ADVERTISEMENT

FRST.txt

Laptop Toshiba, WIN10 - Chrome obciąża procesor, prośba o sprawdzenie Addition.t

Dzięki za sprawdzenie. Odberałem info ale nie mogłem już nic przesłać. Poniżej mam aktualne dane.


Download file - link to post

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 03.03.2019
Uruchomiony przez Adrian (administrator) TOSHIBA (06-03-2019 12:56:09)
Uruchomiony z C:\Users\Adrian\Desktop\FRST
Załadowane profile: Adrian (Dostępne profile: Adrian & skaws & Gość & DefaultAppPool)
Platform: Windows 10 Pro Wersja 1803 17134.590 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc - & gt; Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor Corp - & gt; Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp - & gt; Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc - & gt; Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [SecurityHealth] = & gt; C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows - & gt; Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] = & gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2387752 2010-09-30] (Synaptics Incorporated - & gt; Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-10] (Realtek Semiconductor Corp - & gt; Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2181224 2010-11-03] (Realtek Semiconductor Corp - & gt; Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] = & gt; C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA CORPORATION - & gt; TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] = & gt; C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] = & gt; C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. - & gt; Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia & lt; ==== UWAGA
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] = & gt; C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows - & gt; Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] = & gt; C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows - & gt; Microsoft Corporation)
HKU\S-1-5-21-3575120272-2782400450-496103650-1001\...\Run: [Trans] = & gt; C:\Program Files (x86)\Trans\trans.exe [5435776 2016-06-23] (Logintrans Sp. z o.o. - & gt; )
HKU\S-1-5-21-3575120272-2782400450-496103650-1001\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd - & gt; Piriform Ltd)
HKU\S-1-5-21-3575120272-2782400450-496103650-1001\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-05-30] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
HKU\S-1-5-21-3575120272-2782400450-496103650-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3575120272-2782400450-496103650-1001\...\MountPoints2: {be0d694e-730d-11e8-b292-68a3c41ce1a8} - " G:\QuickInstall.exe "
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-02] (Google LLC - & gt; Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] - & gt;
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] - & gt; C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2017-05-26] (McAfee, Inc. - & gt; McAfee, Inc.)
Lsa: [Notification Packages] scecli " C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-12-29]
ShortcutTarget: TRDCReminder.lnk - & gt; C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION - & gt; TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-12-29]
ShortcutTarget: TRDCReminder.lnk - & gt; C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION - & gt; TOSHIBA Europe)
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-12-29]
ShortcutTarget: TRDCReminder.lnk - & gt; C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION - & gt; TOSHIBA Europe)
Startup: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-12-29]
ShortcutTarget: TRDCReminder.lnk - & gt; C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION - & gt; TOSHIBA Europe)
Startup: C:\Users\skaws\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-12-29]
ShortcutTarget: TRDCReminder.lnk - & gt; C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION - & gt; TOSHIBA Europe)
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{4edb84a1-9fc8-4c88-b292-2f7dcb10a123}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{790dbdcc-25aa-4471-a8f0-8a6eb48993f7}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{d103bb70-86a3-493e-9012-b7da7e61b93c}: [NameServer] 89.108.202.21 89.108.195.21

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia & lt; ==== UWAGA
HKU\S-1-5-21-3575120272-2782400450-496103650-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190
SearchScopes: HKLM - & gt; DefaultScope {E34582DC-35F7-45A9-A81B-BE37F7943B7B} URL = hxxp://www.bing.com/search?q={searchTerms} & form=TSHMDF & pc=MATM & src=IE-SearchBox
SearchScopes: HKLM - & gt; {E34582DC-35F7-45A9-A81B-BE37F7943B7B} URL = hxxp://www.bing.com/search?q={searchTerms} & form=TSHMDF & pc=MATM & src=IE-SearchBox
SearchScopes: HKLM-x32 - & gt; DefaultScope {18C648AD-F6B7-4292-9E7D-8A4DF1D27E5E} URL = hxxp://www.bing.com/search?q={searchTerms} & form=TSHMDF & pc=MATM & src=IE-SearchBox
SearchScopes: HKLM-x32 - & gt; {18C648AD-F6B7-4292-9E7D-8A4DF1D27E5E} URL = hxxp://www.bing.com/search?q={searchTerms} & form=TSHMDF & pc=MATM & src=IE-SearchBox
SearchScopes: HKU\.DEFAULT - & gt; DefaultScope {18C648AD-F6B7-4292-9E7D-8A4DF1D27E5E} URL =
SearchScopes: HKU\S-1-5-21-3575120272-2782400450-496103650-1001 - & gt; {18C648AD-F6B7-4292-9E7D-8A4DF1D27E5E} URL =
SearchScopes: HKU\S-1-5-21-3575120272-2782400450-496103650-1001 - & gt; {3C697347-F245-4CD6-AFC1-3D03581FF637} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8 & keywords={searchTerms} & tag=tochibauk-win7-ie-search-21 & index=blended & linkCode=ur2
SearchScopes: HKU\S-1-5-21-3575120272-2782400450-496103650-1001 - & gt; {D3286F1B-4B6D-4CCE-BAB9-21160614BD11} URL = hxxp://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-3575120272-2782400450-496103650-1001 - & gt; {E34582DC-35F7-45A9-A81B-BE37F7943B7B} URL =
BHO: True Key Helper - & gt; {0F4B8786-5502-4803-8EBC-F652A1153BB6} - & gt; C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-05] (McAfee, Inc. - & gt; Intel Security)
BHO-x32: True Key Helper - & gt; {0F4B8786-5502-4803-8EBC-F652A1153BB6} - & gt; C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-05] (McAfee, Inc. - & gt; Intel Security)
BHO-x32: Adobe PDF Link Helper - & gt; {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - & gt; C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated)
BHO-x32: Evernote extension - & gt; {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - & gt; C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-09-20] (EVERNOTE CORPORATION - & gt; Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-05] (McAfee, Inc. - & gt; Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-05] (McAfee, Inc. - & gt; Intel Security)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc. - & gt; McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc. - & gt; McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc. - & gt; McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc. - & gt; McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Sunbird\Profiles\def3a20k.default [2012-01-02]
FF Extension: (Brak nazwy) - C:\Users\Adrian\AppData\Local\Temp\Rar$EX00.649\sunbird\extensions\calendar-timezones@mozilla.org [nie znaleziono]
FF Extension: (Brak nazwy) - C:\Users\Adrian\AppData\Local\Temp\Rar$EX00.649\sunbird\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [nie znaleziono]
FF Extension: (Brak nazwy) - C:\Users\Adrian\AppData\Local\Temp\Rar$EX00.649\sunbird\extensions\talkback@mozilla.org [nie znaleziono]
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2ticzc99.default [2019-03-06]
FF user.js: detected! = & gt; C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2ticzc99.default\user.js [2016-12-06]
FF Homepage: Mozilla\Firefox\Profiles\2ticzc99.default - & gt; hxxp://www.gazeta.pl/0,0.html?p=190
FF NetworkProxy: Mozilla\Firefox\Profiles\2ticzc99.default - & gt; type " , 4
FF Extension: (YouTube mp3) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2ticzc99.default\Extensions\info@youtube-mp3.org.xpi [2016-09-23] [Przestarzałe]
FF Extension: (Youtube playlist converter to MP3) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2ticzc99.default\Extensions\jid0-oxBE8TGrmyDm30WPvO8i9EFHmtQ@jetpack.xpi [2016-09-23] [Przestarzałe]
FF Extension: (Vividas player plugin) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2ticzc99.default\Extensions\player@vividas.com [2013-10-01] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (Yes popups) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2ticzc99.default\Extensions\yespopupsV1@patheticcockroach.com.xpi [2011-04-25] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2ticzc99.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2017-11-15]
FF Extension: (Video DownloadHelper) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2ticzc99.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-16]
FF Extension: (flashget3 Extension) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\2ticzc99.default\Extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}.xpi [2011-04-26] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-10-30] [Przestarzałe]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-25] (Adobe Systems Incorporated - & gt; )
FF Plugin: @java.com/DTPlugin,version=10.17.2 - & gt; C:\Windows\system32\npDeployJava1.dll [2013-03-19] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-03-19] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-25] (Adobe Systems Incorporated - & gt; )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-25] (Google Inc - & gt; Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-25] (Google Inc - & gt; Google Inc.)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems, Incorporated - & gt; Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3575120272-2782400450-496103650-1001: @citrixonline.com/appdetectorplugin - & gt; C:\Users\Adrian\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-12-28] (Citrix Online - & gt; Citrix Online)
FF Plugin HKU\S-1-5-21-3575120272-2782400450-496103650-1001: @unity3d.com/UnityPlayer,version=1.0 - & gt; C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS - & gt; Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3575120272-2782400450-496103650-1001: @zoom.us/ZoomVideoPlugin - & gt; C:\Users\Adrian\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-03-06] (Zoom Video Communications, Inc. - & gt; Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npVividasPlayer.dll [2017-02-07]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default - & gt; hxxp://www.gazeta.pl/0,0.html?p=190
CHR StartupUrls: Default - & gt; " hxxps://www.google.pl/ " , " hxxp://www.gazeta.pl/0,0.html?p=190 "
CHR DefaultSearchKeyword: Default - & gt; lp
CHR Session Restore: Default - & gt; [funkcja włączona]
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default [2019-03-06]
CHR Extension: (Dokumenty) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Dysk Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-21]
CHR Extension: (FBA calculator for Amazon Sellers : SellerApp) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdkbhjcfhfkmkbffkdklaiepfbllbgg [2019-03-06]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-17]
CHR Extension: (uBlock Origin) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-03-06]
CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-21]
CHR Extension: (Kalendarz Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-03-05]
CHR Extension: (Jungle Scout) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfgpfhoadcpndoogjiogflmgegfbekec [2018-11-14]
CHR Extension: (Link'Vit, mass invits and messages Linkedin) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lphfogbcapkfkfkdboppgihnfbelkdbn [2018-11-14]
CHR Extension: (Plugins) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcblfncjaclajmegihojiekebofjcen [2019-03-05]
CHR Extension: (Viral Launch - Market Intelligence) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncbhkghndhoddmbfgddpgafhbnijdadj [2019-03-04]
CHR Extension: (Helium 10) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2019-03-02]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-28]
CHR Extension: (Chrome Media Router) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3575120272-2782400450-496103650-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gjokjdicpfckeiihaniimbbmhadclefc] - \User Data\Default\Extensions\novo_price_comparison.crx [2012-12-07]

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S4 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-10-21] (Microsoft Windows Hardware Compatibility Publisher - & gt; AMD)
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego]
S4 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [41576 2016-10-24] (Microsoft Windows Hardware Compatibility Publisher - & gt; Dropbox, Inc.)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3638888 2018-05-30] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [Brak podpisu cyfrowego]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation - & gt; Malwarebytes)
S4 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [166152 2016-10-03] (McAfee, Inc. - & gt; McAfee, Inc.)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc. - & gt; McAfee, Inc.)
R2 MSSQL$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation - & gt; Microsoft Corporation)
S4 ProtexisLicensing; C:\Program Files (x86)\Common Files\Protexis\License Service\PSIService.exe [174656 2006-11-02] (Protexis Inc. - & gt; ) [Brak podpisu cyfrowego]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
S4 SQLAgent$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation - & gt; Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation - & gt; Microsoft Corporation)
S4 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH - & gt; Toshiba Europe GmbH)
S4 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-05-26] (McAfee, Inc. - & gt; McAfee, Inc.)
S4 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-05-26] (McAfee, Inc. - & gt; McAfee, Inc.)
S4 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-05-26] (McAfee, Inc. - & gt; McAfee, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-26] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-26] (Microsoft Corporation - & gt; Microsoft Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-10-21] (Microsoft Windows Hardware Compatibility Publisher - & gt; Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-10-21] (Microsoft Windows Hardware Compatibility Publisher - & gt; Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4316456 2016-10-20] (Qualcomm Atheros - & gt; Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher - & gt; Qualcomm Atheros)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company - & gt; Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company - & gt; Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company - & gt; Microsoft Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-06-20] (Disc Soft Ltd - & gt; Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-06-20] (Disc Soft Ltd - & gt; Disc Soft Ltd)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-09-03] (Arainia Solutions, LLC - & gt; Arainia Solutions LLC)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-09-18] (Martin Malik - REALiX - & gt; REALiX(tm))
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Malwarebytes)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc. - & gt; McAfee, Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. - & gt; CACE Technologies, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows - & gt; Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-11-24] (Realtek Semiconductor Corp. - & gt; Realsil Semiconductor Corporation)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [52816 2016-11-24] (Toshiba Client Solutions Co.,Ltd. - & gt; Toshiba Client Solutions Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-02-26] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [333792 2019-02-26] (Microsoft Windows - & gt; Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-26] (Microsoft Windows - & gt; Microsoft Corporation)
U3 idsvc; Brak ImagePath

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc (utworzone) ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

Error(1) reading file: " C:\WINDOWS\System32\Tasks\Program aktualizacji online firmy InstallShield Software. "
Error(1) reading file: " C:\WINDOWS\System32\Tasks\Program aktualizacji online firmy Adobe. "
2019-03-06 11:28 - 2019-03-06 12:56 - 000000000 ____D C:\Users\Adrian\Desktop\FRST
2019-03-06 11:26 - 2019-03-06 11:27 - 000001197 _____ C:\Users\Adrian\Desktop\Fixlist.txt
2019-03-06 11:23 - 2019-03-06 12:56 - 000000000 ____D C:\FRST
2019-03-06 11:19 - 2019-03-06 11:20 - 007316688 _____ (Malwarebytes) C:\Users\Adrian\Desktop\AdwCleaner.exe
2019-03-06 09:19 - 2019-03-06 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DoNotSpy10
2019-03-06 09:19 - 2019-03-06 09:19 - 000001128 _____ C:\Users\Adrian\Desktop\DoNotSpy10.lnk
2019-03-06 09:19 - 2019-03-06 09:19 - 000000000 ____D C:\Program Files (x86)\DoNotSpy10
2019-03-05 11:53 - 2019-03-05 11:53 - 000000000 ____D C:\Users\Adrian\AppData\Local\mbam
2019-03-05 11:52 - 2019-03-05 11:52 - 000000000 ____D C:\Users\Adrian\AppData\Local\mbamtray
2019-03-05 11:51 - 2019-03-05 11:51 - 000001926 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-05 11:51 - 2019-03-05 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-05 11:51 - 2019-03-05 11:51 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-05 11:51 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-03-05 11:51 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-27 22:12 - 2019-02-02 23:53 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-27 22:12 - 2019-02-02 23:53 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-27 21:22 - 2019-03-06 09:25 - 000000000 ____D C:\Users\Adrian\AppData\Local\D3DSCache
2019-02-26 22:57 - 2019-02-26 22:57 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3575120272-2782400450-496103650-1001
2019-02-26 22:57 - 2019-02-26 22:57 - 000002455 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-26 17:43 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-26 17:43 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-26 17:43 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-26 17:43 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-26 17:42 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-26 17:42 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-26 17:42 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-26 17:42 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-26 17:42 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-26 17:42 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-26 17:42 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-26 17:42 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-26 17:42 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-26 17:42 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-26 17:42 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-26 17:42 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-26 17:42 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-26 17:42 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-26 17:42 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-26 17:42 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-26 17:42 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-26 17:42 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-26 17:42 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-26 17:42 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-26 17:42 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-26 17:42 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-26 17:42 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-26 17:42 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-26 17:42 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-26 17:42 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-26 17:42 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-26 17:42 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-26 17:42 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-26 17:42 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-26 17:42 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-26 17:42 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-26 17:42 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-26 17:42 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-26 17:42 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-26 17:42 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-26 17:42 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-26 17:42 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-26 17:42 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-02-26 17:42 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-02-26 17:42 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-02-26 17:42 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-02-26 17:42 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-02-26 17:42 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-02-26 17:42 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-02-26 17:42 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-02-26 17:42 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-02-26 17:42 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-02-26 17:42 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-02-26 17:41 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-26 17:41 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-26 17:41 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-26 17:41 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-26 17:41 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-26 17:41 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-26 17:41 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-26 17:41 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-26 17:41 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-26 17:41 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-26 17:41 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-26 17:41 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-26 17:41 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-26 17:41 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-26 17:41 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-26 17:41 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-26 17:41 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-26 17:41 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-26 17:41 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-26 17:41 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-26 17:41 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-26 17:41 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-26 17:41 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-26 17:41 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-26 17:41 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-26 17:41 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-26 17:41 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-26 17:41 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-26 17:41 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-26 17:41 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-26 17:41 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-26 17:41 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-26 17:41 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-26 17:41 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-26 17:41 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-26 17:41 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-26 17:41 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-26 17:41 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-26 17:41 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-26 17:41 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-26 17:41 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-26 17:41 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-26 17:41 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-26 17:41 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-26 17:41 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-26 17:41 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-26 17:41 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-26 17:41 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-26 17:41 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-26 17:41 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-26 17:41 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-26 17:41 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-26 17:41 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-26 17:41 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-26 17:41 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-26 17:41 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-26 17:41 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-26 17:41 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-26 17:41 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-26 17:41 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-26 17:41 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-26 17:41 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-26 17:41 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-26 17:41 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-26 17:41 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-26 17:41 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-26 17:41 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-26 17:41 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-26 17:41 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-26 17:41 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-26 17:41 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-26 17:41 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-26 17:41 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-26 17:41 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-26 17:41 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-26 17:41 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-26 17:41 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-26 17:41 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-26 17:41 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-26 17:41 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-26 17:41 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-26 17:41 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-26 17:41 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-26 17:41 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-26 17:41 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-26 17:41 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-26 17:41 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-26 17:41 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-26 17:41 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-26 17:41 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-26 17:41 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-26 17:41 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-26 17:41 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-26 17:41 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-26 17:41 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-26 17:41 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-26 17:41 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-26 17:41 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-26 17:41 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-26 17:41 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-26 17:41 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-26 17:41 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-26 17:41 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-26 17:41 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-26 17:41 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-26 17:41 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-26 17:41 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-26 17:41 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-26 17:41 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-26 17:41 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-26 17:41 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-26 17:41 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-26 17:41 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-26 17:41 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-26 17:41 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-26 17:41 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-26 17:41 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-26 17:41 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-26 17:41 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-26 17:41 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-26 17:41 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-26 17:41 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-26 17:41 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-26 17:41 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-26 17:41 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-26 17:41 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-26 17:41 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-02-26 17:41 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-02-26 17:41 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-02-26 17:41 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-02-26 17:41 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-02-26 17:41 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-02-26 17:41 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-02-26 17:41 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-02-26 17:41 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-02-26 17:41 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-02-26 17:41 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-02-26 17:41 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-02-26 17:41 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-02-26 17:41 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-02-26 17:41 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-02-26 17:41 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-02-26 17:41 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-02-26 17:41 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-02-26 17:41 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-02-26 17:41 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-02-26 17:41 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-02-26 17:41 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-02-26 17:41 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-02-26 17:41 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-02-26 17:41 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-02-26 17:41 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-02-26 17:41 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-02-26 17:41 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-02-26 17:41 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-02-26 17:41 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-02-26 17:41 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-02-26 17:41 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-02-26 17:41 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-02-26 17:41 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-02-26 17:41 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-02-26 17:41 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-02-26 17:41 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-02-26 16:59 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-02-25 15:37 - 2019-02-25 15:38 - 000000000 ____D C:\Program Files (x86)\GUM73F9.tmp
2019-02-25 15:37 - 2019-02-25 15:37 - 007895040 _____ C:\Program Files (x86)\GUT740A.tmp

==================== Jeden miesiąc (zmodyfikowane) ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2019-03-06 12:55 - 2018-06-15 09:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-06 12:49 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-06 12:33 - 2018-06-15 10:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-06 12:33 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-03-06 12:33 - 2012-04-25 11:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-06 11:17 - 2018-06-15 10:33 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A963DEFB-48EE-4A9A-B864-52FB31B4636C}
2019-03-06 10:23 - 2016-11-21 19:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-03-06 10:23 - 2016-05-15 12:32 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-03-06 10:23 - 2016-05-15 12:32 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\Thunderbird
2019-03-06 10:00 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-06 09:40 - 2013-09-18 18:28 - 000002353 _____ C:\Users\Adrian\Desktop\Google Chrome.lnk
2019-03-06 09:39 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-05 11:51 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-05 11:51 - 2016-09-26 11:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-05 11:51 - 2016-09-26 11:49 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2019-03-05 11:41 - 2016-08-11 20:05 - 000000000 ____D C:\Users\Adrian\AppData\Local\SkypePlugin
2019-03-05 11:41 - 2010-12-29 11:15 - 000000000 ____D C:\ProgramData\Skype
2019-03-05 11:40 - 2018-01-02 19:02 - 000000000 ____D C:\Users\Adrian\AppData\Local\Packages
2019-03-05 11:26 - 2016-12-19 09:31 - 000000000 ____D C:\Users\Adrian\AppData\LocalLow\Mozilla
2019-03-05 09:58 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-05 09:32 - 2016-12-18 10:14 - 000000000 ____D C:\AdwCleaner
2019-03-05 09:32 - 2016-09-18 11:47 - 000000000 ____D C:\Users\Adrian\AppData\LocalLow\IObit
2019-03-05 09:32 - 2016-09-18 11:43 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\IObit
2019-03-05 08:56 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-02 08:35 - 2018-12-04 16:45 - 000000000 ____D C:\Program Files\rempl
2019-02-27 22:12 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-27 16:02 - 2018-06-15 09:45 - 002046022 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-27 16:02 - 2018-04-12 16:54 - 000887876 _____ C:\WINDOWS\system32\perfh015.dat
2019-02-27 16:02 - 2018-04-12 16:54 - 000197940 _____ C:\WINDOWS\system32\perfc015.dat
2019-02-27 16:00 - 2016-10-27 06:59 - 000000000 ___RD C:\Users\Adrian\Dysk Google
2019-02-27 15:52 - 2018-06-08 10:52 - 000000000 ___DC C:\WINDOWS\Panther
2019-02-27 15:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-26 22:57 - 2016-02-26 17:20 - 000000000 ___RD C:\Users\Adrian\OneDrive
2019-02-26 22:03 - 2018-06-15 09:37 - 000308832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-26 22:03 - 2012-09-22 12:45 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-02-26 22:03 - 2012-09-22 12:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-02-26 21:59 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-26 21:59 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-26 21:59 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-26 21:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-26 21:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-26 21:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-26 17:40 - 2013-07-19 22:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-26 17:21 - 2012-09-22 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-02-26 17:21 - 2011-04-25 19:29 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-26 16:03 - 2018-03-02 10:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-25 21:34 - 2017-10-13 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-02-25 21:22 - 2018-06-15 10:33 - 000003568 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-25 21:22 - 2018-06-15 10:33 - 000003444 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-25 17:03 - 2018-07-10 15:08 - 000000000 ____D C:\ProgramData\Packages
2019-02-25 16:03 - 2011-04-22 17:09 - 000000000 ____D C:\Users\Adrian\AppData\Local\Adobe
2019-02-25 16:02 - 2018-06-15 10:33 - 000004686 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-25 16:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-02-25 16:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-02-25 15:36 - 2018-06-15 10:33 - 000004674 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier

==================== Pliki w katalogu głównym wybranych folderów =======

2019-02-25 15:37 - 2019-02-25 15:37 - 007895040 _____ () C:\Program Files (x86)\GUT740A.tmp
2016-09-03 16:58 - 2016-09-03 16:58 - 000001167 _____ () C:\Users\Adrian\AppData\Roaming\trace_FilterInstaller.1.txt
2016-09-03 16:58 - 2016-09-18 13:17 - 000000905 _____ () C:\Users\Adrian\AppData\Roaming\trace_FilterInstaller.txt
2016-09-03 16:58 - 2016-09-18 13:17 - 000000000 _____ () C:\Users\Adrian\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2017-06-06 18:07 - 2017-06-06 18:07 - 000003998 _____ () C:\Users\Adrian\AppData\Local\recently-used.xbel
2016-09-23 11:30 - 2016-09-23 11:30 - 000007602 _____ () C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
2013-04-22 21:10 - 2013-04-22 21:10 - 000002419 _____ () C:\Users\Adrian\AppData\Local\unins000.dat
2013-04-22 21:10 - 2013-04-22 21:10 - 000707504 _____ () C:\Users\Adrian\AppData\Local\unins000.exe
2013-04-22 21:10 - 2013-04-22 21:10 - 000011761 _____ () C:\Users\Adrian\AppData\Local\unins000.msg
2013-04-23 16:25 - 2013-04-24 21:06 - 000000003 _____ () C:\Users\Adrian\AppData\Local\update.txt

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\dllhost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dllhost.exe = & gt; Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo

LastRegBack: 2018-06-15 09:37

==================== Koniec FRST.txt ============================