Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 13-05-2020 01 Uruchomiony przez Gracz (administrator) TATOKUBA (MSI MS-7972) (16-05-2020 15:17:55) Uruchomiony z C:\Users\Gracz\Desktop Załadowane profile: Gracz Platform: Windows 10 Home Wersja 1909 18363.719 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0348909.inf_amd64_41506e54d87e685a\B349181\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0348909.inf_amd64_41506e54d87e685a\B349181\atiesrxx.exe (AMD) [Brak podpisu cyfrowego] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe (AMD) [Brak podpisu cyfrowego] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (AMD) [Brak podpisu cyfrowego] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe (Arcabit Sp. z o.o. -> ) C:\Program Files\Arcabit\bin\scanenginecon.exe (Arcabit Sp. z o.o. -> Arcabit) C:\Program Files\Arcabit\bin\arcamenu.exe (Arcabit Sp. z o.o. -> Arcabit) C:\Program Files\Arcabit\bin\arcamon.exe (Arcabit Sp. z o.o. -> Arcabit) C:\Program Files\Arcabit\bin\arcasv.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <2> (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Small Business Advantage -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBarFT.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <5> (philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156256 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM\...\Run: [arcamenu] => C:\Program Files\Arcabit\bin\arcamenu.exe [407768 2020-04-03] (Arcabit Sp. z o.o. -> Arcabit) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26290352 2019-11-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1203856 2017-09-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1151972069-3515115555-2733446453-1001\...\Run: [uTorrent] => C:\Users\Gracz\AppData\Roaming\uTorrent\uTorrent.exe [2072816 2020-04-08] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-1151972069-3515115555-2733446453-1001\...\Run: [Wargaming.net Game Center] => C:\Wargaming.net\GameCenter\wgc.exe [2417016 2020-05-16] (Wargaming.net Limited -> Wargaming.net) HKU\S-1-5-21-1151972069-3515115555-2733446453-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3372832 2020-05-15] (Valve -> Valve Corporation) HKU\S-1-5-21-1151972069-3515115555-2733446453-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-1151972069-3515115555-2733446453-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Gracz\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-04-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-06] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-03-18] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) BootExecute: autocheck autochk * sdnclean64.exe ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01E907D5-E962-4B2E-93E6-78773ADFE58B} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-11-27] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] Task: {06D4471C-379F-40A0-B2B9-C6A2D4886BFC} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-11-27] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] Task: {1F743AFD-C97A-4A44-8836-C9D4FD40A43C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-12] (Adobe Inc. -> Adobe) Task: {1FDC07C1-8A70-418C-A69D-1BAB139BDB11} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-11-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {2CA994BF-8900-4622-833B-2BD8AB4EF0A6} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-11-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {33FD67D2-FAF8-4BB4-920B-E3405C80DFF4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171344 2020-05-10] (Microsoft Corporation -> Microsoft Corporation) Task: {40B9525F-0815-489D-B874-ED62D9C75E8F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171344 2020-05-10] (Microsoft Corporation -> Microsoft Corporation) Task: {53FDAE6B-C3E8-4E6B-AFF7-88ACB9AA9F78} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-30] (Microsoft Corporation -> Microsoft Corporation) Task: {61868536-26E9-49F2-97AC-F086F2294192} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-30] (Microsoft Corporation -> Microsoft Corporation) Task: {61E3B376-EAD2-4D23-AB0E-EB0D81335870} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {77D897F4-1547-4AAC-A0A7-75377C2C3716} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3373072 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {989649C9-ABEC-4981-9614-36309A8F85E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {A9C35EEB-E8D0-4B58-AC3B-C77B6453A504} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe) Task: {C8F513DA-1BAC-4860-85E7-8AFB76371836} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {D1EF4728-513C-4C10-B80A-F83289AE0DA3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {D3148BD4-6666-4AF9-873A-24353072E78E} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-28] (AVG Technologies USA, LLC -> AVG Technologies) Task: {EF04B525-207D-4510-8D39-B69676CBE9A0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {FCEA53BD-FC83-4C24-A891-42C1C900D60D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-11-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: Nie znaleziono pliku Hosts w domyślnym katalogu Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{28637fda-ba9a-4791-846c-8edf4af6234a}: [DhcpNameServer] 192.168.2.1 8.8.8.8 Tcpip\..\Interfaces\{75076e2a-820f-4df7-a088-f263fcb93f60}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8bf2663c-307c-4871-a2f2-211bace4a882}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1151972069-3515115555-2733446453-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 -> DefaultScope - brak wartości BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-04] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: dpeqq15d.default FF ProfilePath: C:\Users\Gracz\AppData\Roaming\Mozilla\Firefox\Profiles\dpeqq15d.default [2020-05-16] FF NewTab: Mozilla\Firefox\Profiles\dpeqq15d.default -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-05-15 08:11:50&bName= FF ProfilePath: C:\Users\Gracz\AppData\Roaming\Mozilla\Firefox\Profiles\4vd60lg1.default-release [2020-05-16] FF Homepage: Mozilla\Firefox\Profiles\4vd60lg1.default-release -> www.wp.pl FF NewTab: Mozilla\Firefox\Profiles\4vd60lg1.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-05-15 08:11:50&bName= FF Notifications: Mozilla\Firefox\Profiles\4vd60lg1.default-release -> hxxps://teams.microsoft.com FF Extension: (uBlock Origin) - C:\Users\Gracz\AppData\Roaming\Mozilla\Firefox\Profiles\4vd60lg1.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-02-06] FF Extension: (Mozilla Official) - C:\Users\Gracz\AppData\Roaming\Mozilla\Firefox\Profiles\4vd60lg1.default-release\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2020-05-15] [Brak podpisu cyfrowego] FF Extension: (uBlock) - C:\Users\Gracz\AppData\Roaming\Mozilla\Firefox\Profiles\4vd60lg1.default-release\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2019-12-21] FF Extension: (Send invitation/Wysyłanie zaproszeń) - C:\Users\Gracz\AppData\Roaming\Mozilla\Firefox\Profiles\4vd60lg1.default-release\Extensions\{b75a35da-cd53-4313-afd1-fcb0b2bec23f}.xpi [2020-01-24] FF Extension: (Otwieracz linków ) - C:\Users\Gracz\AppData\Roaming\Mozilla\Firefox\Profiles\4vd60lg1.default-release\Extensions\{c950d6ef-7952-41f2-a457-edc3057a57c2}.xpi [2019-12-21] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-12] (Adobe Inc. -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-12] (Adobe Inc. -> ) FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll [2015-07-15] (Ganymede Sp. z o.o. -> ) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default [2020-05-16] CHR Extension: (Prezentacje) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-21] CHR Extension: (Dokumenty) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-21] CHR Extension: (Dysk Google) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-21] CHR Extension: (YouTube) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-21] CHR Extension: (uBlock Origin) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-22] CHR Extension: (Arkusze) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-21] CHR Extension: (Dokumenty Google offline) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-22] CHR Extension: (book_helper) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\khfmaojmakngfjblanjnfogkifhikigl [2020-05-15] CHR Extension: (AVG SafePrice | Porównania, promocje, kupony) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-04-22] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-21] CHR Extension: (Gmail) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-21] CHR Extension: (Chrome Media Router) - C:\Users\Gracz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22] CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) "{45487F67-EC9F-4449-A6F2-2D0970F9B80B}" => serwis nie został odblokowany. <==== UWAGA HKLM\SYSTEM\ControlSet001\Services\{45487F67-EC9F-4449-A6F2-2D0970F9B80B} => C:\Windows\System32\drivers\Wdf62161.sys [6527376 2020-05-15] (Odmowa dostępu) [Brak podpisu cyfrowego] <==== UWAGA (Rootkit!/Zablokowana usługa) R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\u0348909.inf_amd64_41506e54d87e685a\B349181\atiesrxx.exe [509144 2019-12-02] (Advanced Micro Devices, Inc. -> AMD) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3153872 2020-03-18] (philandro Software GmbH -> philandro Software GmbH) R2 arcabitsv; C:\Program Files\Arcabit\bin\arcasv.exe [4257888 2020-04-03] (Arcabit Sp. z o.o. -> Arcabit) R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-11-26] (AMD) [Brak podpisu cyfrowego] R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [345960 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5552064 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8567960 2020-04-15] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10610544 2020-04-30] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2019-12-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2323632 2019-11-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 SbaService; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe [26296 2015-10-14] (Intel(R) Small Business Advantage -> Intel Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12059136 2019-12-04] (TeamViewer GmbH -> TeamViewer GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-21] (Microsoft Windows Publisher -> Microsoft Corporation) S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL) S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL) S2 cfjvceyw; C:\Windows\SysWOW64\cfjvceyw\twcwlwhn.exe [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\u0348909.inf_amd64_41506e54d87e685a\B349181\atikmdag.sys [60671704 2019-12-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\u0348909.inf_amd64_41506e54d87e685a\B349181\atikmpag.sys [598232 2019-12-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S0 arcael; C:\Windows\System32\drivers\arcael.sys [16312 2020-04-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Arcabit/mks_vir) R1 arcawfp; C:\Windows\System32\drivers\arcawfp.sys [111560 2020-04-03] (Arcabit Sp. z o.o. -> Windows (R) Win 7 DDK provider) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37960 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [206672 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [234840 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [179032 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61272 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgElam; C:\Windows\System32\drivers\avgElam.sys [16520 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.) R3 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [43568 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [175984 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [110064 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [85664 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [852392 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [459992 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgStm; C:\Windows\System32\drivers\avgStm.sys [235768 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [317864 2020-04-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-03-26] (Bluestack Systems, Inc -> Bluestack System Inc. ) S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2019-03-19] (Microsoft Windows -> MediaTek Inc.) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek ) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45664 2019-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [355760 2019-12-21] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-21] (Microsoft Windows -> Microsoft Corporation) U3 avgbdisk; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-05-16 15:17 - 2020-05-16 15:18 - 000027180 _____ C:\Users\Gracz\Desktop\FRST.txt 2020-05-16 14:17 - 2020-05-16 14:17 - 016515072 ____N C:\Windows\system32\config\SYSTEM 2020-05-16 14:15 - 2020-05-16 14:15 - 000000000 ____D C:\Users\Gracz\Desktop\skan 2020-05-16 13:59 - 2020-05-16 14:00 - 000925696 _____ (Farbar) C:\Users\Gracz\Downloads\FSS.exe 2020-05-16 13:52 - 2020-05-16 13:52 - 000000002 _____ C:\Users\Gracz\Desktop\jbihcduluwxq.txt 2020-05-16 13:45 - 2020-05-16 13:45 - 000000085 _____ C:\Windows\wininit.ini 2020-05-16 13:21 - 2020-05-16 13:21 - 000608687 _____ C:\Users\Gracz\Downloads\KExploit_v4.2.0(2).zip 2020-05-16 10:23 - 2020-05-16 10:23 - 000608687 _____ C:\Users\Gracz\Downloads\KExploit_v4.2.0(1).zip 2020-05-16 08:10 - 2020-05-16 15:18 - 000000000 ____D C:\FRST 2020-05-15 21:40 - 2020-05-15 21:40 - 002286080 _____ (Farbar) C:\Users\Gracz\Desktop\FRST64.exe 2020-05-15 20:55 - 2020-05-16 13:46 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2020-05-15 20:55 - 2020-05-16 13:45 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2020-05-15 20:55 - 2020-05-15 20:55 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking 2020-05-15 20:55 - 2020-05-15 20:55 - 000000000 ____D C:\Users\Gracz\AppData\Local\Safer-Networking Ltd 2020-05-15 20:55 - 2020-05-15 20:55 - 000000000 ____D C:\Safer-Networking Ltd 2020-05-15 20:54 - 2020-05-15 20:54 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\Gracz\Downloads\spybotsd-2.8.68.0.exe 2020-05-15 16:55 - 2020-05-15 16:56 - 000000000 ____D C:\AdwCleaner 2020-05-15 16:51 - 2020-05-15 16:51 - 008196784 _____ (Malwarebytes) C:\Users\Gracz\Downloads\AdwCleaner.exe 2020-05-15 16:51 - 2020-05-15 16:51 - 008196784 _____ (Malwarebytes) C:\Users\Gracz\Desktop\AdwCleaner(1).exe 2020-05-15 10:33 - 2020-05-15 10:33 - 000000000 ____D C:\Users\Gracz\AppData\Local\565cfe52-7c22-4a8f-b7bb-b8496ba92cca 2020-05-15 10:19 - 2020-05-15 16:48 - 000000004 _____ C:\ProgramData\rc.dat 2020-05-15 10:18 - 2020-05-15 16:26 - 000000004 _____ C:\ProgramData\lock.dat 2020-05-15 10:18 - 2020-05-15 15:26 - 000000040 _____ C:\ProgramData\irw.atsd 2020-05-15 10:18 - 2020-05-15 10:18 - 000000008 _____ C:\ProgramData\ts.dat 2020-05-15 10:15 - 2020-05-16 14:18 - 016515072 _____ C:\Windows\system32\C_32770.NLS 2020-05-15 10:15 - 2020-05-15 16:49 - 000000000 ____D C:\ProgramData\FlexGridService 2020-05-15 10:13 - 2020-05-15 10:13 - 000001115 _____ C:\Users\Gracz\_readme.txt 2020-05-15 10:12 - 2020-05-15 10:12 - 006527376 ____N C:\Windows\system32\Drivers\Wdf62161.sys 2020-05-15 10:12 - 2020-05-15 10:12 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2020-05-15 10:12 - 2020-05-15 10:12 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2020-05-15 10:12 - 2020-05-15 10:12 - 000000049 _____ C:\Users\Gracz\AppData\Local\script.ps1 2020-05-15 10:12 - 2020-05-15 10:12 - 000000000 ____D C:\Users\Gracz\AppData\Local\app 2020-05-15 10:12 - 2020-05-15 10:12 - 000000000 ____D C:\SystemID 2020-05-15 10:11 - 2020-05-15 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoMedia 2020-05-15 10:11 - 2020-05-15 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2020-05-15 10:11 - 2020-05-15 10:11 - 000000000 ____D C:\Program Files (x86)\DVDVideoMedia 2020-05-15 10:11 - 2020-05-15 10:11 - 000000000 ____D C:\Program Files (x86)\AVS4YOU 2020-05-15 10:11 - 2020-05-15 10:11 - 000000000 _____ C:\Users\Gracz\Documents\Counter Blox hack.rar 2020-05-15 10:11 - 2010-05-11 13:17 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2020-05-15 09:11 - 2020-05-15 22:48 - 000291024 _____ C:\Users\Gracz\Downloads\KExploit_v4.2.0.zip 2020-05-10 09:19 - 2020-05-10 09:19 - 001006656 _____ (BlueStack Systems Inc.) C:\Users\Gracz\Downloads\BlueStacksMicroInstaller_4.200.0.5201_native.exe 2020-05-09 22:58 - 2020-05-09 22:58 - 000002183 _____ C:\Users\Gracz\Desktop\Brawl Stars.lnk 2020-05-08 16:42 - 2020-05-08 16:42 - 000301531 _____ C:\Users\Gracz\Downloads\ul. Wojanowska 44.pdf 2020-05-08 16:42 - 2020-05-08 16:42 - 000301531 _____ C:\Users\Gracz\Downloads\ul. Wojanowska 44(1).pdf 2020-04-29 11:28 - 2020-04-29 11:28 - 000000000 ____D C:\Users\Gracz\AppData\Local\Speech Graphics 2020-04-26 08:31 - 2020-04-26 08:31 - 000000000 ____D C:\Users\Gracz\Desktop\Tor Browser 2020-04-26 08:30 - 2020-04-26 08:31 - 068183384 _____ C:\Users\Gracz\Downloads\torbrowser-install-win64-9.0.9_en-US.exe 2020-04-25 13:41 - 2020-04-25 13:41 - 000266258 _____ C:\Users\Gracz\Downloads\756-protanki.rar 2020-04-25 13:41 - 2020-04-25 13:41 - 000000000 ____D C:\Users\Gracz\Downloads\756-protanki 2020-04-23 18:23 - 2020-04-23 12:01 - 004256768 _____ C:\Users\Gracz\Desktop\TundraSky 1.9m x64.exe 2020-04-23 18:22 - 2020-04-23 18:22 - 009912527 _____ C:\Users\Gracz\Downloads\Tundras 23.04.20.zip 2020-04-23 18:16 - 2020-04-23 18:16 - 010407129 _____ C:\Users\Gracz\Downloads\393-tundra-exe.rar 2020-04-23 18:14 - 2020-04-23 18:14 - 004094897 _____ C:\Users\Gracz\Downloads\TundraSky170m.zip 2020-04-21 17:51 - 2020-04-21 17:51 - 000846771 _____ C:\Users\Gracz\Downloads\Dzieci-Trening-kontroli-zlosci1.pdf 2020-04-21 17:51 - 2020-04-21 17:51 - 000846771 _____ C:\Users\Gracz\Downloads\Dzieci-Trening-kontroli-zlosci1(1).pdf 2020-04-20 09:53 - 2020-04-20 09:53 - 097813672 _____ (Microsoft Corporation) C:\Users\Gracz\Downloads\Teams_windows_x64(1).exe 2020-04-19 07:44 - 2020-04-19 07:44 - 000000000 ____D C:\ProgramData\obs-studio-hook 2020-04-19 07:41 - 2020-04-19 07:41 - 073458888 _____ (obsproject.com) C:\Users\Gracz\Downloads\OBS-Studio-25.0.1-Full-Installer-x64.exe 2020-04-18 18:53 - 2020-04-18 18:53 - 000419915 _____ C:\Users\Gracz\Downloads\wyjatki_po_14-04(1).pdf 2020-04-18 18:52 - 2020-04-18 18:52 - 000419915 _____ C:\Users\Gracz\Downloads\wyjatki_po_14-04.pdf 2020-04-18 07:13 - 2020-04-18 07:13 - 000001987 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk 2020-04-17 19:44 - 2020-04-17 19:44 - 000000000 _____ C:\Windows\system32\last.dump 2020-04-17 19:44 - 2020-04-17 19:20 - 000337592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2020-04-17 19:20 - 2020-04-17 19:20 - 000235768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2020-04-17 19:20 - 2020-04-17 19:20 - 000175984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2020-04-17 19:18 - 2020-04-17 19:18 - 000268624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Gracz\Downloads\avg_antivirus_free_setup.exe 2020-04-17 11:56 - 2020-04-17 11:56 - 000002197 _____ C:\Users\Gracz\Desktop\Clash of Clans.lnk 2020-04-17 11:41 - 2020-05-16 14:59 - 000002966 _____ C:\Windows\system32\Tasks\BlueStacksHelper 2020-04-17 11:38 - 2020-04-17 11:38 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk 2020-04-17 11:38 - 2020-04-17 11:38 - 000002073 _____ C:\Users\Public\Desktop\BlueStacks Multi-Instance Manager.lnk 2020-04-17 11:38 - 2020-04-17 11:38 - 000001782 _____ C:\Users\Public\Desktop\BlueStacks.lnk 2020-04-17 11:38 - 2020-04-17 11:38 - 000001764 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk 2020-04-17 11:37 - 2020-04-17 11:38 - 000000000 ____D C:\ProgramData\BlueStacks 2020-04-17 11:37 - 2020-04-17 11:37 - 000000000 ____D C:\Program Files\BlueStacks 2020-04-17 11:36 - 2020-04-17 11:37 - 000000000 ____D C:\Users\Public\BlueStacks 2020-04-17 11:36 - 2020-04-17 11:36 - 000000000 ____D C:\Users\Gracz\AppData\Local\BlueStacksSetup 2020-04-17 11:36 - 2020-04-17 11:36 - 000000000 ____D C:\Users\Gracz\AppData\Local\Bluestacks 2020-04-17 11:35 - 2020-04-17 11:35 - 000998072 _____ (BlueStack Systems Inc.) C:\Users\Gracz\Downloads\BlueStacksInstaller_4.190.0.5002_native_538a8216f0cf0c42633b20f537a19bbd.exe ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-05-16 15:13 - 2019-12-21 12:05 - 000000000 ____D C:\Users\Gracz\AppData\LocalLow\Mozilla 2020-05-16 15:13 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-05-16 14:59 - 2020-03-21 22:19 - 000003810 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-05-16 14:59 - 2020-03-21 22:19 - 000003504 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2020-05-16 14:59 - 2019-12-22 11:05 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2020-05-16 14:59 - 2019-12-21 12:34 - 000002456 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2020-05-16 14:59 - 2019-12-21 12:34 - 000002388 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate 2020-05-16 14:59 - 2019-12-21 12:34 - 000002374 _____ C:\Windows\system32\Tasks\StartCNBM 2020-05-16 14:59 - 2019-12-21 12:34 - 000002202 _____ C:\Windows\system32\Tasks\StartCN 2020-05-16 14:59 - 2019-12-21 12:34 - 000002122 _____ C:\Windows\system32\Tasks\StartDVR 2020-05-16 14:59 - 2019-12-21 12:08 - 000003250 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update 2020-05-16 14:59 - 2019-12-21 11:55 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-05-16 14:59 - 2019-12-21 11:54 - 000003194 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-05-16 14:59 - 2019-12-21 11:54 - 000002238 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-05-16 14:59 - 2019-12-21 10:50 - 000003118 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification 2020-05-16 14:59 - 2019-12-21 10:37 - 000002862 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1151972069-3515115555-2733446453-1001 2020-05-16 14:19 - 2019-12-21 12:07 - 000000000 ____D C:\ProgramData\AVG 2020-05-16 14:18 - 2019-12-21 10:31 - 000639088 _____ C:\Windows\system32\FNTCACHE.DAT 2020-05-16 14:18 - 2019-12-21 10:31 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-05-16 14:17 - 2019-12-21 10:44 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2020-05-16 14:17 - 2019-03-19 06:37 - 000524288 _____ C:\Windows\system32\config\BBI 2020-05-16 13:56 - 2020-01-18 16:13 - 000000008 __RSH C:\ProgramData\ntuser.pol 2020-05-16 13:56 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF 2020-05-16 13:54 - 2019-12-21 11:55 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-05-16 13:54 - 2019-03-19 06:52 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2020-05-16 13:54 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2020-05-16 13:51 - 2019-12-21 12:12 - 000000000 ____D C:\Users\Gracz\Desktop\wot_mody 2020-05-16 13:50 - 2020-03-31 15:47 - 000000000 ____D C:\Users\Gracz\Desktop\Nowy folder (2) 2020-05-16 13:25 - 2019-12-22 13:32 - 000000000 ____D C:\Users\Gracz\AppData\Local\CrashDumps 2020-05-16 11:10 - 2019-12-21 13:59 - 000000000 ____D C:\Program Files (x86)\Steam 2020-05-16 10:54 - 2020-04-11 18:47 - 000000219 _____ C:\Users\Gracz\Desktop\Team Fortress 2.url 2020-05-16 09:40 - 2019-12-21 10:31 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-05-15 15:59 - 2020-01-16 18:01 - 000000000 ____D C:\Users\Gracz\AppData\Roaming\uTorrent 2020-05-15 15:59 - 2019-12-22 17:57 - 000000000 ____D C:\Users\Gracz\AppData\Roaming\TS3Client 2020-05-15 10:29 - 2019-12-21 11:54 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-05-15 10:15 - 2019-03-19 06:37 - 016252928 _____ C:\Windows\system32\config\BCD00000000 2020-05-15 10:13 - 2020-03-22 11:35 - 000000000 ____D C:\Plugins 2020-05-15 10:13 - 2019-12-21 14:06 - 000000000 ____D C:\Wargaming.net 2020-05-15 10:13 - 2019-12-21 12:31 - 000000000 ____D C:\AMD 2020-05-15 10:13 - 2019-12-21 10:48 - 000000000 ____D C:\MSI 2020-05-15 10:13 - 2019-12-21 10:33 - 000000000 ____D C:\Users\Gracz\AppData\Local\VirtualStore 2020-05-15 10:13 - 2019-12-21 10:33 - 000000000 ____D C:\Users\Gracz 2020-05-15 10:12 - 2019-03-19 06:37 - 016375808 _____ C:\Windows\system32\C_3389.NLS 2020-05-15 10:11 - 2019-12-21 11:55 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-05-14 15:19 - 2019-12-24 19:42 - 000001248 _____ C:\Users\Gracz\Desktop\Roblox Studio.lnk 2020-05-14 15:19 - 2019-12-24 19:42 - 000000000 ____D C:\Users\Gracz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2020-05-14 15:19 - 2019-12-21 10:45 - 000000000 ____D C:\Users\Gracz\AppData\Local\D3DSCache 2020-05-13 23:28 - 2019-12-21 13:56 - 000000000 ____D C:\Users\Gracz\AppData\Roaming\vlc 2020-05-13 20:54 - 2019-12-22 17:57 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client 2020-05-12 21:46 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-05-12 21:46 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\Macromed 2020-05-12 16:31 - 2019-12-21 12:12 - 000000000 ____D C:\Users\Gracz\Desktop\DrWebber 2020-05-12 16:09 - 2019-12-21 10:37 - 000000000 ___RD C:\Users\Gracz\OneDrive 2020-05-12 16:09 - 2019-12-21 10:33 - 000002411 _____ C:\Users\Gracz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-05-12 15:54 - 2020-04-12 20:45 - 000000000 ____D C:\Users\Gracz\AppData\Roaming\Modinstaller 2020-05-11 20:31 - 2019-12-22 13:37 - 000000000 ____D C:\Users\Gracz\AppData\Local\ElevatedDiagnostics 2020-05-11 16:39 - 2020-01-25 18:04 - 000000000 ____D C:\Users\Gracz\AppData\Roaming\obs-studio 2020-05-10 09:02 - 2020-03-29 16:55 - 000000000 ____D C:\Users\Gracz\AppData\Roaming\.minecraft 2020-05-10 09:01 - 2020-04-03 15:09 - 000000000 ____D C:\Program Files\Microsoft Office 2020-05-08 20:51 - 2019-12-21 11:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-05-08 20:50 - 2019-12-21 11:55 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-05-04 09:57 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2020-05-03 15:34 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\NDF 2020-05-01 15:48 - 2019-12-25 16:59 - 000000000 ____D C:\Users\Gracz\AppData\Local\NVIDIA Corporation 2020-05-01 07:18 - 2020-04-03 20:34 - 000000000 ____D C:\Users\Gracz\AppData\LocalLow\uTorrent 2020-05-01 07:17 - 2020-01-16 18:02 - 000000000 ____D C:\Users\Gracz\AppData\Local\BitTorrentHelper 2020-04-30 15:18 - 2019-12-21 11:58 - 000000000 ____D C:\Users\Gracz\AppData\Roaming\AIMP 2020-04-25 12:34 - 2020-01-04 20:32 - 000000000 ____D C:\Users\Gracz\AppData\Roaming\GG 2020-04-22 15:45 - 2019-12-21 12:12 - 000000000 ____D C:\Users\Gracz\Documents\Euro Truck Simulator 2 2020-04-19 07:44 - 2020-01-25 18:04 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2020-04-18 07:13 - 2020-02-08 08:41 - 000001999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk 2020-04-17 19:44 - 2019-03-19 06:52 - 000000000 ___HD C:\Windows\ELAMBKUP 2020-04-17 19:21 - 2019-12-21 12:07 - 000459992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys 2020-04-17 19:20 - 2020-01-31 22:54 - 000037960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys 2020-04-17 19:20 - 2019-12-21 12:07 - 000852392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2020-04-17 19:20 - 2019-12-21 12:07 - 000317864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys 2020-04-17 19:20 - 2019-12-21 12:07 - 000234840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys 2020-04-17 19:20 - 2019-12-21 12:07 - 000206672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys 2020-04-17 19:20 - 2019-12-21 12:07 - 000179032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys 2020-04-17 19:20 - 2019-12-21 12:07 - 000110064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2020-04-17 19:20 - 2019-12-21 12:07 - 000085664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2020-04-17 19:20 - 2019-12-21 12:07 - 000061272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys 2020-04-17 19:20 - 2019-12-21 12:07 - 000043568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys 2020-04-17 19:19 - 2019-12-21 12:07 - 000000000 ____D C:\Program Files\AVG 2020-04-17 14:25 - 2019-12-21 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2020-04-16 18:08 - 2020-04-15 09:55 - 000002368 _____ C:\Users\Gracz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2020-04-16 18:08 - 2020-04-15 09:55 - 000002360 _____ C:\Users\Gracz\Desktop\Microsoft Teams.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-05-15 10:18 - 2020-05-15 16:26 - 000000004 _____ () C:\ProgramData\lock.dat 2020-05-15 10:12 - 2020-05-15 10:12 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2020-05-15 10:12 - 2020-05-15 10:12 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2020-05-15 10:19 - 2020-05-15 16:48 - 000000004 _____ () C:\ProgramData\rc.dat 2020-05-15 10:18 - 2020-05-15 10:18 - 000000008 _____ () C:\ProgramData\ts.dat 2020-05-15 10:12 - 2020-05-15 10:12 - 000000049 _____ () C:\Users\Gracz\AppData\Local\script.ps1 2020-01-06 18:10 - 2020-03-19 20:17 - 000000019 _____ () C:\Users\Gracz\AppData\Local\tkeys.txt ==================== FLock ============================== 2020-05-16 14:17 C:\Windows\system32\config\SYSTEM 2020-05-15 10:12 C:\Windows\system32\Drivers\Wdf62161.sys ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================