Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-11-2020 Uruchomiony przez Attence (administrator) ATTENCE-KONKUTE (16-11-2020 11:30:53) Uruchomiony z C:\Users\Attence\AppData\Local\Temp\scoped_dir4068_691906851 Załadowane profile: Attence Platform: Windows 10 Pro Wersja 1909 18363.1139 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Users\Attence\Desktop\WoNO v11\WoNO.exe (1ncrivel Sistemas LTDA -> ) C:\Windows\System32\service.notification.center.exe (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] D:\amd\ATI.ACE\Fuel\Fuel.Service.exe (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Opera Software AS -> Opera Software) C:\Users\Attence\AppData\Local\Programs\Opera\72.0.3815.320\opera.exe <28> (Opera Software AS -> Opera Software) C:\Users\Attence\AppData\Local\Programs\Opera\72.0.3815.320\opera_crashreporter.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [266624 2020-10-09] (Razer USA Ltd. -> Razer Inc.) HKLM-x32\...\Run: [StartCCC] => D:\amd\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\Run: [Steam] => D:\Steam\steam.exe [3395360 2020-09-03] (Valve -> Valve Corporation) HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\Run: [Discord] => C:\Users\Attence\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\Run: [EpicGamesLauncher] => D:\epicgames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32350096 2020-07-05] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514096 2020-10-19] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\Run: [Opera Browser Assistant] => C:\Users\Attence\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3152920 2020-11-10] (Opera Software AS -> Opera Software) HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32281272 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-18\...\Run: [] => [X] HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3514096 2020-10-19] (Razer USA Ltd. -> Razer Inc.) HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\Users\Attence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-09-10] ShortcutTarget: Twitch.lnk -> C:\Users\Attence\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {075D484E-284A-4343-B038-628E2502D348} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0AF31E9B-AE63-4E54-B50C-238E286C235A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {0C4B8AC7-B86A-4709-91C8-48215B5A2C52} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {118657A9-066C-47D2-9252-C13D7F8968AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {28587F7E-8E0F-4E99-A7A4-7066561D8D8A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {2DDEC368-F9BE-41D3-90FA-8F6A24CA845F} - System32\Tasks\Notification Center => C:\ProgramData\Notification Center\service.notification.updater.exe [489992 2020-04-27] (1ncrivel Sistemas LTDA -> ) Task: {32845876-89DF-48A3-8C65-D350DB808145} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {37A8B6DC-CABF-4981-BE74-588862609B39} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {409ED667-E52D-47C8-AC34-004A86635306} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB} Task: {4E22039A-5562-4420-9902-D9CD797362E9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4F21326F-276D-4C78-A47F-533107B18EDA} - System32\Tasks\Driver Booster SkipUAC (Attence) => C:\Program Files (x86)\IObit\Driver Booster\8.0.2\DriverBooster.exe [8075024 2020-10-12] (IObit Information Technology -> IObit) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5C65D5E8-88D5-4890-9EFD-AD330D145897} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} Task: {65564751-675F-402A-BFCD-D61F88CA1905} - \Outbyte\PC Repair\DailyTip -> Brak pliku <==== UWAGA Task: {658F07B5-7A41-4381-8221-6A42BE53DF59} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\8.0.2\AutoUpdate.exe [2264336 2020-09-14] (IObit Information Technology -> IObit) Task: {6A2927FE-EBF0-4DD5-A0FC-B10D5B966B98} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} Task: {7D74C480-C32E-404C-8081-37DC84727616} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {822531FC-C0C9-4A29-AC64-50ADAA035363} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {823F7188-5012-42FC-84D6-FA377D85C79C} - \Microsoft\Windows\UpdateOrchestrator\UpdateModelTask -> Brak pliku <==== UWAGA Task: {88717BCD-706A-4598-96F9-4B907E42A1D6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {8B22E5AF-874A-4682-9531-0859FA6198E5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8BDD567F-BB57-47C1-8D92-EC81CF311C47} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {935999BC-4283-4FC7-860E-9B899B409281} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {94C7344C-6979-41EC-B85B-18A45F2F5A7B} - \Microsoft\Windows\Sysmain\HybridDriveCacheRebalance -> Brak pliku <==== UWAGA Task: {9839D291-B2F9-4F95-90AD-FDB9EB083F22} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {9CB9760E-A5CF-40B2-AA8B-66B3D69315E7} - \Microsoft\Windows\Management\Provisioning\Cellular -> Brak pliku <==== UWAGA Task: {9D2E5126-3AFE-494A-8547-8F4C25B4442D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9FFD277A-6CEB-4162-8B3A-362F1E00E027} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A04751DD-D23A-4BB4-BDBB-7F601E7567F7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {A412E167-E1EC-4455-B29E-A8BF8DABC1DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A43FFA4D-E147-4FC4-9308-CF59135AC37A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {A806A8FA-C7FE-4770-BFDF-90F6A40E3DEF} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 -> Brak pliku <==== UWAGA Task: {AFEDA958-2E8D-446F-AF75-73FE5A229E67} - \Microsoft\Windows\FileHistory\File History (maintenance mode) -> Brak pliku <==== UWAGA Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371} Task: {B128376B-39A4-4869-8BC4-575E3BEF9A67} - \Microsoft\Windows\Application Experience\StartupAppTask -> Brak pliku <==== UWAGA Task: {B4E70F3C-3FE0-48DB-8559-9FDACF08E609} - \Microsoft\Windows\Clip\License Validation -> Brak pliku <==== UWAGA Task: {C62F5E48-9ABC-4802-B05D-475522E7ED28} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D07B75A6-0553-406E-B690-65709C699320} - System32\Tasks\Opera scheduled Autoupdate 1590488563 => C:\Users\Attence\AppData\Local\Programs\Opera\launcher.exe [1721368 2020-11-10] (Opera Software AS -> Opera Software) Task: {D8EDF039-197D-4E43-97DA-E99EA3AAAA8E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} Task: {D9CC60BB-40C6-4553-91BE-2277F9EFB52C} - \Outbyte\PC Repair\NewDeceptors -> Brak pliku <==== UWAGA Task: {DF16B612-9858-42BE-ADDB-F3AE7D143B1A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {E00AB08B-396C-4676-BF21-AB35B93FD607} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26781880 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E06DE398-B3AC-4651-B34D-A97CDDB7B20F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {E29DB92B-26E4-444E-97CB-0B149DB94C07} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E631E1C4-7BB8-44DF-9393-D45C937A985F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EAD0DD3B-D4BC-4EDE-95A7-B8F7F115C662} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F63DC1B5-AD2B-4064-9D88-399859BDBC6B} - \Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures -> Brak pliku <==== UWAGA Task: {FA2FFDB5-1450-45BC-BE79-A22AE7AA8DCF} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{36bf0ec6-527a-4907-be2a-903c8e77c8bf}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{9f24a9bc-de15-464c-baa1-e559a1434ec8}: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation) Opera: ======= OPR Notifications: hxxps://www.facebook.com; hxxps://www.youtube.com OPR Extension: (Rich Hints Agent) - C:\Users\Attence\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-23] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD FUEL Service; D:\amd\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [534528 2020-05-31] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 defragsvc; C:\WINDOWS\System32\defragsvc.dll [494080 2020-05-31] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 pla; C:\WINDOWS\system32\pla.dll [1507328 2020-05-31] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2020-06-17] (Even Balance, Inc. -> ) S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc) S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294128 2020-10-19] (Razer USA Ltd. -> Razer Inc.) S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290864 2020-10-09] (Razer USA Ltd. -> Razer Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6153064 2020-10-15] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-15] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AODDriver4.3; D:\amd\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-08-10] (Martin Malik - REALiX -> REALiX(tm)) R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [50728 2019-07-04] (Whimsters Limited -> NT Kernel Resources) S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1146456 2020-08-10] (Realtek Semiconductor Corp. -> Realtek) [Brak podpisu cyfrowego] R3 RTL8023x64; C:\WINDOWS\System32\drivers\Rtnic64.sys [51712 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation) R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0053; C:\WINDOWS\System32\drivers\RzDev_0053.sys [52528 2020-02-17] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc) R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48936 2020-07-24] (SteelSeries ApS -> SteelSeries ApS) S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-11-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429288 2020-11-15] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-15] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; Brak ImagePath S3 ProtonVPNSplitTunnel; \??\C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [X] S3 ThrottleStop; \??\C:\Users\Attence\AppData\Local\Temp\ThrottleStop.sys [X] <==== UWAGA S1 vgk; \??\C:\Program Files\Riot Vanguard\vgk.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-11-16 11:30 - 2020-11-16 11:32 - 000000000 ____D C:\FRST 2020-11-16 11:30 - 2020-11-16 11:30 - 002294784 _____ (Farbar) C:\Users\Attence\Downloads\FRST64.exe 2020-11-16 11:08 - 2020-11-16 11:09 - 005659583 _____ (Swearware) C:\Users\Attence\Downloads\ComboFix.exe 2020-11-16 02:39 - 2020-11-16 02:39 - 000000000 ____D C:\ProgramData\Outbyte 2020-11-16 01:22 - 2020-11-16 01:22 - 000000000 ____D C:\$Windows.~BT 2020-11-16 01:07 - 2020-11-16 01:20 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-11-16 01:06 - 2020-11-16 01:34 - 000000000 ___HD C:\$SysReset 2020-11-16 00:52 - 2020-11-16 10:49 - 000000000 ____D C:\Program Files\CCleaner 2020-11-16 00:52 - 2020-11-16 00:53 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-11-16 00:52 - 2020-11-16 00:53 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-11-16 00:52 - 2020-11-16 00:52 - 000002892 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2020-11-16 00:52 - 2020-11-16 00:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2020-11-16 00:47 - 2020-11-16 00:53 - 000000000 ____D C:\AdwCleaner 2020-11-16 00:38 - 2020-11-16 00:47 - 008447152 _____ (Malwarebytes) C:\Users\Attence\Downloads\adwcleaner_8.0.8.exe 2020-11-16 00:37 - 2020-11-16 00:47 - 030469496 _____ (Piriform Software Ltd) C:\Users\Attence\Downloads\ccsetup574.exe 2020-11-16 00:26 - 2020-11-16 00:26 - 003967374 _____ C:\Users\Attence\Downloads\WinThruster.1.79.69.2469 (1).rar 2020-11-16 00:23 - 2020-11-16 00:28 - 000000000 ____D C:\Program Files\Cheat Engine 7.2 2020-11-16 00:23 - 2020-11-16 00:23 - 000000000 ____D C:\Users\Attence\Documents\My Cheat Tables 2020-11-16 00:23 - 2020-11-16 00:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2 2020-11-16 00:19 - 2020-11-16 00:20 - 025382248 _____ (Cheat Engine ) C:\Users\Attence\Downloads\cheat-engine-7-2.exe 2020-11-16 00:18 - 2020-11-16 00:18 - 005669320 _____ (Solvusoft ) C:\Users\Attence\Downloads\Setup_WinThruster_2020.exe 2020-11-16 00:15 - 2020-11-16 00:15 - 000000000 ____D C:\Program Files (x86)\gdiview 2020-11-16 00:14 - 2020-11-16 00:14 - 004149913 _____ C:\Users\Attence\Downloads\winthruster_5fb1b636cc50d_5fb1b636cc50f.zip 2020-11-16 00:14 - 2020-11-16 00:14 - 000000000 ____D C:\ProgramData\sib 2020-11-15 23:51 - 2017-09-03 12:39 - 000000000 ____D C:\Users\Attence\Desktop\WinThruster.1.79.69.2469 2020-11-15 23:49 - 2020-11-15 23:50 - 003967374 _____ C:\Users\Attence\Downloads\WinThruster.1.79.69.2469.rar 2020-11-15 23:36 - 2020-11-15 23:36 - 000000000 ____D C:\Program Files (x86)\Realtek 2020-11-15 23:35 - 2020-10-23 04:05 - 000000000 ____D C:\Users\Attence\Desktop\Install_Win10_10045_10232020 2020-11-15 23:34 - 2020-11-15 23:34 - 011146249 _____ C:\Users\Attence\Downloads\Install_Win10_10045_10232020 (1).zip 2020-11-15 23:33 - 2020-11-15 23:33 - 003589755 _____ C:\Users\Attence\Downloads\APPShop(v1.0.49).zip 2020-11-15 23:32 - 2020-11-15 23:32 - 000021712 _____ C:\Users\Attence\Downloads\IObit Driver Booster Crack Latest Version.torrent 2020-11-15 23:30 - 2019-09-17 12:30 - 000391211 _____ C:\Users\Attence\Desktop\loader-Astron.rar 2020-11-15 23:25 - 2020-11-15 23:25 - 000001441 _____ C:\Users\Public\Desktop\Driver Booster 8.lnk 2020-11-15 23:25 - 2020-11-15 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8 2020-11-15 23:24 - 2020-11-15 23:24 - 000000000 ____D C:\Users\Attence\AppData\Roaming\IObit 2020-11-15 23:24 - 2020-11-15 23:24 - 000000000 ____D C:\Program Files (x86)\IObit 2020-11-15 23:22 - 2020-11-15 23:22 - 026633761 _____ C:\Users\Attence\Downloads\up4pc.com_IObit Driver Booster Pro 8.0.2.210.rar 2020-11-15 23:16 - 2020-11-15 23:16 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-11-15 23:13 - 2020-11-15 23:13 - 000000080 ___SH C:\bootTel.dat 2020-11-15 23:12 - 2020-11-15 23:12 - 000000000 ____D C:\Users\Attence\AppData\Roaming\ATI 2020-11-15 23:12 - 2020-11-15 23:12 - 000000000 ____D C:\Users\Attence\AppData\Local\ATI 2020-11-15 23:12 - 2020-11-15 23:12 - 000000000 ____D C:\Users\Attence\AppData\Local\AMD 2020-11-15 23:12 - 2020-11-15 23:12 - 000000000 ____D C:\ProgramData\ATI 2020-11-15 22:59 - 2020-11-15 23:09 - 694009552 _____ C:\Users\Attence\Downloads\Allin1(v15.20.1065)_1.zip 2020-11-15 22:46 - 2020-11-16 10:30 - 000004228 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D56628B7-A057-499D-B4ED-07349E3DF61E} 2020-11-15 22:44 - 2020-11-15 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2020-11-15 22:41 - 2020-11-15 22:41 - 000000000 ____D C:\ProgramData\AMD 2020-11-15 22:31 - 2020-11-15 22:32 - 020546848 _____ (Outbyte) C:\Users\Attence\Downloads\0x80070017_repair-setup.exe 2020-11-15 22:28 - 2020-11-15 22:33 - 227981256 _____ (AMD Inc.) C:\Users\Attence\Downloads\amd-catalyst-15.7.1-win10-64bit.exe 2020-11-15 11:07 - 2020-11-15 11:08 - 000000000 ____D C:\found.000 2020-11-15 11:07 - 2020-11-15 11:07 - 000000000 ____D C:\found.002 2020-11-15 11:07 - 2020-11-15 11:07 - 000000000 ____D C:\found.001 2020-11-14 18:08 - 2020-11-14 18:08 - 000000000 ___HD C:\$GetCurrent 2020-11-14 16:16 - 2020-11-14 18:06 - 000000034 _____ C:\WINDOWS\progress.ini 2020-11-14 14:52 - 2020-11-14 18:08 - 000000000 ____D C:\Windows10Upgrade 2020-11-14 14:52 - 2020-11-14 14:52 - 006213960 _____ (Microsoft Corporation) C:\Users\Attence\Downloads\Windows10Upgrade9252.exe 2020-11-14 14:52 - 2020-11-14 14:52 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent aktualizacji do systemu Windows 10.lnk 2020-11-14 14:52 - 2020-11-14 14:52 - 000000719 _____ C:\Users\Attence\Desktop\Asystent aktualizacji do systemu Windows 10.lnk 2020-11-14 12:38 - 2020-11-14 12:38 - 011146249 _____ C:\Users\Attence\Downloads\Install_Win10_10045_10232020.zip 2020-11-14 12:38 - 2020-11-14 12:38 - 000000000 ____D C:\ProgramData\redistpart 2020-11-14 12:38 - 2020-11-14 12:38 - 000000000 ____D C:\ProgramData\launcher 2020-11-14 12:38 - 2020-11-14 12:38 - 000000000 ____D C:\ProgramData\explauncher 2020-11-14 12:37 - 2020-11-14 12:37 - 000002476 _____ C:\Users\Public\Desktop\Paragon Partition Manager™ 2014 Free.lnk 2020-11-14 12:37 - 2020-11-14 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager™ 2014 Free 2020-11-14 12:37 - 2020-11-14 12:37 - 000000000 ____D C:\Program Files (x86)\Paragon Software 2020-11-14 12:35 - 2020-11-14 12:36 - 043603456 _____ C:\Users\Attence\Downloads\pm_2014_free.msi 2020-11-14 12:02 - 2020-11-14 12:02 - 000000000 ____D C:\Users\Attence\AppData\Local\ElevatedDiagnostics 2020-11-13 22:08 - 2020-11-13 22:08 - 000000000 ___HD C:\$WinREAgent 2020-11-07 01:54 - 2018-06-09 17:27 - 000005075 _____ C:\Users\Attence\Desktop\candybot.lua 2020-11-07 01:54 - 2018-06-09 17:27 - 000000000 ____D C:\Users\Attence\Desktop\04-targets 2020-11-07 00:43 - 2020-11-01 20:31 - 062083072 _____ (CipSoft GmbH) C:\Users\Attence\Desktop\BleachWar0.2.exe 2020-11-04 12:19 - 2020-11-04 12:19 - 000000000 ____D C:\Users\Attence\AppData\Roaming\vlc 2020-11-04 12:18 - 2020-11-04 12:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2020-11-04 12:18 - 2020-11-04 12:18 - 000000000 ____D C:\Program Files\VideoLAN 2020-11-04 12:02 - 2020-11-04 12:05 - 000000000 ____D C:\Users\Attence\AppData\Roaming\Winamp 2020-11-04 12:02 - 2020-11-04 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2020-11-04 12:02 - 2020-11-04 12:02 - 000000000 ____D C:\Program Files (x86)\Winamp 2020-11-04 11:02 - 2020-11-04 11:02 - 000958533 _____ C:\Users\Attence\Documents\dowód.pdf 2020-11-01 20:40 - 2020-11-01 21:09 - 000000000 ____D C:\Users\Attence\Jacolos Company-WoNO 2020-11-01 20:40 - 2020-11-01 20:41 - 000000000 ____D C:\Users\Attence\Desktop\WoNO v11 2020-10-31 09:57 - 2020-10-31 09:57 - 000382951 _____ C:\Users\Attence\Documents\bb skam.pdf 2020-10-28 11:59 - 2020-10-28 12:05 - 002456467 _____ C:\Users\Attence\Documents\aaa.pdf 2020-10-25 22:44 - 2020-10-25 22:45 - 000000000 ____D C:\Users\Attence\Desktop\netia gówno 2020-10-18 18:50 - 2020-10-18 18:50 - 003670284 _____ C:\Users\Attence\Desktop\maciej boduch.pdf 2020-10-18 15:28 - 2020-09-26 14:16 - 000000000 ____D C:\Users\Attence\Desktop\pl 2020-10-17 01:10 - 2020-10-06 01:13 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2020-10-17 01:10 - 2020-10-06 01:13 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-11-16 11:32 - 2020-06-17 12:23 - 000000000 ____D C:\Users\Attence\AppData\Local\CrashDumps 2020-11-16 11:16 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-11-16 10:46 - 2020-05-26 12:42 - 000000000 ____D C:\ProgramData\NVIDIA 2020-11-16 10:46 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2020-11-16 10:44 - 2020-05-26 12:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-11-16 10:44 - 2020-05-26 12:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-11-16 02:49 - 2020-07-09 22:58 - 000000000 ____D C:\Users\Attence\AppData\Roaming\.minecraft 2020-11-16 01:21 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-11-16 01:06 - 2020-05-26 12:06 - 000000000 ___DC C:\WINDOWS\Panther 2020-11-16 00:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-11-16 00:54 - 2020-05-26 13:31 - 000000000 ____D C:\temp 2020-11-15 23:36 - 2020-05-26 11:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-11-15 23:26 - 2020-05-26 12:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-11-15 23:25 - 2020-08-10 23:12 - 000003186 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update 2020-11-15 23:25 - 2020-08-10 23:03 - 000002964 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Attence) 2020-11-15 23:24 - 2020-08-10 23:03 - 000000000 ____D C:\ProgramData\IObit 2020-11-15 23:19 - 2020-05-26 15:07 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-11-15 23:13 - 2020-05-26 12:50 - 000000000 ____D C:\Users\Attence 2020-11-15 22:51 - 2019-03-19 05:56 - 000000000 ____D C:\WINDOWS\Setup 2020-11-15 22:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration 2020-11-15 22:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning 2020-11-15 22:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME 2020-11-15 22:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help 2020-11-15 22:38 - 2020-05-26 11:11 - 000000000 ____D C:\ProgramData\Package Cache 2020-11-15 11:54 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-11-14 18:05 - 2020-05-26 12:54 - 000001908 _____ C:\WINDOWS\diagwrn.xml 2020-11-14 18:05 - 2020-05-26 12:54 - 000001908 _____ C:\WINDOWS\diagerr.xml 2020-11-14 18:04 - 2020-06-11 21:18 - 000000000 ____D C:\Users\Attence\AppData\Roaming\discord 2020-11-14 17:11 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2020-11-14 14:39 - 2020-09-10 21:43 - 000000000 ____D C:\Users\Attence\AppData\Roaming\Twitch 2020-11-14 12:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-11-14 11:55 - 2020-05-26 13:25 - 000000000 ____D C:\Users\Attence\AppData\Local\D3DSCache 2020-11-14 00:34 - 2020-09-02 21:17 - 000000000 ____D C:\Users\Attence\AppData\Local\Battle.net 2020-11-13 21:59 - 2020-05-26 12:58 - 001769484 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-11-13 21:59 - 2019-03-19 13:24 - 000784752 _____ C:\WINDOWS\system32\perfh015.dat 2020-11-13 21:59 - 2019-03-19 13:24 - 000152550 _____ C:\WINDOWS\system32\perfc015.dat 2020-11-12 12:23 - 2020-05-26 11:22 - 000001456 _____ C:\Users\Attence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2020-11-12 06:59 - 2020-05-31 16:11 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-11-12 06:57 - 2020-05-31 16:11 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-11-07 01:25 - 2020-05-26 14:55 - 000000000 ____D C:\Users\Attence\AppData\Local\PlaceholderTileLogoFolder 2020-11-01 22:21 - 2020-10-13 19:16 - 000000000 ____D C:\ProgramData\TEMP 2020-11-01 21:15 - 2020-07-06 00:21 - 000000000 ____D C:\Users\Attence\AppData\Roaming\Tibia 2020-11-01 16:33 - 2020-05-26 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2020-10-31 10:08 - 2020-06-18 12:41 - 000000000 ____D C:\Users\Attence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2020-10-29 04:55 - 2020-05-26 13:22 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-716577694-2690645057-2397799406-1000 2020-10-29 04:55 - 2020-05-26 13:22 - 000000000 ___RD C:\Users\Attence\OneDrive 2020-10-29 04:55 - 2020-05-26 12:50 - 000002458 _____ C:\Users\Attence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-10-27 00:26 - 2020-10-13 19:11 - 000000000 ____D C:\Users\Attence\Desktop\ElfBot NG 2020-10-27 00:20 - 2020-10-15 04:26 - 000000000 ____D C:\Users\Attence\Desktop\Some shit 2020-10-25 17:34 - 2020-06-22 13:31 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2020-10-17 01:20 - 2020-05-26 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex 2020-10-17 01:12 - 2020-05-26 12:56 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-10-17 01:12 - 2020-05-26 12:56 - 000000000 ___RD C:\Users\Attence\3D Objects 2020-10-17 01:09 - 2020-05-26 12:38 - 000461048 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-10-17 01:05 - 2019-03-19 13:26 - 000000000 ___SD C:\WINDOWS\system32\AppV 2020-10-17 01:05 - 2019-03-19 13:26 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2020-10-17 01:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-08-10 23:11 - 2020-06-08 12:46 - 020469658 _____ (IObit ) C:\Program Files (x86)\Driver.Booster.7.5.0.751.exe 2020-08-18 14:03 - 2020-08-18 15:23 - 000000128 _____ () C:\Users\Attence\AppData\Local\PUTTY.RND ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================