Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

YT is laggind, 25 file missing in HJT


  • This topic is locked This topic is locked
2 replies to this topic

#1 cptPlanet

cptPlanet

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:06 AM

Posted 09 April 2018 - 12:52 PM

Hi Here is my FRST log 

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14.03.2018
Uruchomiony przez MD-Core (administrator)  DESKTOP-K7P7950 (09-04-2018 19:41:41)
Uruchomiony z C:\Users\MD-Core\Downloads
Załadowane profile: MD-Core (Dostępne profile: defaultuser0 & MD-Core)
Platform: Windows 10 Pro Wersja 1709 16299.309 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: "C:\Users\MD-Core\AppData\Local\brave\Brave.exe" -- "%1")
Tryb startu: Normal
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\SysWOW64\Codecs\TrayMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MpCmdRun.exe
 
==================== Rejestr (filtrowane) ===========================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-08-05] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [69920 2017-10-03] (Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [8765216 2017-10-03] (Space Sciences Laboratory)
HKLM-x32\...\Run: [USB Gamepad] => C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [704512 2007-05-23] ()
HKU\S-1-5-21-3503721606-1438963018-559477649-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27793880 2017-04-26] (Skype Technologies S.A.)
HKU\S-1-5-21-3503721606-1438963018-559477649-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [611584 2016-03-09] (NETGEAR Inc.)
HKU\S-1-5-21-3503721606-1438963018-559477649-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [5362760 2017-12-22] (GOG.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2017-05-27]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe ()
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{19738fd3-5b22-40ef-a58d-0d754ef0bd0f}: [DhcpNameServer] 192.168.31.1
 
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.ighome.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","","hxxps://www.google.pl/","torch://newtab","torch://start","hxxp://www.google.com","hxxp://home.torchbrowser.com/?systemid=448&appid=0&ua=Torch","hxxp://home.torchbrowser.com/?systemid=448&appid=74&ua=Torch","hxxp://home.torchbrowser.com/?systemid=448&appid=75&ua=Torch","hxxps://www.google.com/","hxxp://www.google.com/","hxxps://www.google.com/","hxxp://www.hxxps://www.google.com//?type=hp&ts=1438706842&z=05dbaa636fd1cd7ed63135ag7zacabcqbo9e2c6bet&from=cmi&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUS15888658886","hxxps://www.google.com/"
CHR Session Restore: Default -> [funkcja włączona]
CHR Profile: C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default [2018-04-09]
CHR Extension: (Tłumacz Google) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-20]
CHR Extension: (Prezentacje) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Dysk Google) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-30]
CHR Extension: (Turn Off the Lights) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2018-04-04]
CHR Extension: (YouTube) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-30]
CHR Extension: (uBlock Origin) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-04-09]
CHR Extension: (Arkusze) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Postman) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2018-02-15]
CHR Extension: (EditThisCookie) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-03-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-30]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-03-30]
CHR Extension: (AngularJS Batarang) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighdmehidhipcmcojjgiloacoafjmpfk [2017-06-01]
CHR Extension: (Cookies) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphcomljdfghbkdcfndaijbokpgddeno [2017-04-30]
CHR Extension: (Grammarly for Chrome) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-04-07]
CHR Extension: (WordPress.com) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2017-04-30]
CHR Extension: (DotVPN — a better way to VPN) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2017-05-29]
CHR Extension: (Black and Red Theme for YouTube™) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldgblendkekanjhdamohllnfpcdbgmbj [2017-04-30]
CHR Extension: (CodinGame Sync - Ext) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjnbdgcceengbjkalemckffhaajkehd [2018-04-09]
CHR Extension: (Black Black Chrome Theme Dark Blue Highlight) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\njpbabhpbnilgchdjbajcbgnnclkaida [2017-04-30]
CHR Extension: (CodinGame Sync - App) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmdombhgnofjnnaenegcdehnbkajfgbh [2018-04-09]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Tab Hibernation) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-04-30]
CHR Extension: (Gmail) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-23]
 
==================== Usługi (filtrowane) ====================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [532552 2017-12-22] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8345672 2017-12-22] (GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2016-03-09] (NETGEAR)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-02] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-02] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
 
===================== Sterowniki (filtrowane) ======================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
S3 arusb_win7x; C:\WINDOWS\System32\drivers\arusb_win7x.sys [769024 2015-08-21] (Atheros Communications, Inc.) [Brak podpisu cyfrowego]
S3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2017-05-10] (Qualcomm Atheros Communications, Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-11-08] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [76192 2018-03-19] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193768 2018-04-09] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-04-09] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-04-09] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-04-09] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102112 2018-04-09] (Malwarebytes)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2017-05-11] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5707264 2017-09-29] (Realtek Semiconductor Corporation )
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [196040 2017-07-27] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-07-27] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-03-02] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288296 2018-03-02] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-02] (Microsoft Corporation)
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc - utworzone pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2018-04-09 19:41 - 2018-04-09 19:41 - 000017653 _____ C:\Users\MD-Core\Downloads\FRST.txt
2018-04-09 19:40 - 2018-04-09 19:41 - 000000000 ____D C:\FRST
2018-04-09 19:40 - 2018-04-09 19:40 - 002403328 _____ (Farbar) C:\Users\MD-Core\Downloads\FRST64.exe
2018-04-09 19:37 - 2018-04-09 19:38 - 000000000 ____D C:\AdwCleaner
2018-04-09 19:37 - 2018-04-09 19:37 - 008222496 _____ (Malwarebytes) C:\Users\MD-Core\Downloads\adwcleaner_7.0.8.0.exe
2018-04-09 19:34 - 2018-04-09 19:35 - 072594032 _____ (Malwarebytes ) C:\Users\MD-Core\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4656 (1).exe
2018-04-09 19:32 - 2018-04-09 19:32 - 000000000 ___HD C:\OneDriveTemp
2018-04-09 19:27 - 2018-04-09 19:32 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-04-09 19:27 - 2018-04-09 19:31 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-04-09 19:27 - 2018-04-09 19:31 - 000102112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-04-09 19:27 - 2018-04-09 19:27 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-04-09 19:27 - 2018-04-09 19:27 - 000193768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-04-09 19:27 - 2018-04-09 19:27 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-04-09 19:27 - 2018-04-09 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-09 19:27 - 2018-04-09 19:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-04-09 19:27 - 2018-04-09 19:27 - 000000000 ____D C:\Program Files\Malwarebytes
2018-04-09 19:27 - 2018-03-19 12:57 - 000076192 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-04-09 19:26 - 2018-04-09 19:26 - 072594032 _____ (Malwarebytes ) C:\Users\MD-Core\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4656.exe
2018-04-09 19:25 - 2018-04-09 19:25 - 000052680 _____ C:\Users\MD-Core\Downloads\Addition.txt
2018-04-09 19:20 - 2018-04-09 19:24 - 000000000 ____D C:\Users\MD-Core\Downloads\backups
2018-04-09 19:16 - 2018-04-09 19:17 - 000894416 _____ C:\Users\MD-Core\Downloads\TrayMenu.exe
2018-04-09 19:15 - 2018-04-09 19:15 - 000388608 _____ (Trend Micro Inc.) C:\Users\MD-Core\Downloads\HijackThis.exe
2018-04-07 10:39 - 2018-04-07 10:39 - 000029004 _____ C:\Users\MD-Core\Downloads\FAV_619978_8076499_2016.pdf
2018-04-06 21:15 - 2018-04-06 21:15 - 000034816 _____ C:\Users\MD-Core\Desktop\HARMONOGRAM maj 2018 kol. 1550.xls
2018-04-06 21:09 - 2018-04-06 21:09 - 000034304 _____ C:\Users\MD-Core\Downloads\HARMONOGRAM maj 2018 kol. 1550.xls
2018-04-05 08:33 - 2018-04-05 08:33 - 006974584 _____ (ESET spol. s r.o.) C:\Users\MD-Core\Downloads\esetonlinescanner_plk.exe
2018-04-05 08:33 - 2018-04-05 08:33 - 000000000 ____D C:\Users\MD-Core\AppData\Local\ESET
2018-04-03 18:51 - 2018-04-03 18:52 - 000000000 ____D C:\Users\MD-Core\AppData\Local\.IdentityService
2018-04-03 18:51 - 2018-04-03 18:51 - 000000000 ____D C:\Users\MD-Core\source
2018-03-29 17:43 - 2018-03-29 17:43 - 000000000 ____D C:\Users\MD-Core\AppData\Roaming\Steam
2018-03-29 17:41 - 2018-03-29 17:41 - 000000000 ____D C:\Users\MD-Core\Documents\My Games
2018-03-25 12:49 - 2018-03-25 12:49 - 000017391 _____ C:\Users\MD-Core\Downloads\Narcos_3x10_WEB.STRiFE.en.zip
2018-03-25 10:56 - 2018-03-25 10:56 - 000018825 _____ C:\Users\MD-Core\Downloads\Narcos_3x09_WEB.STRiFE.en.zip
2018-03-25 10:06 - 2018-03-25 10:06 - 000016344 _____ C:\Users\MD-Core\Downloads\Narcos_3x08_WEB.STRiFE.en.zip
2018-03-24 23:11 - 2018-03-24 23:11 - 000018601 _____ C:\Users\MD-Core\Downloads\Narcos_3x07_WEB.STRiFE.en.zip
2018-03-24 21:59 - 2018-03-24 21:59 - 000021288 _____ C:\Users\MD-Core\Downloads\Narcos_3x06_WEB.STRiFE.en.zip
2018-03-24 19:10 - 2018-03-24 19:10 - 000020083 _____ C:\Users\MD-Core\Downloads\Narcos_3x05_WEB.STRiFE.en.zip
2018-03-24 17:54 - 2018-03-24 17:54 - 000016362 _____ C:\Users\MD-Core\Downloads\Narcos_3x04_WEB.STRiFE.en.zip
2018-03-24 16:58 - 2018-03-24 16:58 - 000026818 _____ C:\Users\MD-Core\Downloads\Narcos_3x03_WEB.STRiFE.en.zip
2018-03-24 15:16 - 2018-03-24 15:16 - 000018779 _____ C:\Users\MD-Core\Downloads\Narcos_3x02_WEB.STRiFE.en.zip
2018-03-24 14:01 - 2018-03-24 14:01 - 000020445 _____ C:\Users\MD-Core\Downloads\Narcos_3-ep-1-srt-english.zip
2018-03-18 23:11 - 2018-03-18 23:11 - 000034816 _____ C:\Users\MD-Core\Downloads\HARMONOGRAM kwiecień 2018 kol.   1550 (3).xls
2018-03-18 23:11 - 2018-03-18 23:11 - 000034304 _____ C:\Users\MD-Core\Downloads\HARMONOGRAM kwiecień 2018 kol.   1550 (2).xls
2018-03-18 23:10 - 2018-03-18 23:10 - 000000000 ____D C:\Users\MD-Core\Desktop\Nowy folder (4)
2018-03-18 23:00 - 2018-03-18 23:07 - 000034816 _____ C:\Users\MD-Core\Desktop\HARMONOGRAM kwiecień 2018 kol.   1550.xls
2018-03-18 10:53 - 2018-03-18 10:53 - 000034304 _____ C:\Users\MD-Core\Downloads\HARMONOGRAM kwiecień 2018 kol.   1550 (1).xls
2018-03-18 10:51 - 2018-03-18 22:59 - 000034816 _____ C:\Users\MD-Core\Downloads\HARMONOGRAM kwiecień 2018 kol.   1550.xls
2018-03-17 22:49 - 2018-03-17 22:49 - 000000000 ____D C:\Users\MD-Core\AppData\Local\DBG
2018-03-15 00:33 - 2018-03-15 00:33 - 000000827 _____ C:\Users\MD-Core\Desktop\Company of Heroes 2 Master Collection.lnk
2018-03-15 00:33 - 2018-03-15 00:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Company of Heroes 2 Master Collection
2018-03-14 22:36 - 2018-03-26 18:25 - 000000000 ____D C:\WINDOWS\Minidump
2018-03-14 19:58 - 2018-03-02 05:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-14 19:58 - 2018-03-02 05:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-14 19:58 - 2018-03-02 05:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-14 19:58 - 2018-03-02 05:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 19:58 - 2018-03-02 05:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-14 19:58 - 2018-03-02 05:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-14 19:58 - 2018-03-02 04:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-03-14 19:58 - 2018-03-01 22:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-14 19:58 - 2018-03-01 09:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-14 19:58 - 2018-03-01 09:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-14 19:58 - 2018-03-01 09:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-14 19:58 - 2018-03-01 09:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-14 19:58 - 2018-03-01 09:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-14 19:58 - 2018-03-01 09:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-14 19:58 - 2018-03-01 09:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-14 19:58 - 2018-03-01 09:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-14 19:58 - 2018-03-01 09:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-14 19:58 - 2018-03-01 09:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-14 19:58 - 2018-03-01 09:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-03-14 19:58 - 2018-03-01 09:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-14 19:58 - 2018-03-01 09:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-14 19:58 - 2018-03-01 09:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-14 19:58 - 2018-03-01 09:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-14 19:58 - 2018-03-01 09:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-14 19:58 - 2018-03-01 09:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-14 19:58 - 2018-03-01 09:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-14 19:58 - 2018-03-01 09:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-03-14 19:58 - 2018-03-01 09:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-03-14 19:58 - 2018-03-01 09:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-03-14 19:58 - 2018-03-01 09:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-03-14 19:58 - 2018-03-01 09:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-14 19:58 - 2018-03-01 09:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-03-14 19:58 - 2018-03-01 09:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-14 19:58 - 2018-03-01 09:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-03-14 19:58 - 2018-03-01 09:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-03-14 19:58 - 2018-03-01 09:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-03-14 19:58 - 2018-03-01 09:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 19:58 - 2018-03-01 09:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-14 19:58 - 2018-03-01 09:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-14 19:58 - 2018-03-01 09:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-14 19:58 - 2018-03-01 09:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-03-14 19:58 - 2018-03-01 09:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-03-14 19:58 - 2018-03-01 09:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-03-14 19:58 - 2018-03-01 09:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-14 19:58 - 2018-03-01 09:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-14 19:58 - 2018-03-01 09:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-14 19:58 - 2018-03-01 09:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-14 19:58 - 2018-03-01 09:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-14 19:58 - 2018-03-01 09:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-14 19:58 - 2018-03-01 09:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-03-14 19:58 - 2018-03-01 08:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-03-14 19:58 - 2018-03-01 08:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-03-14 19:58 - 2018-03-01 08:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-14 19:58 - 2018-03-01 08:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-14 19:58 - 2018-03-01 08:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-03-14 19:58 - 2018-03-01 08:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-14 19:58 - 2018-03-01 08:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 19:58 - 2018-03-01 08:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-03-14 19:58 - 2018-03-01 08:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-03-14 19:58 - 2018-03-01 08:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-14 19:58 - 2018-03-01 08:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-14 19:58 - 2018-03-01 08:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-14 19:58 - 2018-03-01 08:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-03-14 19:58 - 2018-03-01 08:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-14 19:58 - 2018-03-01 08:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-14 19:58 - 2018-03-01 08:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-14 19:58 - 2018-03-01 08:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-03-14 19:58 - 2018-03-01 08:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-14 19:58 - 2018-03-01 08:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-03-14 19:58 - 2018-03-01 08:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-14 19:58 - 2018-03-01 08:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-14 19:58 - 2018-03-01 08:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-14 19:58 - 2018-03-01 08:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-03-14 19:58 - 2018-03-01 08:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-14 19:58 - 2018-03-01 08:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-14 19:58 - 2018-03-01 08:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-14 19:58 - 2018-03-01 07:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 19:58 - 2018-03-01 07:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-14 19:58 - 2018-03-01 07:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-14 19:58 - 2018-03-01 07:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-14 19:58 - 2018-03-01 07:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-14 19:58 - 2018-03-01 07:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-03-14 19:58 - 2018-03-01 07:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-14 19:58 - 2018-03-01 07:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-03-14 19:58 - 2018-03-01 07:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-14 19:58 - 2018-03-01 07:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-03-14 19:58 - 2018-03-01 07:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-03-14 19:58 - 2018-03-01 07:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-14 19:58 - 2018-03-01 07:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-03-14 19:58 - 2018-03-01 07:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-14 19:58 - 2018-03-01 07:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-03-14 19:58 - 2018-03-01 07:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-14 19:58 - 2018-03-01 07:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-03-14 19:58 - 2018-03-01 07:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-14 19:58 - 2018-03-01 07:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-14 19:58 - 2018-03-01 07:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-14 19:58 - 2018-03-01 07:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-14 19:58 - 2018-03-01 07:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-14 19:58 - 2018-03-01 07:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-14 19:58 - 2018-03-01 07:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-14 19:58 - 2018-03-01 07:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-14 19:58 - 2018-03-01 07:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-03-14 19:58 - 2018-03-01 07:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-14 19:58 - 2018-03-01 07:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-14 19:58 - 2018-03-01 07:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-14 19:58 - 2018-03-01 07:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-14 19:58 - 2018-03-01 07:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-14 19:58 - 2018-03-01 07:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-03-14 19:58 - 2018-03-01 07:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-03-14 19:58 - 2018-03-01 07:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-14 19:58 - 2018-03-01 07:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-14 19:58 - 2018-03-01 07:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-03-14 19:58 - 2018-03-01 07:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-14 19:58 - 2018-03-01 07:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-14 19:58 - 2018-03-01 07:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 19:58 - 2018-03-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-14 19:58 - 2018-03-01 07:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-14 19:58 - 2018-03-01 07:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-03-14 19:58 - 2018-03-01 07:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-14 19:58 - 2018-03-01 07:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-14 19:58 - 2018-03-01 07:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-14 19:58 - 2018-03-01 07:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-14 19:58 - 2018-03-01 07:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-14 19:58 - 2018-03-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-14 19:58 - 2018-03-01 07:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-03-14 19:58 - 2018-03-01 07:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-03-14 19:58 - 2018-03-01 07:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-14 19:58 - 2018-03-01 07:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-14 19:58 - 2018-03-01 07:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-03-14 19:58 - 2018-03-01 07:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-03-14 19:58 - 2018-03-01 07:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-14 19:58 - 2018-03-01 07:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-03-14 19:58 - 2018-03-01 07:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-14 19:58 - 2018-03-01 07:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-03-14 19:58 - 2018-03-01 07:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-03-14 19:58 - 2018-03-01 07:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-03-14 19:58 - 2018-03-01 07:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-03-14 19:58 - 2018-03-01 07:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-14 19:58 - 2018-03-01 07:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-14 19:58 - 2018-03-01 07:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-14 19:58 - 2018-03-01 07:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-14 19:58 - 2018-03-01 07:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-14 19:58 - 2018-03-01 07:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-03-14 19:58 - 2018-03-01 07:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-03-14 19:58 - 2018-03-01 07:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-14 19:58 - 2018-03-01 07:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-14 19:58 - 2018-03-01 07:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-14 19:58 - 2018-03-01 07:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-14 19:58 - 2018-03-01 07:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-14 19:58 - 2018-02-22 04:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-14 19:58 - 2018-02-22 04:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-14 19:58 - 2018-02-22 04:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-14 19:58 - 2018-02-22 04:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-14 19:58 - 2018-02-22 04:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-14 19:58 - 2018-02-22 04:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-14 19:58 - 2018-02-22 04:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-14 19:58 - 2018-02-22 04:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-14 19:58 - 2018-02-22 04:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-14 19:58 - 2018-02-22 04:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-14 19:58 - 2018-02-22 04:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-14 19:58 - 2018-02-22 04:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-14 19:58 - 2018-02-22 04:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-14 19:58 - 2018-02-22 04:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-14 19:58 - 2018-02-22 04:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-14 19:58 - 2018-02-22 04:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-14 19:58 - 2018-02-22 03:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-14 19:58 - 2018-02-22 03:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-14 19:58 - 2018-02-22 03:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-14 19:58 - 2018-02-22 03:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-14 19:58 - 2018-02-22 03:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-14 19:58 - 2018-02-22 03:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-14 19:58 - 2018-02-22 03:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-14 19:58 - 2018-02-22 03:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-14 19:58 - 2018-02-22 02:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-14 19:58 - 2018-02-22 02:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-14 19:58 - 2018-02-22 02:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-14 19:58 - 2018-02-22 02:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-14 19:58 - 2018-02-22 02:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-14 19:58 - 2018-02-22 02:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-14 19:58 - 2018-02-22 02:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-14 19:58 - 2018-02-22 02:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-14 19:58 - 2018-02-22 02:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
 
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2018-04-09 19:36 - 2018-01-27 09:52 - 002148450 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-09 19:36 - 2017-09-30 16:31 - 000970278 _____ C:\WINDOWS\system32\perfh015.dat
2018-04-09 19:36 - 2017-09-30 16:31 - 000204352 _____ C:\WINDOWS\system32\perfc015.dat
2018-04-09 19:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-04-09 19:32 - 2017-04-30 12:23 - 000000000 ___RD C:\Users\MD-Core\OneDrive
2018-04-09 19:31 - 2018-01-27 09:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-09 19:31 - 2017-09-29 10:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-04-09 19:31 - 2017-04-30 21:18 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-09 19:15 - 2017-04-30 12:21 - 000000000 ____D C:\Users\MD-Core\AppData\Local\VirtualStore
2018-04-09 19:00 - 2018-01-27 09:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-04-09 15:06 - 2018-01-27 09:47 - 000005356 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-K7P7950-MD-Core DESKTOP-K7P7950
2018-04-09 11:12 - 2017-06-09 17:15 - 000000000 ____D C:\Users\MD-Core\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome
2018-04-09 08:23 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-09 08:23 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-08 23:11 - 2017-04-30 12:23 - 000000000 ____D C:\Users\MD-Core\AppData\Roaming\Skype
2018-04-08 17:59 - 2017-08-10 18:57 - 000000000 ____D C:\Users\MD-Core\AppData\Roaming\brave
2018-04-06 21:13 - 2018-01-27 09:44 - 000000000 ____D C:\Users\MD-Core\AppData\Local\Packages
2018-04-04 18:46 - 2018-01-27 09:47 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3503721606-1438963018-559477649-1001
2018-04-04 18:46 - 2017-04-30 12:23 - 000002413 _____ C:\Users\MD-Core\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-04 09:28 - 2017-11-02 21:30 - 000000000 ____D C:\Users\MD-Core\AppData\Local\brave
2018-04-04 09:28 - 2017-08-10 18:57 - 000002249 _____ C:\Users\MD-Core\Desktop\Brave.lnk
2018-04-04 09:28 - 2017-08-10 18:57 - 000000000 ____D C:\Users\MD-Core\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Software
2018-04-03 18:51 - 2018-01-27 09:44 - 000000000 ____D C:\Users\MD-Core
2018-04-03 18:51 - 2017-12-21 22:09 - 000000000 ____D C:\Users\MD-Core\Documents\Visual Studio 2017
2018-03-27 11:00 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-25 20:30 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-03-25 20:17 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-03-25 20:12 - 2017-09-17 19:26 - 000000000 ____D C:\Users\MD-Core\AppData\Roaming\uTorrent
2018-03-23 09:26 - 2017-04-30 12:31 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-23 09:26 - 2017-04-30 12:31 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-16 19:28 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-16 10:35 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-14 22:37 - 2018-01-27 09:48 - 000000000 ___RD C:\Users\MD-Core\3D Objects
2018-03-14 22:37 - 2018-01-27 09:43 - 000411808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-14 22:37 - 2017-04-30 12:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-14 22:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-14 22:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-14 22:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-14 22:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-03-14 19:59 - 2017-09-29 15:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-03-14 19:59 - 2017-09-29 15:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-03-14 19:58 - 2017-04-30 12:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-14 19:57 - 2017-10-11 18:29 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 19:57 - 2017-04-30 12:46 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
==================== Pliki w katalogu głównym wybranych folderów =======
 
2017-09-17 19:27 - 2017-09-17 19:28 - 000001576 _____ () C:\Users\MD-Core\AppData\Roaming\Tribler.exe.log
2017-08-26 12:21 - 2017-08-26 12:21 - 000000000 _____ () C:\Users\MD-Core\AppData\Local\{608C5227-7934-4C2F-8C69-C94A9D786CB3}
 
==================== Bamital & volsnap ======================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
 
LastRegBack: 2018-04-09 10:04
 
==================== Koniec  FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,594 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:06 PM

Posted 09 April 2018 - 01:29 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

UWAGA: Przywracanie systemu jest wylaczone
ATTENTION: System Restore is disabled
Turn System Restore On for Drives in Windows 10
http://www.tenforums.com/tutorials/4533-system-protection-turn-off-drives-windows-10-a.html
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

CHR Extension: (EditThisCookie) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-03-20]
CHR Extension: (Tab Hibernation) - C:\Users\MD-Core\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-04-30]

Task: {0CFE4D7D-0CB4-4F90-8868-A9F50C1C437F} - System32\Tasks\{C3B93509-415C-4721-B84D-A37D8CDF4096} => c:\users\md-core\appdata\local\brave\brave.exe [2018-04-04] (Brave Software)
Task: {4CC3FC4C-183D-40B5-A502-E59021DB7AA6} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
Task: {AB3C0A78-BE37-48FE-900C-05723A6056DE} - System32\Tasks\{9058195B-AED8-4BB1-B564-C8A76F8A1CDE} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.37.0.103/pl/go/help.faq.installer?LastError=1603
Task: {C8373D6F-177C-4506-938B-1F345BFA3E8A} - System32\Tasks\{20CD83D4-CB55-4F6E-A2B5-E411828DCAB6} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.37.0.103/pl/go/help.faq.installer?LastError=1603
Task: {DCB51470-AD22-463B-ADBC-4270596FBFD2} - System32\Tasks\{E9CC0402-C339-4B15-9D7A-92785D8B310D} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.37.0.103/pl/go/help.faq.installer?LastError=1603
Task: {ED64DBB3-AD98-4EBD-AED1-3C5F0DA5A4E6} - System32\Tasks\{FE712FB8-3CAD-43D3-B78D-3DC80F160DE0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.37.0.103/pl/go/help.faq.installer?LastError=1603
Task: {F34407C5-0585-43BD-B2F7-25D5901F0789} - System32\Tasks\{49B307EA-98B1-4E38-8C6F-B8122604833C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.37.0.103/pl/go/help.faq.installer?LastError=1603

C:\Windows\System32\Tasks\{C3B93509-415C-4721-B84D-A37D8CDF4096}
c:\users\md-core\appdata\local\brave

cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset the browsers that you use and have been compromised.

How To:
https://www.howtogeek.com/171924/how-to-reset-your-web-browser-to-its-default-settings/
====

Please let me know what problem persists with this computer.

p.s.
25 file missing in HJT
HijackThis is no longer supported and not ready for your Operating system.
I suggest your remove via the Control panel > Programs > Programs and Features.
Use the Farbar Recovery Scan Tool from now on to report problems.
<<<>>>

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,594 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:06 PM

Posted 15 April 2018 - 06:54 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users