: [ControlCenter3] = & gt; C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia & lt; ==== UWAGA
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] = & gt; C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] = & gt; C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2229328006-2000099989-1006533568-1001\...\Run: [CCleaner Smart Cleaning] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
HKU\S-1-5-21-2229328006-2000099989-1006533568-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-11] (Google Inc.)
ShellServiceObjects: Brak nazwy - & gt; {59EFE487-E5B8-4fae-9D2C-FCDF0B70CE70} = & gt;
ShellServiceObjects-x32: Brak nazwy - & gt; {59EFE487-E5B8-4fae-9D2C-FCDF0B70CE70} = & gt;
GroupPolicy: Ograniczenia - Chrome & lt; ==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5beb66fb-a402-4f4a-ad0d-eee91bb46daf}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
BHO: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper - & gt; {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - & gt; C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-10-11] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: sc4qwjhc.default
FF ProfilePath: C:\Users\Michał Bagilcz\AppData\Roaming\Mozilla\Firefox\Profiles\sc4qwjhc.default [2019-01-12]
FF Extension: (Firefox Protection) - C:\Users\Michał Bagilcz\AppData\Roaming\Mozilla\Firefox\Profiles\sc4qwjhc.default\Extensions\{ab10d63e-3096-4492-ab0e-5edcf4baf988} [2019-01-11] [Brak podpisu cyfrowego]
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - & gt; D:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - & gt; D:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp - & gt; D:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf - & gt; D:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2019-01-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2019-01-11] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default - & gt; " hxxp://google.pl/ " , " hxxps://www.google.com/ "
CHR Profile: C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default [2019-01-12]
CHR Extension: (Prezentacje) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-03]
CHR Extension: (Dokumenty) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-03]
CHR Extension: (Dysk Google) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-03]
CHR Extension: (YouTube) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-03]
CHR Extension: (Adblock Plus) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-03]
CHR Extension: (Anonymous Proxy Browser) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjnfcmkfdcoeckplikldabeggcohmbmj [2018-04-03]
CHR Extension: (Arkusze) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-03]
CHR Extension: (Zakładki iCloud) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2018-04-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (AdBlock) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-01-12]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-18]
CHR Profile: C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-01-11]
CHR Profile: C:\Users\Michał Bagilcz\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-11]
==================== Usługi (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1374072 2018-03-10] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-11-29] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-11-29] (ESET)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 Origin Client Service; D:\Gry\Origin\OriginClientService.exe [2270528 2018-12-25] (Electronic Arts)
S2 Origin Web Helper Service; D:\Gry\Origin\OriginWebHelperService.exe [3131208 2018-12-25] (Electronic Arts)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [293344 2017-07-12] (Realtek Semiconductor Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; " C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe " -s NVDisplay.ContainerLocalSystem -f " C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log " -l 3 -d " C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem " -r -p 30000
R2 NvTelemetryContainer; " C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe " -s NvTelemetryContainer -f " C:\ProgramData\NVIDIA\NvTelemetryContainer.log " -l 3 -d " C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins " -r
===================== Sterowniki (filtrowane) ======================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [124928 2017-03-09] (ASUS Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-11-29] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-10-17] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-17] (ESET)
S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-10-17] (ESET)
S4 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-10-17] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-17] (ESET)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31112 2017-05-03] (ASUS)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_eb18ef0e5d636f6f\nvlddmkm.sys [20337064 2018-10-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [724448 2017-07-12] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [762112 2015-10-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6907240 2017-07-14] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2019-01-12 17:40 - 2019-01-12 17:41 - 000000000 ____D C:\Users\Michał Bagilcz\Desktop\adwCleaner
2019-01-12 17:25 - 2019-01-12 17:25 - 000008702 _____ C:\Users\Michał Bagilcz\Desktop\Konstrukcje betonowe-notatnik.xlsx
2019-01-12 13:44 - 2019-01-12 13:44 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\ESET
2019-01-12 13:42 - 2019-01-12 13:44 - 000000000 ____D C:\Program Files\ESET
2019-01-12 13:42 - 2019-01-12 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-01-12 13:42 - 2019-01-12 13:42 - 000000000 ____D C:\ProgramData\ESET
2019-01-12 13:40 - 2019-01-12 13:40 - 104742008 _____ (ESET) C:\Users\Michał Bagilcz\Downloads\essp_nt64.exe
2019-01-11 17:40 - 2019-01-11 17:40 - 000000000 ____D C:\WINDOWS\Panther
2019-01-11 15:10 - 2019-01-12 14:20 - 000000000 ____D C:\Program Files\WNXH2MJQVS
2019-01-11 14:53 - 2019-01-11 14:53 - 000010554 _____ C:\Users\Michał Bagilcz\Desktop\Kanalizacja podposadzkowa - zestawienie ilości- Budynek typu B v2.xlsx
2019-01-11 14:44 - 2019-01-11 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-01-11 14:44 - 2019-01-11 14:44 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-01-11 14:44 - 2019-01-11 14:44 - 000000000 ____D C:\Program Files\MSBuild
2019-01-11 14:44 - 2019-01-11 14:44 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-01-11 14:44 - 2019-01-11 14:44 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-01-11 14:31 - 2019-01-11 14:33 - 000000000 ____D C:\AdwCleaner
2019-01-11 14:31 - 2019-01-11 14:31 - 007320272 _____ (Malwarebytes) C:\Users\Michał Bagilcz\Desktop\adwcleaner_7.2.6.0.exe
2019-01-11 14:15 - 2019-01-11 14:15 - 000061387 _____ C:\Users\Michał Bagilcz\Downloads\Addition.txt
2019-01-11 14:13 - 2019-01-12 17:41 - 000000000 ____D C:\FRST
2019-01-11 14:13 - 2019-01-11 14:13 - 002425856 _____ (Farbar) C:\Users\Michał Bagilcz\Downloads\FRST64.exe
2019-01-11 13:32 - 2019-01-11 13:32 - 000003566 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-11 13:32 - 2019-01-11 13:32 - 000003442 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-11 13:32 - 2019-01-11 13:32 - 000002383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-11 13:32 - 2019-01-11 13:32 - 000002342 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-11 13:18 - 2019-01-11 13:19 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\LocalLow\Mozilla
2019-01-11 13:18 - 2019-01-11 13:18 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Roaming\Mozilla
2019-01-11 13:18 - 2019-01-11 13:18 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\Mozilla
2019-01-11 12:44 - 2019-01-11 12:44 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\Opera Software
2019-01-11 12:20 - 2019-01-12 10:10 - 000000000 ____D C:\ProgramData\Smarty Uninstaller 4
2019-01-11 12:20 - 2019-01-11 12:20 - 000003184 _____ C:\WINDOWS\System32\Tasks\SmartyUninstallerLauncher
2019-01-11 12:20 - 2019-01-11 12:20 - 000000794 _____ C:\Users\Michał Bagilcz\Desktop\Smarty Uninstaller 4.lnk
2019-01-11 12:20 - 2019-01-11 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smarty Uninstaller
2019-01-11 12:19 - 2019-01-11 12:19 - 006519388 _____ (OneSmarty ) C:\Users\Michał Bagilcz\Downloads\SmartyUninstaller4.exe
2019-01-11 12:03 - 2019-01-11 12:03 - 000009501 _____ C:\Users\Michał Bagilcz\Desktop\Kanalizacja podposadzkowa - zestawienie ilości- Budynek typu B.xlsx
2019-01-11 11:41 - 2019-01-11 15:57 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\GoogleChromeUserData
2019-01-11 11:01 - 2019-01-11 11:01 - 000000266 __RSH C:\Users\Michał Bagilcz\ntuser.pol
2019-01-11 10:53 - 2018-03-05 16:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-01-11 10:53 - 2018-03-05 16:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-01-11 10:53 - 2018-03-05 16:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-01-11 10:53 - 2018-02-14 16:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-01-11 10:53 - 2018-02-14 16:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-01-11 10:53 - 2018-02-14 16:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-01-11 10:51 - 2019-01-12 14:51 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\GoogleChromeApplication
2019-01-11 10:51 - 2019-01-11 15:19 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2019-01-11 10:45 - 2019-01-12 14:36 - 000000000 ____D C:\Program Files (x86)\WinData
2019-01-11 10:45 - 2019-01-12 13:48 - 000000000 ____D C:\Program Files (x86)\SmartData
2019-01-11 10:45 - 2019-01-11 17:26 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-01-11 10:45 - 2019-01-11 15:12 - 000003088 __RSH C:\ProgramData\ntuser.pol
2019-01-11 10:45 - 2019-01-11 12:21 - 000000000 ____D C:\ProgramData\Isolated Storage
2019-01-11 10:45 - 2019-01-11 10:45 - 000003424 _____ C:\WINDOWS\System32\Tasks\nvanc
2019-01-11 10:45 - 2019-01-11 10:45 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Roaming\doIet
2019-01-11 10:44 - 2019-01-12 14:55 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\Samantha
2019-01-11 10:44 - 2019-01-11 15:10 - 000722944 _____ C:\Users\Michał Bagilcz\AppData\Local\sham.db
2019-01-11 10:44 - 2019-01-11 10:44 - 000140800 _____ C:\Users\Michał Bagilcz\AppData\Local\installer.dat
2019-01-11 10:44 - 2019-01-11 10:44 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\AdvinstAnalytics
2019-01-11 10:38 - 2019-01-11 10:42 - 000000000 ____D C:\ProgramData\Xopxop
2019-01-11 10:38 - 2019-01-11 10:38 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-01-11 10:38 - 2019-01-11 10:38 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-01-11 10:38 - 2019-01-11 10:38 - 000000000 ____D C:\ProgramData\Xwe44
2019-01-11 10:38 - 2019-01-11 10:38 - 000000000 ____D C:\ProgramData\PREYZ5SXM2HQPXDJZ23N
2019-01-11 10:37 - 2019-01-11 10:37 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\ChemTable Software
2019-01-11 10:07 - 2019-01-11 10:07 - 000000000 ____D C:\Users\Public\Foxit Software
2019-01-11 10:07 - 2019-01-11 10:07 - 000000000 ____D C:\ProgramData\Foxit Software
2019-01-11 10:06 - 2019-01-11 10:07 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Roaming\Foxit Software
2019-01-11 10:06 - 2019-01-11 10:06 - 000000998 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2019-01-11 10:06 - 2019-01-11 10:06 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Roaming\Foxit AgentInformation
2019-01-11 10:06 - 2019-01-11 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2019-01-11 10:06 - 2019-01-11 10:06 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform
2019-01-11 10:04 - 2019-01-11 10:04 - 075074344 _____ (Foxit Software Inc. ) C:\Users\Michał Bagilcz\Downloads\FoxitReader94_enu_Setup_Prom.exe
2019-01-10 17:04 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-10 17:04 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-10 17:04 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-10 17:04 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-10 17:03 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-10 17:03 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-10 17:03 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-10 17:03 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-10 17:03 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-10 17:03 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-10 17:03 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-10 17:03 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-10 17:03 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-10 17:03 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-10 17:03 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-10 17:03 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-10 17:03 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-10 17:03 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-10 17:03 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-10 17:03 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-10 17:03 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-10 17:03 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-10 17:03 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-10 17:03 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-10 17:03 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-10 17:03 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-10 17:03 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-10 17:03 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-10 17:03 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-10 17:03 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-10 17:03 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-10 17:03 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-10 17:03 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-10 17:03 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-10 17:03 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-10 17:03 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-10 17:03 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-10 17:03 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-10 17:03 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-10 17:03 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-10 17:03 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-10 17:03 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-10 17:03 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-10 17:03 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-10 17:03 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-10 17:03 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-10 17:03 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-10 17:03 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-10 17:03 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-10 17:03 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-10 17:03 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-10 17:03 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-10 17:03 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-10 17:03 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-10 17:03 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-10 17:03 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-10 17:03 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-10 17:03 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-10 17:03 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-10 17:03 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-10 17:03 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-10 17:03 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-10 17:03 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-10 17:03 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-10 17:03 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-10 17:03 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-10 17:03 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-10 17:03 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-10 17:03 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-10 17:03 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-10 17:03 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-10 17:03 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-10 17:03 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-10 17:03 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-10 17:03 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-10 17:03 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-10 17:03 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-10 17:03 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-10 17:03 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-10 17:03 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-10 17:03 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-10 17:03 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-10 17:03 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-10 17:03 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-10 17:03 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-10 17:03 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-10 17:03 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-12-23 09:29 - 2018-12-23 09:29 - 000000000 ____D C:\Users\Michał Bagilcz\Desktop\VASTBOUW - Zamówienia
2018-12-23 09:10 - 2018-12-23 09:10 - 000236032 _____ C:\Users\Michał Bagilcz\Downloads\18 1606 MIG 02 MB.xls
2018-12-22 12:59 - 2018-12-22 12:59 - 000000206 _____ C:\Users\Michał Bagilcz\Desktop\Company of Heroes 2.url
2018-12-21 20:14 - 2018-09-04 23:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-12-21 20:12 - 2018-12-21 20:12 - 000002438 _____ C:\Users\Michał Bagilcz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-19 19:32 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-19 19:32 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-19 19:32 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-19 19:32 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-19 19:32 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-19 19:32 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-19 19:32 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-19 19:32 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-19 19:32 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-19 19:32 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-19 19:32 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-19 19:32 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-19 19:32 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-19 19:32 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-19 19:32 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-19 19:32 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-19 19:32 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-16 15:02 - 2018-12-17 21:02 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Roaming\vlc
2018-12-16 15:01 - 2018-12-16 15:01 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-12-16 15:01 - 2018-12-16 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-12-16 15:00 - 2018-12-16 15:00 - 000000000 ____D C:\Program Files\VideoLAN
2018-12-16 14:59 - 2018-12-16 15:00 - 041486400 _____ C:\Users\Michał Bagilcz\Downloads\vlc-3.0.4-win64.exe
2018-12-16 14:19 - 2018-12-16 14:43 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Roaming\NapiProjekt
2018-12-16 14:19 - 2018-12-16 14:19 - 000001113 _____ C:\Users\Michał Bagilcz\Desktop\NapiProjekt.lnk
2018-12-16 14:19 - 2018-12-16 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
2018-12-16 14:19 - 2018-12-16 14:19 - 000000000 ____D C:\Program Files (x86)\NapiProjekt
2018-12-16 14:15 - 2018-12-16 14:16 - 009348248 _____ ( ) C:\Users\Michał Bagilcz\Downloads\NapiProjektSetup2.2.0.2399.exe
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2019-01-12 17:41 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-12 17:36 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-12 17:36 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-12 17:36 - 2018-04-03 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-12 17:34 - 2018-04-04 10:30 - 000000000 ____D C:\Program Files\rempl
2019-01-12 17:30 - 2018-04-03 13:03 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2019-01-12 17:28 - 2018-04-03 12:27 - 000000000 __SHD C:\Users\Michał Bagilcz\IntelGraphicsProfiles
2019-01-12 17:28 - 2018-04-03 11:06 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-12 17:26 - 2018-05-25 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-12 17:26 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-12 16:52 - 2018-04-06 07:07 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\Packages
2019-01-12 14:26 - 2018-11-18 13:14 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Roaming\uTorrent
2019-01-12 14:24 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-12 13:43 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-12 12:18 - 2018-05-25 23:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-11 19:28 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-11 18:39 - 2018-07-21 14:56 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\D3DSCache
2019-01-11 15:29 - 2018-04-05 17:49 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Local\CrashDumps
2019-01-11 14:45 - 2018-04-12 16:54 - 000783576 _____ C:\WINDOWS\system32\perfh015.dat
2019-01-11 14:45 - 2018-04-12 16:54 - 000151702 _____ C:\WINDOWS\system32\perfc015.dat
2019-01-11 14:45 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-11 14:44 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-01-11 14:44 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-01-11 14:33 - 2018-11-18 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-01-11 13:32 - 2018-04-03 11:35 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-11 12:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-11 11:01 - 2018-05-25 23:23 - 000000000 ____D C:\Users\Michał Bagilcz
2019-01-11 10:45 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2019-01-11 08:48 - 2018-05-25 23:35 - 001673758 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-10 19:07 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-10 19:07 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-10 17:29 - 2018-04-04 11:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-10 17:25 - 2018-04-04 11:18 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-06 21:34 - 2018-09-23 10:25 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Roaming\Messenger for Desktop
2019-01-03 17:13 - 2018-07-20 20:15 - 000000000 ___RD C:\Users\Michał Bagilcz\Desktop\Dokumenty
2019-01-02 20:41 - 2018-11-14 22:19 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-14 22:19 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-30 16:57 - 2018-04-18 17:03 - 000000000 ____D C:\ProgramData\Origin
2018-12-30 14:22 - 2018-04-18 17:07 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Roaming\Origin
2018-12-29 10:50 - 2018-09-30 18:58 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-24 11:47 - 2018-08-24 18:25 - 000000000 ____D C:\Users\Michał Bagilcz\Documents\My Games
2018-12-22 12:59 - 2018-04-03 11:50 - 000000000 ____D C:\Users\Michał Bagilcz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-12-21 20:15 - 2018-05-25 23:45 - 000003396 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2229328006-2000099989-1006533568-1001
2018-12-21 20:13 - 2018-04-03 11:09 - 000000000 ___RD C:\Users\Michał Bagilcz\OneDrive
2018-12-15 20:28 - 2018-04-06 07:30 - 000000000 ___RD C:\Users\Michał Bagilcz\3D Objects
2018-12-15 20:28 - 2018-04-03 11:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-15 20:26 - 2018-05-25 23:14 - 000491568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Pliki w katalogu głównym wybranych folderów =======
2019-01-11 10:38 - 2019-01-11 10:38 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-01-11 10:38 - 2019-01-11 10:38 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-01-11 10:44 - 2019-01-11 10:44 - 000140800 _____ () C:\Users\Michał Bagilcz\AppData\Local\installer.dat
2019-01-11 10:44 - 2019-01-11 15:10 - 000722944 _____ () C:\Users\Michał Bagilcz\AppData\Local\sham.db
Niektóre pliki w TEMP:
====================
2019-01-11 10:45 - 2019-01-11 10:45 - 000375522 _____ ( ) C:\Users\Michał Bagilcz\AppData\Local\Temp\kijyiyeakex.exe
2019-01-11 10:43 - 2019-01-11 10:43 - 000158720 _____ () C:\Users\Michał Bagilcz\AppData\Local\Temp\STOP.exe
2019-01-11 11:42 - 2019-01-11 10:38 - 000099894 _____ () C:\Users\Michał Bagilcz\AppData\Local\Temp\Uninstall.exe
2019-01-11 10:38 - 2019-01-11 10:38 - 006440236 ___SH (FairBot ) C:\Users\Michał Bagilcz\AppData\Local\Temp\webhost.exe
==================== Bamital & volsnap ======================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\WINDOWS\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2018-05-25 23:13
==================== Koniec FRST.txt ============================