Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-08-2020 Uruchomiony przez Bolec (administrator) BOLEC-KOMPUTER (MSI MS-7821) (05-08-2020 16:18:45) Uruchomiony z G:\Downloads Załadowane profile: Bolec Platform: Windows 10 Pro Wersja 1903 18362.657 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Electronic Arts, Inc. -> Electronic Arts) G:\Gry\Origin\OriginWebHelperService.exe (eSim Games, LLC -> eSim Games) G:\Gry\eSim Games\Steel Beasts Map Tools\Service\WindowsService.exe (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe (Guillemot Corporation -> Guillemot Corporation) C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe (Guillemot Recherche et Développement, Inc -> Thrustmaster®) C:\Program Files\Thrustmaster\Hotas Warthog\drivers\amd64\tmAInstall.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\DirectOutput\DirectOutputService.exe (Logitech) [Brak podpisu cyfrowego] C:\Program Files\Logitech\Flight Rudder Pedals\RudderPedals_Profiler.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.320.6242.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.320.6242.0_x64__8wekyb3d8bbwe\GameBarFT.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.320.6242.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2> (Mozilla Corporation -> Mozilla Corporation) G:\Programy\Mozilla Firefox\firefox.exe <13> (Nullsoft Inc. -> Nullsoft, Inc.) G:\Programy\Winamp\winamp.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\NVDisplay.Container.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (Sony) [Brak podpisu cyfrowego] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [X52 Professional] => C:\Program Files\Logitech\X52 Professional\X52Pro_Profiler.exe [27136 2017-05-17] (Logitech) [Brak podpisu cyfrowego] HKLM\...\Run: [Flight Rudder Pedals] => C:\Program Files\Logitech\Flight Rudder Pedals\RudderPedals_Profiler.exe [19968 2018-02-14] (Logitech) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-226881973-3223514637-4079416843-1000\...\Run: [Steam] => G:\Gry\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation) HKU\S-1-5-21-226881973-3223514637-4079416843-1000\...\Run: [GG] => C:\Users\Bolec\AppData\Local\GG\Application\gghub.exe [4078144 2018-12-26] (GG Network S.A. -> GG Network S.A.) HKU\S-1-5-21-226881973-3223514637-4079416843-1000\...\Run: [Discord] => C:\Users\Bolec\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-226881973-3223514637-4079416843-1000\...\Run: [DAEMON Tools Lite Automount] => G:\Programy\DAEMON Tools Lite\DTAgent.exe [5230784 2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-226881973-3223514637-4079416843-1000\...\Run: [EADM] => G:\Gry\Origin\Origin.exe [3143456 2020-07-24] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-226881973-3223514637-4079416843-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-226881973-3223514637-4079416843-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91584872 2020-03-12] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-226881973-3223514637-4079416843-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2347872 2018-12-12] (Sony Mobile Communications AB -> Sony) HKU\S-1-5-21-226881973-3223514637-4079416843-1000\...\Run: [Gaijin.Net Updater] => C:\Users\Bolec\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-12-25] (Gaijin Network LTD -> Gaijin Entertainment) HKU\S-1-5-21-226881973-3223514637-4079416843-1000\...\MountPoints2: {f867df6e-ddd3-11e7-86dd-806e6f6e6963} - "D:\setup.exe" HKLM\...\Windows x64\Print Processors\hpfpp70v: C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll [248320 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\hpf3l70v.dll: C:\Windows\system32\hpf3l70v.dll [136704 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.105\Installer\chrmstp.exe [2020-07-29] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-06-02] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) Startup: C:\Users\Bolec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2019-12-13] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {037A97D0-17BB-4E2B-A3FA-F3A06A1AFEE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-04-05] (Google Inc -> Google LLC) Task: {03A76BA4-7D3D-4312-8D2D-219102B6AFD3} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-15] (Adobe Inc. -> Adobe) Task: {04D52492-98C7-4154-8C89-FB697C2CD718} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0604BB2B-7C18-4B03-9919-ECAF5A47EF70} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {07F21EFB-48CD-429F-9065-6E3FE753CF1B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2B3CF055-4310-40FE-B7C2-E36B4BA45E10} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3A32F8F2-76E9-4132-B64B-7F247FCD03BC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3A4E50D9-3C23-4E37-8FB3-D191085C6E54} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3B85AF50-FAFA-4217-90EF-202053E56CDD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3EFED1B7-CF4C-4080-B6C1-BCEE910C19C0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {418559F6-BE98-4E60-AECB-C0DCFCD8291E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe) Task: {4678C1CD-68AC-41C6-9FBB-0DA31A11239B} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4E4BA1A5-D961-4767-90C0-5B8F332B36B2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5FD50B95-5D84-4303-A07A-7483586F284A} - \Microsoft\Windows\Setup\EOSNotify -> Brak pliku <==== UWAGA Task: {6ABE59FD-0781-414C-AFEE-B25255230808} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {70037B82-B941-4CEA-9FA2-C02E4BBB975A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9A608C1C0CB925C5 => G:\Programy\Mozilla Firefox\default-browser-agent.exe [123600 2020-07-30] (Mozilla Corporation -> Mozilla Foundation) Task: {761A805A-98E4-4293-A969-C26A822F5C35} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {76482F70-5195-4884-9C6F-A8E8815D6A6B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.) Task: {795F94ED-F3AE-44CF-896B-5F48E4CBF43E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {79FBEB4E-53A7-4A5D-99E4-C810CF147971} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {815C716B-BDC0-4078-92C9-3FB8AD5AD3F4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {861C8752-F7F8-484A-BBBF-F6A02C7261A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8756D599-84A0-40C8-8306-F51496771DE3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {8A2F9243-7F29-4027-81E4-C6797B1C7E78} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {8C130B0C-80A9-4882-BF3E-187AEC001261} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9846E6AA-C4C7-4A33-9B1A-80B34D02ECAA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9FE241CF-E02A-4DBB-AA12-31B0581E24AF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A1785109-76B8-45C2-A0DF-95A68CC3CEE2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {A1B490BE-562A-4029-AF4B-E649714A96E4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A799A1D7-B315-4BBE-80E4-9BFD099CCB49} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AE10BBAE-2F65-48D8-9B1E-D72D17A2C756} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AE68A380-AB50-457D-8C31-C986C9CDE534} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {AEF43A30-61C4-42AD-BA03-DD8B73B18C84} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {B09BFBB4-4847-41D4-9E37-8A1CA99FF08D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-04-05] (Google Inc -> Google LLC) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B1C9FA92-4157-4BF9-A0DA-F7F92BC46FDD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B2EA7CDB-4966-4850-AF88-72B5196D70B4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B81ED49B-EA51-4A2C-969B-8DB2753407C2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {BC9BBEC6-542C-4CEA-BFC6-FF2F4DD47F87} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {C054611B-EFA5-4941-96AB-78B0B39F02C7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C5F7C289-20CB-4325-95FC-FBED6D58EEA4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CC024874-FC2F-4261-9495-02DFE9342C67} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {D355E63F-CA64-4D43-8B32-D96949218F4F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D3993275-D22C-4620-AFF6-947119FC7951} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {D739CCB7-E412-4CE1-AC4C-3527664B29C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D7C47F3D-2749-4F23-8D63-E1FE6E60E955} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {D9181E11-C413-464D-921A-E63305B6824C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {E13C1F11-0696-49AC-A297-F8E319235B15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F0F26A51-BBBC-47F5-B897-5DA823C79220} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F9C725C5-BD84-4C72-A1E5-CBB6D9608EA6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{b28e784f-5b67-4aed-b0cd-13d0f97e84fc}: [DhcpNameServer] 192.168.100.1 Internet Explorer: ================== HKU\S-1-5-21-226881973-3223514637-4079416843-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-04-25 12:28:38&bName= SearchScopes: HKU\S-1-5-21-226881973-3223514637-4079416843-1000 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms} BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-02] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-02] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: u2313qu0.default-1557331480265 FF ProfilePath: C:\Users\Bolec\AppData\Roaming\Mozilla\Firefox\Profiles\j93mge68.default-release [2020-07-27] FF Homepage: Mozilla\Firefox\Profiles\j93mge68.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-04-25 12:28:38&bName= FF NewTab: Mozilla\Firefox\Profiles\j93mge68.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-04-25 12:28:38&bName= FF ProfilePath: C:\Users\Bolec\AppData\Roaming\Mozilla\Firefox\Profiles\u2313qu0.default-1557331480265 [2020-08-05] FF DownloadDir: G:\Downloads FF Homepage: Mozilla\Firefox\Profiles\u2313qu0.default-1557331480265 -> hxxps://www.google.pl/ FF NewTab: Mozilla\Firefox\Profiles\u2313qu0.default-1557331480265 -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-04-25 12:28:38&bName= FF Notifications: Mozilla\Firefox\Profiles\u2313qu0.default-1557331480265 -> hxxps://badoo.com; hxxps://fotka.com; hxxps://eu1.badoo.com FF Extension: (uBlock Origin) - C:\Users\Bolec\AppData\Roaming\Mozilla\Firefox\Profiles\u2313qu0.default-1557331480265\Extensions\uBlock0@raymondhill.net.xpi [2020-02-08] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-15] (Adobe Inc. -> ) FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation -> Cuminas Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-15] (Adobe Inc. -> ) FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation -> Cuminas Corporation) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Brak podpisu cyfrowego] FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) StartMenuInternet: Firefox-9A608C1C0CB925C5 - G:\Programy\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\Bolec\AppData\Local\Google\Chrome\User Data\Default [2020-07-27] CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Extension: (Prezentacje) - C:\Users\Bolec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-05] CHR Extension: (Dokumenty) - C:\Users\Bolec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-05] CHR Extension: (Dysk Google) - C:\Users\Bolec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-05] CHR Extension: (YouTube) - C:\Users\Bolec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-05] CHR Extension: (Arkusze) - C:\Users\Bolec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-05] CHR Extension: (Dokumenty Google offline) - C:\Users\Bolec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-05] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Bolec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-05] CHR Extension: (Gmail) - C:\Users\Bolec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-05] CHR Extension: (Chrome Media Router) - C:\Users\Bolec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-05] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe) R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9824672 2019-10-17] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) S3 Disc Soft Lite Bus Service; G:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3128000 2017-12-15] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 Origin Client Service; G:\Gry\Origin\OriginClientService.exe [2510136 2020-07-24] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; G:\Gry\Origin\OriginWebHelperService.exe [3462464 2020-07-24] (Electronic Arts, Inc. -> Electronic Arts) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2018-02-24] (Even Balance, Inc. -> ) R2 SaiDOutput; C:\Program Files\Logitech\DirectOutput\DirectOutputService.exe [255608 2017-05-17] (Logitech Inc -> Logitech) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 tmAInstall; C:\Program Files\Thrustmaster\Hotas Warthog\drivers\amd64\tmAInstall.exe [38408 2018-03-01] (Guillemot Recherche et Développement, Inc -> Thrustmaster®) R2 TmWinService; C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe [315944 2016-10-31] (Guillemot Corporation -> Guillemot Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation) R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2191360 2018-12-12] (Sony) [Brak podpisu cyfrowego] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem R2 SBMapPackageDownloadService; G:\Gry\eSim Games\Steel Beasts Map Tools\Service\WindowsService.exe --logpath="C:\ProgramData\eSim Games\Steel Beasts Map Tools\logs" --configpath="G:\Gry\eSim Games\Steel Beasts Map Tools\Service\config" ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-01-05] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-01-05] (Disc Soft Ltd -> Disc Soft Ltd) R3 LSaiMini; C:\WINDOWS\System32\drivers\LSaiMini.sys [20720 2017-05-17] (WDKTestCert SYSTEM,131245371151827277 -> Logitech) R3 LSaiNtBus; C:\WINDOWS\system32\drivers\LSaiBus.sys [60336 2017-05-17] (WDKTestCert SYSTEM,131245371151827277 -> Logitech) R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1AEE8579-7300-4C2E-92FB-9E6FE9DA5F8D}\MpKslDrv.sys [73952 2020-08-05] (Microsoft Windows -> Microsoft Corporation) R3 SaiK0763; C:\WINDOWS\system32\DRIVERS\SaiK0763.sys [217408 2018-02-14] (WDKTestCert SYSTEM,131245371151827277 -> Logitech) R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2016-01-27] (Madcatz Europe Ltd -> Saitek) R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51616 2016-01-27] (Madcatz Europe Ltd -> Saitek) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 TmBusEn; C:\WINDOWS\System32\drivers\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation -> Guillemot Corporation) R3 TmBusEn; C:\Windows\SysWOW64\drivers\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation -> Guillemot Corporation) S3 TmFilter; C:\WINDOWS\System32\drivers\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation -> Guillemot Corporation) S3 TmFilter; C:\Windows\SysWOW64\drivers\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation -> Guillemot Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [78216 2020-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [430320 2020-07-25] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-07-25] (Microsoft Windows -> Microsoft Corporation) U3 fxdyrkog; C:\Users\Bolec\AppData\Local\Temp\fxdyrkog.sys [56584 2020-08-05] (GMEREK Systemy Komputerowe Przemyslaw Gmerek -> GMER) [Brak podpisu cyfrowego] <==== UWAGA S1 ESProtectionDriver; \??\C:\WINDOWS\system32\drivers\mbae64.sys [X] U3 idsvc; Brak ImagePath S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X] S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X] S3 MBAMProtection; \??\C:\WINDOWS\system32\DRIVERS\mbam.sys [X] S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-08-05 16:11 - 2020-08-05 16:19 - 000000000 ____D C:\FRST 2020-08-01 18:29 - 2020-08-01 18:29 - 000466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll 2020-08-01 18:29 - 2020-08-01 18:29 - 000444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll 2020-08-01 18:29 - 2020-08-01 18:29 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll 2020-08-01 18:29 - 2020-08-01 18:29 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll 2020-08-01 18:29 - 2020-08-01 18:29 - 000000000 ____D C:\Program Files (x86)\OpenAL 2020-08-01 18:29 - 2019-04-28 14:05 - 000002170 _____ C:\Users\Bolec\Desktop\fsgame.ltx 2020-07-31 18:46 - 2020-07-31 18:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-07-27 12:35 - 2020-07-27 12:47 - 000000000 ___HD C:\$SysReset 2020-07-27 12:35 - 2020-07-27 12:38 - 000000000 ____D C:\$Windows.~BT 2020-07-27 03:28 - 2020-07-27 03:28 - 000023768 _____ C:\Users\Bolec\Documents\cc_20200727_032831.reg 2020-07-18 09:21 - 2020-07-18 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net 2020-07-18 09:17 - 2020-07-07 17:47 - 001780952 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2020-07-18 09:17 - 2020-07-07 17:47 - 001780952 _____ C:\WINDOWS\system32\vulkaninfo.exe 2020-07-18 09:17 - 2020-07-07 17:47 - 001371352 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-07-18 09:17 - 2020-07-07 17:47 - 001371352 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2020-07-18 09:17 - 2020-07-07 17:47 - 001086680 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2020-07-18 09:17 - 2020-07-07 17:47 - 001086680 _____ C:\WINDOWS\system32\vulkan-1.dll 2020-07-18 09:17 - 2020-07-07 17:47 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2020-07-18 09:17 - 2020-07-07 17:47 - 000946392 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2020-07-18 09:17 - 2020-07-07 17:47 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2020-07-18 09:17 - 2020-07-07 17:47 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2020-07-18 09:17 - 2020-07-07 17:46 - 000674016 _____ C:\WINDOWS\system32\nvofapi64.dll 2020-07-18 09:17 - 2020-07-07 17:46 - 000541928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 006652824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 005883288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 005500144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 003901680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 002367728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 002076568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 001569688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 001486736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 001146256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 001017744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 000812440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 000670608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 000655600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 000581864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2020-07-18 09:17 - 2020-07-07 17:45 - 000555920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2020-07-18 09:17 - 2020-07-07 17:45 - 000444824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2020-07-18 09:17 - 2020-07-07 17:44 - 005399816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2020-07-18 09:17 - 2020-07-07 17:44 - 004716176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2020-07-18 09:17 - 2020-07-07 17:44 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2020-07-18 09:17 - 2020-07-06 02:40 - 000078796 _____ C:\WINDOWS\system32\nvinfo.pb 2020-07-16 18:06 - 2020-07-16 18:06 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-07-16 18:06 - 2020-07-16 18:06 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-07-15 18:44 - 2020-07-15 18:44 - 009585208 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2020-07-12 16:04 - 2020-07-12 16:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-226881973-3223514637-4079416843-1000 2020-07-11 20:20 - 2020-07-11 21:13 - 000000841 _____ C:\Users\Public\Desktop\MISERY 2.2.1 + GUNSLINGER Mod.lnk 2020-07-11 20:20 - 2020-07-11 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MISERY 2.2.1 + GUNSLINGER Mod ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-08-05 16:09 - 2018-03-14 20:21 - 000000000 ____D C:\Users\Bolec\AppData\Roaming\Origin 2020-08-05 16:09 - 2017-12-16 05:35 - 000000000 ____D C:\ProgramData\Origin 2020-08-05 15:27 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-08-05 15:25 - 2017-12-22 16:57 - 000226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2020-08-05 15:20 - 2017-12-22 16:57 - 000226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2020-08-05 14:22 - 2018-03-14 21:16 - 000000000 ____D C:\Program Files (x86)\Origin Games 2020-08-05 14:20 - 2017-12-07 20:28 - 000000000 ____D C:\Users\Bolec\AppData\LocalLow\Mozilla 2020-08-05 14:19 - 2018-03-14 20:17 - 000000000 ____D C:\Users\Bolec\AppData\Local\Origin 2020-08-05 14:16 - 2017-12-07 20:34 - 000000000 ____D C:\ProgramData\NVIDIA 2020-08-05 14:00 - 2019-08-12 18:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-08-05 13:59 - 2019-03-19 06:37 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2020-08-05 13:56 - 2019-08-12 18:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-08-05 00:18 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-08-04 23:52 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-08-04 23:52 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-08-04 13:23 - 2019-08-12 17:51 - 000000000 ____D C:\Users\Bolec 2020-08-03 02:04 - 2017-12-10 02:23 - 000000000 ____D C:\Users\Bolec\AppData\Roaming\discord 2020-08-02 23:20 - 2019-08-12 18:54 - 000004222 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0A3FC41E-26B4-42DD-9164-88ABA527607F} 2020-08-01 15:00 - 2018-01-21 00:22 - 000000000 ____D C:\Users\Bolec\AppData\Local\CrashDumps 2020-08-01 00:26 - 2019-12-01 11:31 - 000000068 ___SH C:\WINDOWS\system32\Drivers\WUDFRd.winsecurity 2020-08-01 00:10 - 2019-12-01 11:31 - 000000068 ___SH C:\WINDOWS\system32\Drivers\wof.winsecurity 2020-07-31 01:20 - 2018-01-31 16:05 - 000000000 ____D C:\Users\Bolec\Documents\Tacview 2020-07-29 22:26 - 2020-04-05 11:14 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-07-29 22:26 - 2020-04-05 11:14 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-07-27 09:58 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF 2020-07-27 00:53 - 2018-01-14 19:08 - 000000000 ____D C:\Program Files\CCleaner 2020-07-25 13:46 - 2018-02-25 00:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-07-22 22:18 - 2019-08-12 18:54 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-226881973-3223514637-4079416843-1000 2020-07-22 22:18 - 2019-08-12 17:51 - 000002451 _____ C:\Users\Bolec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-07-22 22:18 - 2017-12-10 20:44 - 000000000 ___RD C:\Users\Bolec\OneDrive 2020-07-18 17:51 - 2019-08-12 18:50 - 000006890 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-07-18 17:51 - 2019-03-19 14:24 - 000972646 _____ C:\WINDOWS\system32\perfh015.dat 2020-07-18 17:51 - 2019-03-19 14:24 - 000217518 _____ C:\WINDOWS\system32\perfc015.dat 2020-07-18 17:39 - 2020-04-14 21:15 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2020-07-18 10:43 - 2017-12-07 20:33 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2020-07-18 10:43 - 2017-12-07 20:32 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2020-07-18 10:43 - 2017-12-07 20:31 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-07-18 10:17 - 2019-07-28 23:56 - 000000000 ____D C:\Users\Bolec\AppData\Local\NVIDIA Corporation 2020-07-18 08:53 - 2018-09-29 13:43 - 000000000 ____D C:\Users\Bolec\AppData\Roaming\Skype 2020-07-15 18:45 - 2019-08-12 18:54 - 000004686 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-07-15 18:44 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-07-15 18:44 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-07-12 16:36 - 2019-01-08 19:30 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DCS-SRS Client.lnk 2020-07-12 15:59 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-07-12 15:19 - 2019-08-12 18:54 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-07-11 19:19 - 2017-12-07 23:27 - 000000000 ____D C:\Users\Bolec\AppData\Roaming\TS3Client 2020-07-11 17:56 - 2017-12-07 20:43 - 000000000 ____D C:\Users\Bolec\AppData\Roaming\qBittorrent 2020-07-11 10:27 - 2017-12-07 20:41 - 000000000 ____D C:\Users\Bolec\Documents\opentrack-2.3 2020-07-10 18:57 - 2019-08-12 18:54 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-05-30 12:40 - 2019-05-30 12:40 - 050616672 _____ (Sony) C:\Users\Bolec\AppData\Local\pcc.exe 2018-01-22 00:05 - 2018-01-31 22:13 - 000007614 _____ () C:\Users\Bolec\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================