Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-04-2020 Uruchomiony przez julia (administrator) DESKTOP-JHH8TUR (Micro-Star International Co., Ltd MS-7B86) (14-04-2020 18:25:50) Uruchomiony z J:\FRST f Załadowane profile: julia (Dostępne profile: julia) Platform: Windows 10 Home Wersja 1909 18363.720 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe (ALCPU -> ALCPU) J:\Program Files\Core Temp\Core Temp.exe (AMD) [Brak podpisu cyfrowego] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe (AMD) [Brak podpisu cyfrowego] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (AMD) [Brak podpisu cyfrowego] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe (Digital Communications Inc -> Digital Communications Inc) C:\Program Files (x86)\Segurazo\SegurazoIC.exe (Digital Communications Inc -> Digital Communications Inc) C:\Program Files (x86)\Segurazo\SegurazoService.exe (Discord Inc. -> Discord Inc.) C:\Users\julia\AppData\Local\Discord\app-0.0.306\Discord.exe <6> (Electronic Arts, Inc. -> Electronic Arts) J:\Origin\OriginWebHelperService.exe (Gaijin Network LTD -> Gaijin Entertainment) C:\Users\julia\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2> (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe (GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\julia\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\julia\AppData\Local\Microsoft\Teams\current\Teams.exe <6> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe (Opera Software AS -> Opera Software) J:\Opera beta\68.0.3618.31\opera.exe <24> (Opera Software AS -> Opera Software) J:\Opera beta\68.0.3618.31\opera_crashreporter.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Python Software Foundation -> Python Software Foundation) C:\Program Files (x86)\GOG Galaxy\python\python.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) J:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve -> Valve Corporation) J:\Program Files (x86)\Steam\steam.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [817232 2019-01-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-3367995364-951210483-953806408-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-3367995364-951210483-953806408-1001\...\Run: [Steam] => J:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation) HKU\S-1-5-21-3367995364-951210483-953806408-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13277256 2020-02-29] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-3367995364-951210483-953806408-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\julia\AppData\Local\Microsoft\Teams\Update.exe [2342544 2020-03-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3367995364-951210483-953806408-1001\...\Run: [Discord] => C:\Users\julia\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3367995364-951210483-953806408-1001\...\Run: [Gaijin.Net Updater] => C:\Users\julia\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment) HKU\S-1-5-21-3367995364-951210483-953806408-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [807936 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-02] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {080A92E3-4B88-4EE6-B577-DD6521820F8C} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-01-10] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] Task: {10309AD7-4B8D-400C-BE2C-2F272B461350} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe Task: {13F98CA9-F2A2-45FA-B6BA-C1C3442E58A9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software) Task: {2C12F265-C2D9-4274-B521-6967FB27FADA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-04-05] (Adobe Inc. -> Adobe) Task: {35D28E50-2690-4BCC-89B4-ED5CE4BAA057} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3BE41A74-340E-4075-9BF9-428AB5187025} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe Task: {4738F470-8A4F-4D69-ADC3-6626A97C7B61} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-26] (Google LLC -> Google LLC) Task: {63BF848B-7551-4ECF-870F-3EAF1EF4094B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6FB0FB17-A46E-41C2-B92F-7DA31E72F524} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65136 2019-09-28] (Microsoft Corporation -> Microsoft) Task: {7F8738E7-AAB1-4421-B640-9647B2D99B43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-26] (Google LLC -> Google LLC) Task: {87BFED4B-AEB7-4696-B411-D61EEBFEFA87} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe Task: {8AD18206-BC19-4F91-9DA6-46ACE18BEC63} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {8BCC1DBD-27C7-4471-8FC1-52D592DC9392} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {8CC284B1-0DD3-4E22-8A4D-85E8508D04E8} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-01-10] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] Task: {957FB8B7-BB9F-47BE-BA4C-D6B693CF431E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A50046CF-693B-4599-A6B0-682A5E3E4B2B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {BCDC7BE2-F57E-4E3A-9AEE-ACEC1C96DFAD} - System32\Tasks\Core Temp Autostart julia => J:\Program Files\Core Temp\Core Temp.exe [1011592 2019-08-30] (ALCPU -> ALCPU) Task: {C3261DC1-D40F-4305-A4C6-90A857D0D8BE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {C9CE6D4D-97CD-4870-9212-C690C5D01622} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E19CA1A4-7A90-4F56-AE28-F05BFCE12E00} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d0880699-799d-4610-aef1-4d7c35e2cd7f}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-13] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-13] (Oracle America, Inc. -> Oracle Corporation) Edge: ====== DownloadDir: C:\Users\julia\Downloads Edge HomeButtonPage: HKU\S-1-5-21-3367995364-951210483-953806408-1001 -> hxxps://www.google.pl/ FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-13] (Oracle America, Inc. -> Oracle Corporation) Chrome: ======= CHR Profile: C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default [2020-04-14] CHR Extension: (Prezentacje) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-26] CHR Extension: (Dokumenty) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-26] CHR Extension: (Dysk Google) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-26] CHR Extension: (YouTube) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-26] CHR Extension: (Search Manager) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod [2020-04-14] CHR Extension: (Search Manager) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh [2020-04-14] CHR Extension: (Arkusze) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-26] CHR Extension: (Dokumenty Google offline) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-26] CHR Extension: (Gmail) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-26] CHR Extension: (Chrome Media Router) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe [508008 2019-09-18] (Advanced Micro Devices, Inc. -> AMD) R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-01-09] (AMD) [Brak podpisu cyfrowego] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-03-16] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1636936 2020-02-29] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-24] (GOG Sp. z o.o. -> GOG.com) S3 Origin Client Service; J:\Origin\OriginClientService.exe [2495280 2020-03-16] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; J:\Origin\OriginWebHelperService.exe [3445552 2020-03-16] (Electronic Arts, Inc. -> Electronic Arts) R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [817232 2019-01-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 SegurazoIC; C:\Program Files (x86)\Segurazo\SegurazoIC.exe [4561616 2019-12-28] (Digital Communications Inc -> Digital Communications Inc) <==== UWAGA R2 SegurazoSvc; C:\Program Files (x86)\Segurazo\SegurazoService.exe [187088 2019-12-28] (Digital Communications Inc -> Digital Communications Inc) <==== UWAGA S3 VSStandardCollectorService150; J:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 ALSysIO; C:\Users\julia\AppData\Local\Temp\ALSysIO64.sys [47240 2020-04-14] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== UWAGA R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atikmdag.sys [55249512 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atikmpag.sys [595048 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. ) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1122200 2019-01-18] (Realtek Semiconductor Corp. -> Realtek ) R1 SEGURAZOKD; C:\Program Files (x86)\Segurazo\SegurazoKD.sys [84256 2019-12-28] (Digital Communications Inc. -> Digital Communications Inc) <==== UWAGA S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-26] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-26] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-04-14 18:23 - 2020-04-14 18:23 - 000000000 ___HD C:\OneDriveTemp 2020-04-14 18:17 - 2020-04-14 18:17 - 000000281 _____ C:\Users\julia\Desktop\Beksiński.txt 2020-04-14 15:10 - 2020-04-14 18:26 - 000000000 ____D C:\FRST 2020-04-14 14:40 - 2020-04-14 14:40 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2020-04-14 14:07 - 2020-04-14 14:08 - 000000000 ____D C:\AdwCleaner 2020-04-14 14:05 - 2020-04-14 14:05 - 008196784 _____ (Malwarebytes) C:\Users\julia\Desktop\adwcleaner_8.0.4.exe 2020-04-14 13:51 - 2020-04-14 13:51 - 000000000 ____D C:\Users\julia\Desktop\Nowy folder 2020-04-14 13:49 - 2020-04-14 13:49 - 000008778 _____ C:\Users\julia\AppData\Local\recently-used.xbel 2020-04-14 11:32 - 2020-04-14 18:23 - 000000000 ____D C:\Program Files (x86)\Segurazo 2020-04-14 11:32 - 2020-04-14 11:32 - 000000000 ____D C:\Users\julia\AppData\Roaming\segurazoclient 2020-04-14 11:32 - 2020-04-14 11:32 - 000000000 ____D C:\ProgramData\Segurazo 2020-04-14 11:32 - 2020-04-14 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo 2020-04-12 14:07 - 2020-04-13 19:16 - 000000000 ____D C:\Users\julia\AppData\Roaming\.minecraft 2020-04-08 23:07 - 2020-04-08 23:07 - 000001099 _____ C:\Users\julia\Desktop\WarThunder.lnk 2020-04-08 23:06 - 2020-04-08 23:07 - 000000000 ____D C:\Users\julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2020-04-03 11:55 - 2020-04-03 11:55 - 000066008 _____ C:\Users\julia\Downloads\Bez_nazwy.xcf 2020-04-03 11:16 - 2020-04-03 11:16 - 000078440 _____ C:\Users\julia\Downloads\Pzydziszg.xcf 2020-04-02 08:17 - 2020-04-02 08:17 - 000000000 ____D C:\Users\julia\AppData\LocalLow\DefaultCompany 2020-04-02 08:16 - 2020-04-02 08:17 - 000000000 ____D C:\Users\julia\AppData\Roaming\Unity 2020-04-02 08:16 - 2020-04-02 08:16 - 000000000 ____D C:\Users\julia\AppData\Local\Unity 2020-04-01 17:11 - 2020-04-01 17:11 - 000000000 ____D C:\Users\julia\Documents\League of Legends 2020-04-01 17:09 - 2020-04-01 17:10 - 000001681 _____ C:\Users\Public\Desktop\League of Legends.lnk 2020-04-01 17:09 - 2020-04-01 17:09 - 000000000 ____D C:\Users\julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-04-01 17:09 - 2020-04-01 17:09 - 000000000 ____D C:\Riot Games 2020-04-01 17:09 - 2020-04-01 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-04-01 17:09 - 2008-07-12 08:18 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll 2020-04-01 17:09 - 2008-07-12 08:18 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll 2020-04-01 17:09 - 2008-07-12 08:18 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll 2020-04-01 17:08 - 2020-04-01 17:11 - 000000000 ____D C:\Users\julia\AppData\Local\Riot Games 2020-04-01 17:08 - 2020-04-01 17:09 - 000000000 ____D C:\ProgramData\Riot Games 2020-03-30 20:34 - 2020-03-30 23:58 - 000000000 ____D C:\Users\julia\Documents\Assassin's Creed Syndicate 2020-03-30 20:13 - 2020-03-30 20:13 - 000000302 _____ C:\Users\julia\Desktop\Assassins Creed Syndicate.url 2020-03-30 08:32 - 2020-03-30 08:32 - 000001292 _____ C:\Users\Public\Desktop\Unity 2019.3.7f1 (64-bit).lnk 2020-03-30 08:32 - 2020-03-30 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.3.7f1 (64-bit) 2020-03-30 08:29 - 2020-03-30 08:29 - 000000000 ____D C:\Program Files\Unity 2020-03-28 22:21 - 2020-03-28 22:21 - 000000000 ____D C:\Users\julia\AppData\Local\Jackbox Games 2020-03-26 19:04 - 2020-03-26 19:04 - 000307579 _____ (Mojang) C:\Users\julia\Desktop\SKlauncher 3-beta.15.exe 2020-03-26 16:42 - 2020-04-02 22:54 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-03-26 16:42 - 2020-04-02 22:54 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-03-26 16:42 - 2020-03-26 16:47 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-26 16:42 - 2020-03-26 16:47 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-03-25 13:02 - 2020-03-25 13:07 - 000000000 ____D C:\Users\julia\AppData\Local\ElevatedDiagnostics 2020-03-25 10:02 - 2020-03-25 10:02 - 000000233 _____ C:\Users\julia\Desktop\Child of Light.url 2020-03-25 10:00 - 2020-03-25 10:00 - 000000000 ____D C:\ProgramData\Ubisoft 2020-03-25 09:59 - 2020-04-04 12:12 - 000000000 ____D C:\Users\julia\AppData\Local\Ubisoft Game Launcher 2020-03-25 09:59 - 2020-03-25 09:59 - 000000941 _____ C:\Users\julia\Desktop\Uplay.lnk 2020-03-25 09:59 - 2020-03-25 09:59 - 000000000 ____D C:\Users\julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2020-03-19 00:34 - 2020-03-19 20:23 - 000000000 ____D C:\Users\julia\AppData\Roaming\Tera_Awesomium 2020-03-18 23:02 - 2020-03-18 23:02 - 000000000 ____D C:\Users\julia\AppData\Local\En Masse Entertainment 2020-03-18 23:02 - 2020-03-18 23:02 - 000000000 ____D C:\ProgramData\boost_interprocess 2020-03-18 23:00 - 2020-03-19 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\En Masse Entertainment 2020-03-18 23:00 - 2020-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2020-03-18 15:20 - 2020-04-14 18:24 - 000000000 ____D C:\Users\julia\AppData\Roaming\discord 2020-03-18 15:20 - 2020-03-18 15:20 - 000002233 _____ C:\Users\julia\Desktop\Discord.lnk 2020-03-18 15:20 - 2020-03-18 15:20 - 000000000 ____D C:\Users\julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2020-03-18 15:20 - 2020-03-18 15:20 - 000000000 ____D C:\Users\julia\AppData\Local\Discord 2020-03-17 19:16 - 2020-03-17 19:16 - 000000000 ____D C:\Users\julia\AppData\Roaming\EasyAntiCheat 2020-03-17 19:16 - 2020-03-17 19:16 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2020-03-16 17:46 - 2020-03-16 18:57 - 000000000 ____D C:\Users\julia\AppData\Roaming\CodeBlocks 2020-03-16 17:45 - 2020-03-16 17:46 - 000000000 ____D C:\Users\julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2020-03-16 17:45 - 2020-03-16 17:45 - 000000847 _____ C:\Users\julia\Desktop\CodeBlocks.lnk 2020-03-16 17:45 - 2020-03-16 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2020-03-16 10:15 - 2020-03-16 10:15 - 000000222 _____ C:\Users\julia\Desktop\Paladins.url ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-04-14 18:23 - 2020-02-18 21:39 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate 2020-04-14 18:23 - 2020-02-18 21:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-04-14 18:23 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-04-14 18:23 - 2019-01-18 18:04 - 000000000 ___RD C:\Users\julia\OneDrive 2020-04-14 18:22 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-04-14 18:21 - 2019-02-19 00:10 - 000000000 ____D C:\Users\julia\AppData\LocalLow\Temp 2020-04-14 18:16 - 2020-02-18 21:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-04-14 15:10 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF 2020-04-14 14:52 - 2020-02-18 21:34 - 001768484 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-04-14 14:52 - 2019-03-19 14:23 - 000784514 _____ C:\WINDOWS\system32\perfh015.dat 2020-04-14 14:52 - 2019-03-19 14:23 - 000152312 _____ C:\WINDOWS\system32\perfc015.dat 2020-04-14 14:39 - 2020-02-18 21:26 - 000491816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-04-14 14:08 - 2020-02-18 21:31 - 000000000 ____D C:\Users\julia 2020-04-14 13:56 - 2019-02-18 20:06 - 000000000 ____D C:\Users\julia\AppData\Local\.IdentityService 2020-04-14 13:50 - 2019-01-26 22:03 - 000000000 ____D C:\Users\julia\AppData\Local\babl-0.1 2020-04-14 13:01 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-04-14 13:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-04-14 00:18 - 2019-01-18 18:02 - 000000000 ____D C:\Users\julia\AppData\Local\D3DSCache 2020-04-08 23:07 - 2019-07-20 17:49 - 000000000 ____D C:\ProgramData\Gaijin 2020-04-08 23:06 - 2020-01-31 13:14 - 000000000 ____D C:\Users\julia\Documents\My Games 2020-04-07 21:52 - 2019-01-19 19:40 - 000000000 ____D C:\Users\julia\AppData\Roaming\Origin 2020-04-07 21:52 - 2019-01-19 19:40 - 000000000 ____D C:\ProgramData\Origin 2020-04-07 17:45 - 2019-08-30 19:45 - 000000000 ____D C:\Users\julia\AppData\Roaming\Star Stable Online 2020-04-07 17:17 - 2019-01-20 14:18 - 000000000 ____D C:\Program Files (x86)\Origin Games 2020-04-07 17:15 - 2019-01-19 19:40 - 000000000 ____D C:\Users\julia\AppData\Local\Origin 2020-04-06 11:50 - 2019-08-30 19:45 - 000001128 _____ C:\Users\Public\Desktop\Star Stable Online.lnk 2020-04-05 17:07 - 2020-02-18 21:39 - 000004658 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-04-05 17:07 - 2019-04-19 18:27 - 000000000 ____D C:\Users\julia\AppData\Local\Adobe 2020-04-05 17:07 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-04-05 17:07 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-04-02 23:27 - 2020-03-11 14:58 - 000000000 ____D C:\Users\julia\AppData\Roaming\UnityHub 2020-04-02 12:28 - 2019-01-26 22:04 - 000000000 ____D C:\Users\julia\AppData\Local\gtk-2.0 2020-04-02 08:17 - 2019-07-08 19:13 - 000000000 ____D C:\Users\julia\AppData\LocalLow\Unity 2020-04-02 07:56 - 2019-01-19 14:13 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-03-30 08:33 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-03-26 16:42 - 2020-02-18 22:40 - 000000000 ____D C:\Users\julia\AppData\Local\Google 2020-03-26 16:42 - 2020-02-18 22:40 - 000000000 ____D C:\Program Files (x86)\Google 2020-03-26 09:01 - 2019-01-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-03-22 21:37 - 2020-01-22 07:50 - 000002364 _____ C:\Users\julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2020-03-22 21:37 - 2019-11-12 19:09 - 000002356 _____ C:\Users\julia\Desktop\Microsoft Teams.lnk 2020-03-22 16:51 - 2019-01-18 18:04 - 000000000 ____D C:\Users\julia\AppData\Local\PlaceholderTileLogoFolder 2020-03-22 13:26 - 2019-01-19 14:39 - 000000000 ____D C:\Users\julia\AppData\Local\GHISLER 2020-03-18 15:20 - 2019-11-12 19:09 - 000000000 ____D C:\Users\julia\AppData\Local\SquirrelTemp 2020-03-17 00:20 - 2020-03-12 11:08 - 000000000 ____D C:\Users\julia\AppData\Roaming\foobar2000 2020-03-16 10:15 - 2019-07-05 20:34 - 000000000 ____D C:\Users\julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-04-14 11:32 - 2020-04-14 14:17 - 022440403 _____ () C:\Program Files (x86)\Common Files\MoCreatures.jar 2019-11-17 14:08 - 2019-11-17 14:23 - 000003520 _____ () C:\Users\julia\AppData\Local\kdenliverc 2019-07-24 18:27 - 2019-12-08 21:44 - 000004129 _____ () C:\Users\julia\AppData\Local\PlariumPlay.log 2020-04-14 13:49 - 2020-04-14 13:49 - 000008778 _____ () C:\Users\julia\AppData\Local\recently-used.xbel 2019-11-17 14:08 - 2019-11-17 14:08 - 000000535 _____ () C:\Users\julia\AppData\Local\user-places.xbel 2019-11-17 14:08 - 2019-11-17 14:08 - 000000000 _____ () C:\Users\julia\AppData\Local\user-places.xbel.tbcache ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================