Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-12-2019 Uruchomiony przez dudimek (administrator) DESKTOP-M3ETC00 (MSI MS-7996) (30-12-2019 17:07:31) Uruchomiony z C:\Users\dudimek\Desktop Załadowane profile: dudimek (Dostępne profile: dudimek) Platform: Windows 10 Home Wersja 1809 17763.914 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Discord Inc. -> Discord Inc.) C:\Users\dudimek\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\dudimek\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\dudimek\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\dudimek\AppData\Local\Discord\app-0.0.305\Discord.exe (Gaijin Network LTD -> Gaijin Entertainment) C:\Users\dudimek\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (GG Network S.A. -> GG Network S.A.) C:\Users\dudimek\AppData\Local\GG\Application\gghub.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\dudimek\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\65.0.3467.78\opera_crashreporter.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe (Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.19.9.63\NortonSecurity.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.19.9.63\NortonSecurity.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.19.9.63\nsWscSvc.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) D:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) D:\Gry\Steam\Steam.exe (Wargaming.net Limited -> Wargaming.net) D:\Gry\Wargaming.net\GameCenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net) D:\Gry\Wargaming.net\GameCenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net) D:\Gry\Wargaming.net\GameCenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net) D:\Gry\Wargaming.net\GameCenter\WargamingErrorMonitor.exe (Wargaming.net Limited -> Wargaming.net) D:\Gry\Wargaming.net\GameCenter\wgc.exe (Xevin Consulting -> GG Network S.A.) C:\Users\dudimek\AppData\Local\GG\Application\ggapp.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1258960 2017-03-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [2774040 2019-12-19] (Opera Software AS -> Opera Software) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\...\Run: [GG] => C:\Users\dudimek\AppData\Local\GG\Application\gghub.exe [4078144 2016-07-04] (GG Network S.A. -> GG Network S.A.) HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3137808 2019-12-18] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5230784 2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\...\Run: [Discord] => C:\Users\dudimek\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\...\Run: [Steam] => D:\Gry\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation) HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540200 2019-03-26] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\...\Run: [Gaijin.Net Updater] => C:\Users\dudimek\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-12-12] (Gaijin Network LTD -> Gaijin Entertainment) HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\...\Run: [Wargaming.net Game Center] => D:\Gry\Wargaming.net\GameCenter\wgc.exe [2414456 2019-12-18] (Wargaming.net Limited -> Wargaming.net) HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\...\MountPoints2: {5d428a85-ed6c-11e7-87e0-309c230f0505} - "G:\autorun.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-20] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0201DAB3-E929-4647-A5AC-59A77EE4B1E4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-28] (AVAST Software s.r.o. -> AVAST Software) Task: {21FA144B-7CAB-4ACD-B7E4-491F40F336E5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {33E56598-CB48-44B1-B417-48067AF79175} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-28] (Google Inc -> Google Inc.) Task: {37240456-8654-41E2-9BE1-5B59C9465B63} - System32\Tasks\Chromium nemic => C:\Windows\system32\wscript.exe "C:\ProgramData\{38C5FDA6-B287-7760-3441-E922AE0362EC}\tera.txt" "68747470733a2f2f6b6174756e61712e636f6d" "433a5c50726f6772616d446174615c7b33384335464441362d423238372d373736302d333434312d4539323241453033363245437d5c66616c696d69" "433a5c50726f6772616d446174615c7b33384335464441362d423238372d373736302d (dane wartości zawierają 84 znaków więcej). <==== UWAGA Task: {3C2F6667-3FB8-45DB-AA55-0D8F8371BFB3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {439DB60A-BF36-4440-AA19-6598B1411025} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4EF5C98B-6C9A-467B-982B-59E585316C1C} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files\Norton Internet Security\Engine\22.19.9.63\SymErr.exe [116392 2019-11-16] (Symantec Corporation -> Symantec Corporation) Task: {517E0AEB-C59F-404E-8A08-6826C51A17F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {542F3D2C-9E75-4DAC-9665-AC878D4A1318} - System32\Tasks\Opera scheduled assistant Autoupdate 1576856226 => C:\Program Files (x86)\Opera\launcher.exe [1346584 2019-12-19] (Opera Software AS -> Opera Software) Task: {62611222-F122-4CC4-A327-9DE83C10DE1C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {69D6B373-67A3-468D-B0E2-87D5838AE262} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [1929344 2019-11-16] (Symantec Corporation -> Symantec Corporation) Task: {78591DB6-7B3A-49FB-B902-6419A601650E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {872FF9C0-36CB-4FAC-BE1A-354D40917C27} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-28] (Google Inc -> Google Inc.) Task: {8B452A45-C148-425D-B486-C5145848D05E} - System32\Tasks\Opera scheduled Autoupdate 1517944633 => C:\Program Files (x86)\Opera\launcher.exe [1346584 2019-12-19] (Opera Software AS -> Opera Software) Task: {902EEC87-7CCA-4CA5-894C-C7E4969B93C7} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.19.9.63\WSCStub.exe [570768 2019-11-16] (Symantec Corporation -> Symantec Corporation) Task: {9535297E-F366-4518-8EAA-248207900C6C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-10] (Adobe Inc. -> Adobe) Task: {A2FE8B25-30D0-4547-B0A3-EEC05311256D} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files\Norton Internet Security\Engine\22.19.9.63\SymErr.exe [116392 2019-11-16] (Symantec Corporation -> Symantec Corporation) Task: {A3B48557-F6A6-4AA8-9A15-5628D3C8360F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-10] (Adobe Inc. -> Adobe) Task: {B3F34694-C118-4040-8480-F40DA4E8A7C0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BD813FA7-9C62-43BB-B727-3D497F51DE85} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {BE1D1A4E-DF10-4830-AA20-08C3AF0F552D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DF5AD3BF-3937-48E1-9105-D00562BA8DE6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E9AF580E-700C-40A5-9257-1A17086F97DE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {EE5744A4-D579-4B66-A075-DF48A82D9A59} - System32\Tasks\Norton Security Scan for dudimek => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.103\Nss.exe [835664 2017-12-16] (Symantec Corporation -> Symantec Corporation) Task: {F1FDEDA7-F712-456E-B5BA-7D8F8A5DE216} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F2F27CDB-FEA9-49C3-BCA6-38BBD349D4D1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FBEACD41-0C17-4DA3-9EB0-C0E0A10BBCB5} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.19.9.63\SymErr.exe [116392 2019-11-16] (Symantec Corporation -> Symantec Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.7.1 8.8.8.8 194.204.152.34 Tcpip\..\Interfaces\{36bba572-544e-45e5-ae3b-c063581aca74}: [DhcpNameServer] 192.168.7.1 195.189.88.11 194.204.152.34 Tcpip\..\Interfaces\{a8e88b06-d2ff-457e-8935-b1caa3d223c8}: [DhcpNameServer] 192.168.7.1 8.8.8.8 194.204.152.34 Internet Explorer: ================== HKU\S-1-5-21-1406169887-4253107244-1405716791-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/?gws_rd=ssl BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\22.19.9.63\coIEPlg.dll [2019-11-16] (Symantec Corporation -> Symantec Corporation) BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-02-08] (McAfee, Inc. -> McAfee, Inc.) BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine32\22.19.9.63\coIEPlg.dll [2019-11-16] (Symantec Corporation -> Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-16] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-02-08] (McAfee, Inc. -> McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-16] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\22.19.9.63\coIEPlg.dll [2019-11-16] (Symantec Corporation -> Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine32\22.19.9.63\coIEPlg.dll [2019-11-16] (Symantec Corporation -> Symantec Corporation) Edge: ====== DownloadDir: C:\Users\dudimek\Downloads FireFox: ======== FF DefaultProfile: z9hjrokz.default FF ProfilePath: C:\Users\dudimek\AppData\Roaming\Mozilla\Firefox\Profiles\z9hjrokz.default [2019-12-30] FF Notifications: Mozilla\Firefox\Profiles\z9hjrokz.default -> hxxps://www.youtube.com FF Extension: (Brak nazwy) - C:\Users\dudimek\AppData\Roaming\Mozilla\Firefox\Profiles\z9hjrokz.default\Extensions\sp@avast.com.xpi [2019-02-08] [Brak podpisu cyfrowego] FF Extension: (Brak nazwy) - C:\Users\dudimek\AppData\Roaming\Mozilla\Firefox\Profiles\z9hjrokz.default\Extensions\wrc@avast.com.xpi [2019-02-08] [Brak podpisu cyfrowego] FF Extension: (Brak nazwy) - C:\Users\dudimek\AppData\Roaming\Mozilla\Firefox\Profiles\z9hjrokz.default\features\{19c5e4a8-ec37-4c6b-aef7-90dd3f5251fa}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-11-20] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (Brak nazwy) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-03-16] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://pl.search.yahoo.com/search?fr=mcafee_uninternational&type=E210PL91105G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR Session Restore: Default -> [funkcja włączona] CHR Profile: C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default [2019-10-04] CHR Extension: (Prezentacje) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-28] CHR Extension: (Dokumenty) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28] CHR Extension: (Dysk Google) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28] CHR Extension: (YouTube) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28] CHR Extension: (Norton Security Toolbar) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2019-05-11] CHR Extension: (Adobe Acrobat) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-07-29] CHR Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-07-29] CHR Extension: (Arkusze) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-28] CHR Extension: (McAfee® WebAdvisor) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-05-11] CHR Extension: (Dokumenty Google offline) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-28] CHR Extension: (Gmail) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11] CHR Extension: (Chrome Media Router) - C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-29] CHR Profile: C:\Users\dudimek\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-03] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.19.9.63\Exts\Chrome.crx CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.19.9.63\Exts\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] Opera: ======= OPR Notifications: hxxps://aternos.org; hxxps://key-drop.pl; hxxps://www.youtube.com ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3759752 2016-05-18] (Intel(R) Corporation -> Intel Corporation) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2019-10-30] (BattlEye Innovations e.K. -> ) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3128000 2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-06-05] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-08] (McAfee, Inc. -> McAfee, Inc.) R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [132048 2017-02-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 NortonSecurity; C:\Program Files\Norton Internet Security\Engine\22.19.9.63\NortonSecurity.exe [227296 2019-11-16] (Symantec Corporation -> Symantec Corporation) R2 nsWscSvc; C:\Program Files\Norton Internet Security\Engine\22.19.9.63\nsWscSvc.exe [938496 2019-11-16] (Symantec Corporation -> Symantec Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2019-12-18] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3352376 2019-12-18] (Electronic Arts, Inc. -> Electronic Arts) R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek) S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek) R2 RunSwUSB; C:\Windows\runSW.exe [44760 2019-03-16] (Realtek Semiconductor Corp -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-30] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-30] (Microsoft Corporation -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 BHDrvx64; C:\Program Files\Norton Internet Security\NortonData\22.11.2.7\Definitions\BASHDefs\20191002.002\BHDrvx64.sys [1952136 2019-10-02] (Symantec Corporation -> Symantec Corporation) R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1613090.03F\ccSetx64.sys [193392 2019-11-16] (Symantec Corporation -> Symantec Corporation) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-30] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-30] (Disc Soft Ltd -> Disc Soft Ltd) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516784 2019-10-04] (Symantec Corporation -> Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154288 2019-10-05] (Symantec Corporation -> Symantec Corporation) R1 IDSVia64; C:\Program Files\Norton Internet Security\NortonData\22.11.2.7\Definitions\IPSDefs\20191003.061\IDSvia64.sys [1451016 2019-10-03] (Symantec Corporation -> Symantec Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> ) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek Semiconductor Corp. -> Realtek ) R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [6740328 2017-08-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation ) S3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1613090.03F\SRTSP64.SYS [889008 2019-11-16] (Symantec Corporation -> Symantec Corporation) R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1613090.03F\SRTSPX64.SYS [50864 2019-11-16] (Symantec Corporation -> Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1613090.03F\SYMEFASI64.SYS [1963400 2019-11-16] (Symantec Corporation -> Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1613090.03F\SymELAM.sys [25744 2019-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-24] (Symantec Corporation -> Symantec Corporation) R3 SymEvnt; C:\Program Files\Norton Internet Security\NortonData\22.11.2.7\SymPlatform\SymEvnt.sys [719536 2019-09-17] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1613090.03F\Ironx64.SYS [316656 2019-11-16] (Symantec Corporation -> Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1613090.03F\symnets.sys [573448 2019-11-16] (Symantec Corporation -> Symantec Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-01-30] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-30] (Microsoft Windows -> Microsoft Corporation) S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1613090.03F\wpCtrlDrv.sys [1012120 2019-11-16] (Symantec Corporation -> Symantec Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-12-30 16:58 - 2019-12-30 17:08 - 000035793 _____ C:\Users\dudimek\Desktop\FRST.txt 2019-12-30 16:55 - 2019-12-30 16:56 - 002272256 _____ (Farbar) C:\Users\dudimek\Desktop\FRST64.exe 2019-12-30 16:45 - 2019-12-30 16:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation 2019-12-30 09:26 - 2019-12-30 09:26 - 000000000 ____D C:\Users\dudimek\AppData\Local\EpicGamesLauncher 2019-12-26 16:25 - 2019-12-26 16:25 - 000000000 ____D C:\Users\dudimek\AppData\LocalLow\Landfall Games 2019-12-23 08:01 - 2019-12-23 08:01 - 000000206 _____ C:\Users\dudimek\Desktop\Car Mechanic Simulator 2018.url 2019-12-22 20:47 - 2019-12-22 20:53 - 000000000 ____D C:\Users\dudimek\AppData\LocalLow\Red Dot Games 2019-12-20 16:37 - 2019-12-20 16:37 - 000004194 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1576856226 2019-12-13 21:21 - 2019-12-30 09:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Internet Security 2019-12-13 21:14 - 2019-12-13 21:14 - 000003394 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration 2019-12-13 21:14 - 2019-12-13 21:14 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2019-12-13 19:45 - 2019-12-13 19:45 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 006541712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 006444032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-12-13 19:45 - 2019-12-13 19:45 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 001668960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 001656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-12-13 19:45 - 2019-12-13 19:45 - 001465264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 001201128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 000408736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-12-13 19:45 - 2019-12-13 19:45 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-12-13 19:44 - 2019-12-13 19:45 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-12-13 19:44 - 2019-12-13 19:44 - 009668408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-12-13 19:44 - 2019-12-13 19:44 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 003638272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-12-13 19:44 - 2019-12-13 19:44 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-12-13 19:44 - 2019-12-13 19:44 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 001258296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-12-13 19:44 - 2019-12-13 19:44 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-12-13 19:44 - 2019-12-13 19:44 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2019-12-13 19:44 - 2019-12-13 19:44 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-12-13 19:44 - 2019-12-13 19:44 - 000678672 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2019-12-13 19:44 - 2019-12-13 19:44 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-12-13 19:44 - 2019-12-13 19:44 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-12-13 19:44 - 2019-12-13 19:44 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000505632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-12-13 19:44 - 2019-12-13 19:44 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll 2019-12-13 19:44 - 2019-12-13 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2019-12-13 19:44 - 2019-12-13 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2019-12-13 19:44 - 2019-12-13 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2019-12-13 19:44 - 2019-12-13 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2019-12-13 19:44 - 2019-12-13 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2019-12-13 19:44 - 2019-12-13 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2019-12-13 19:44 - 2019-12-13 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2019-12-13 19:44 - 2019-12-13 19:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2019-12-10 21:37 - 2019-12-10 21:37 - 005133880 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-12-30 17:08 - 2018-02-06 20:29 - 000000000 ____D C:\FRST 2019-12-30 17:07 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-12-30 15:58 - 2019-01-22 11:04 - 000004230 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{14B240D4-AB41-4974-B853-066C70403E74} 2019-12-30 14:13 - 2018-07-12 13:15 - 000000000 ____D C:\Users\dudimek\Documents\Euro Truck Simulator 2 2019-12-30 13:19 - 2017-09-01 18:48 - 000000000 ____D C:\Users\dudimek\AppData\Roaming\.minecraft 2019-12-30 13:06 - 2019-10-04 19:29 - 000000000 ____D C:\Users\dudimek\AppData\Roaming\.tlauncher 2019-12-30 13:05 - 2019-01-22 10:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-12-30 01:43 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-12-29 18:04 - 2018-11-16 21:25 - 000001250 _____ C:\Users\dudimek\Desktop\Roblox Studio.lnk 2019-12-29 18:04 - 2018-01-16 18:02 - 000000000 ____D C:\Users\dudimek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2019-12-29 15:58 - 2017-11-09 15:18 - 000000000 ____D C:\ProgramData\Origin 2019-12-29 15:41 - 2017-08-28 19:57 - 000000000 ____D C:\ProgramData\NVIDIA 2019-12-29 15:33 - 2017-11-09 15:17 - 000000000 ____D C:\Users\dudimek\AppData\Local\Origin 2019-12-29 15:33 - 2017-09-03 10:58 - 000000000 ____D C:\Users\dudimek\AppData\Roaming\GG 2019-12-28 22:12 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-12-27 11:31 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-12-24 08:57 - 2018-02-11 13:42 - 000000000 ____D C:\Users\dudimek\AppData\Roaming\discord 2019-12-23 21:34 - 2018-05-03 14:26 - 000000000 ____D C:\Users\dudimek\AppData\Local\GameCenter 2019-12-23 13:57 - 2019-09-09 21:47 - 000000127 _____ C:\Users\dudimek\Desktop\Armored Warfare.url 2019-12-23 13:57 - 2017-10-14 16:51 - 000000000 ____D C:\Users\dudimek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Armored Warfare MyCom Beta 2019-12-22 19:46 - 2018-06-27 14:29 - 000000000 ____D C:\Users\dudimek\AppData\Roaming\Mine_imator 2019-12-21 16:37 - 2018-03-19 19:00 - 000000000 ____D C:\Users\dudimek\Documents\BeamNG.drive 2019-12-21 16:35 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF 2019-12-21 09:13 - 2019-01-24 09:23 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2019-12-21 09:10 - 2017-09-03 10:58 - 000000000 ____D C:\Users\dudimek\AppData\Local\GG 2019-12-20 17:40 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps 2019-12-20 16:59 - 2018-07-28 12:52 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-12-20 16:59 - 2018-07-28 12:52 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-12-20 16:37 - 2019-05-16 17:40 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2019-12-20 16:37 - 2019-01-22 11:04 - 000004012 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1517944633 2019-12-20 16:37 - 2018-02-06 20:17 - 000000000 ____D C:\Program Files (x86)\Opera 2019-12-19 18:41 - 2017-11-10 17:20 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-12-18 22:58 - 2018-09-15 07:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2019-12-18 22:57 - 2019-01-22 11:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-12-18 22:56 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-12-18 19:04 - 2017-11-09 15:23 - 000000000 ____D C:\Program Files (x86)\Origin 2019-12-14 11:33 - 2019-01-22 11:04 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2019-12-14 11:33 - 2019-01-22 11:04 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2019-12-13 22:10 - 2017-08-28 21:15 - 000000000 ____D C:\Program Files\Common Files\AV 2019-12-13 21:21 - 2019-01-22 11:09 - 001768484 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-12-13 21:21 - 2018-09-15 17:43 - 000784514 _____ C:\WINDOWS\system32\perfh015.dat 2019-12-13 21:21 - 2018-09-15 17:43 - 000152312 _____ C:\WINDOWS\system32\perfc015.dat 2019-12-13 21:14 - 2019-01-22 10:53 - 000440400 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-12-13 21:14 - 2018-02-25 18:00 - 000002507 _____ C:\Users\Public\Desktop\Norton Security.lnk 2019-12-13 21:14 - 2018-02-22 15:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64 2019-12-13 21:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-12-13 21:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-12-13 19:56 - 2017-08-29 18:14 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-12-13 19:51 - 2017-08-29 18:14 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-12-13 19:50 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-12-12 21:01 - 2017-11-09 15:27 - 000000000 ____D C:\Users\dudimek\AppData\Roaming\Origin 2019-12-10 21:37 - 2019-01-22 11:04 - 000004704 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier 2019-12-10 21:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-12-10 21:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-12-10 14:36 - 2018-05-17 19:48 - 000000000 ____D C:\Users\dudimek\AppData\Local\D3DSCache 2019-12-10 10:40 - 2017-10-14 12:32 - 000000000 ____D C:\Users\dudimek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games 2019-12-09 20:39 - 2017-08-28 19:57 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-12-07 23:10 - 2019-01-22 10:57 - 000000000 ____D C:\Users\dudimek 2019-12-07 22:42 - 2017-08-28 19:57 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2019-12-07 22:42 - 2017-08-28 19:57 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2019-12-07 22:42 - 2017-08-25 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2019-12-07 10:01 - 2019-05-24 13:36 - 000000000 ____D C:\Program Files (x86)\Origin Games 2019-12-01 20:35 - 2017-09-18 16:27 - 000000000 ____D C:\Users\dudimek\AppData\Local\CrashDumps 2019-12-01 18:05 - 2017-10-11 20:04 - 000000000 ___RD C:\Users\dudimek\3D Objects 2019-12-01 18:05 - 2016-02-13 18:52 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-12-01 00:31 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2019-12-01 00:31 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2019-12-01 00:31 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-12-01 00:31 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-12-01 00:31 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-12-01 00:31 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism ==================== Pliki w katalogu głównym wybranych folderów ======== 2018-12-31 17:19 - 2019-01-24 08:45 - 000008285 _____ () C:\Users\dudimek\AppData\Roaming\downloads.json 2019-02-09 13:08 - 2019-02-09 13:08 - 000000041 _____ () C:\Users\dudimek\AppData\Roaming\WB.CFG 2019-04-23 19:27 - 2019-04-23 20:41 - 000007680 _____ () C:\Users\dudimek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-02-19 18:09 - 2019-02-19 18:09 - 000006844 _____ () C:\Users\dudimek\AppData\Local\recently-used.xbel 2019-01-25 14:16 - 2019-01-25 14:16 - 000007605 _____ () C:\Users\dudimek\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================