Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-11-2021 Uruchomiony przez Dawid (administrator) MSI (MSI MS-7978) (18-11-2021 19:42:19) Uruchomiony z C:\Users\Dawid\Desktop Załadowane profile: Dawid Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.1348 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Kalendarz XP\Kalendarz.exe () [Brak podpisu cyfrowego] C:\Program Files (x86)\RocketDock\RocketDock.exe () [Brak podpisu cyfrowego] C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSISvc32.exe () [Brak podpisu cyfrowego] C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSISvc64.exe (A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe (A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe (A-Volute -> ) C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) E:\Programy\Foxit Reader\FoxitPDFReaderUpdateService.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) E:\Programy\Dragon Center\Mystic_Light\LightKeeperService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe <2> (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [NahimicMSIUILauncher] => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [532448 2015-08-07] (A-Volute -> ) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167496 2021-10-27] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Brak podpisu cyfrowego] HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [USB_Speed_Up] => C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe [2394040 2017-02-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835768 2017-09-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26327864 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-534369914-791047530-272632127-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19840752 2019-12-30] (A FOUR TECH CO., LTD. -> ) HKU\S-1-5-21-534369914-791047530-272632127-1001\...\Run: [BloodyKeyboard] => C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe [10865904 2020-01-09] (A FOUR TECH CO., LTD. -> ) HKU\S-1-5-21-534369914-791047530-272632127-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Brak podpisu cyfrowego] HKU\S-1-5-21-534369914-791047530-272632127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-534369914-791047530-272632127-1001\...\MountPoints2: {183a22c1-6e0d-11eb-a22c-d8cb8ac6a9dc} - "M:\setup.exe" HKU\S-1-5-21-534369914-791047530-272632127-1001\...\MountPoints2: {43e36cd3-b49e-11ea-a1f4-d8cb8ac6a9dc} - "M:\HiSuiteDownLoader.exe" HKU\S-1-5-21-534369914-791047530-272632127-1001\...\MountPoints2: {651525a6-2125-11ec-a24e-503eaab8dcfd} - "M:\OnePlus_setup.exe" /s HKU\S-1-5-21-534369914-791047530-272632127-1001\...\MountPoints2: {d580a498-3bd2-11eb-a219-d8cb8ac6a9dc} - "M:\HiSuiteDownLoader.exe" HKU\S-1-5-21-534369914-791047530-272632127-1001\...\MountPoints2: {d580a4ae-3bd2-11eb-a219-d8cb8ac6a9dc} - "M:\HiSuiteDownLoader.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2020-02-01] ShortcutTarget: GIGABYTE OC_GURU.lnk -> E:\Programy\Gigabyte\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [Brak podpisu cyfrowego] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2020-02-02] ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks LLC -> Rivet Networks) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-03-12] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS) Startup: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kalendarz — skrót (2).lnk [2020-02-02] ShortcutTarget: Kalendarz — skrót (2).lnk -> C:\Program Files (x86)\Kalendarz XP\Kalendarz.exe () [Brak podpisu cyfrowego] GroupPolicy: Ograniczenia - Chrome <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {09163D45-B708-4437-BB29-E0C2D93E353E} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 5.2\upgrade.exe [1862008 2020-11-19] (ESET, spol. s r.o. -> ESET) Task: {098C5D81-4DD3-45AC-B571-751ADFDCC388} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {13DC9BB3-B50A-4F9E-ABCF-07FF54D9778B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [4838816 2014-09-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics.) Task: {14190D2C-7502-4B58-9A26-EBC17A82155C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform) Task: {27DF868D-77EE-4952-B5EB-303597174BC2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2AB8C73D-437F-4CCF-82FC-9C3D1F33AA25} - System32\Tasks\NahimicVRSvc64Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Brak pliku) Task: {3100BFD7-5D01-406D-8F58-0F56BD287CEE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3AACE28D-5804-46FA-8567-10FEBBB7D6F6} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {46410CBC-E694-42DC-B063-35B30D8ABBCC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {49F0A250-70F5-47C4-BAC0-B63728CEBABD} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {4B689659-D92A-4E7B-91BC-DA08199E7DB1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4BB1FBA4-BAC5-4795-BE9B-969ED2E33679} - System32\Tasks\NahimicMSIsvc32Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe [815616 2015-08-07] () [Brak podpisu cyfrowego] Task: {4D76162D-BFA7-40AC-B6D8-8CF1A9738DE1} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {672EB370-8579-418E-8CB6-93534DDF221F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {70A28983-4068-4254-9D4D-F8C65464820A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-04] (Mozilla Corporation -> Mozilla Foundation) Task: {712A2603-B6C9-4258-A7AF-7E8E7CBBA474} - System32\Tasks\NahimicMSIUILauncherRun => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [532448 2015-08-07] (A-Volute -> ) Task: {81578599-C941-488F-AB55-80F9CFBD5B20} - System32\Tasks\e-pity2020_styczen => E:\Programy\e-pity\Assets\signxml.exe [2281016 2021-01-24] (e-file sp. z o.o. sp. k. -> e-file sp. z o.o. sp. k.) Task: {81CB036E-01C5-40F2-8830-07C3C305C841} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {88A6B59D-543F-40C1-9E36-2ED6E7E3F742} - System32\Tasks\NahimicMSIsvc64Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe [276992 2015-08-07] () [Brak podpisu cyfrowego] Task: {893A0A9C-6D0B-4B76-89E1-FBAAD25A7B9F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => E:\Programy\Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {917E88EA-0CB7-4A15-9C7D-D88048E2ADF8} - System32\Tasks\Microsoft Windows Defender Update => C:\Program Files (x86)\acSupport.com\acSupport UndeletePlus\UndeletePlus.exe 6 (Brak pliku) Task: {91EC26F9-4E42-46C8-B5B5-57826A02A987} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {A46400AF-BA6B-485C-92A2-8710AC39B211} - System32\Tasks\CCleanerSkipUAC - Dawid => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {AB65F582-F27E-43E1-9216-34258F6B74C4} - System32\Tasks\klcp_update => E:\Programy\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2020-01-21] () [Brak podpisu cyfrowego] Task: {AC5B06FF-C7E2-49CA-BFE3-FEEC60C22C1C} - System32\Tasks\NahimicVRSvc32Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Brak pliku) Task: {AE33FF1B-2151-478A-B1D9-A50948CA4062} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AFC9FFAB-AEF3-46F6-AD8D-1A0E58B2B68A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CB50D85D-3EA1-44DE-A5C9-CA8F3B26B96E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => E:\Programy\Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {E067986A-761A-412E-89A3-D2EDFE310E3D} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2015-11-20] (Intel(R) Software -> Intel Corporation) Task: {EA03CF75-D7D6-490E-9FAE-5F952EC8706A} - System32\Tasks\e-pity2020_kwiecien => E:\Programy\e-pity\Assets\signxml.exe [2281016 2021-01-24] (e-file sp. z o.o. sp. k. -> e-file sp. z o.o. sp. k.) Task: {F4D8A710-DC1F-4877-927C-DCF629B9DAD1} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) Task: {F65F6BA2-AE61-41E3-9819-DCF2689E7BA5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5da41520-01f9-41a2-b18a-4aec364c2f0a}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{bbc9990e-a640-4bd0-9e84-5430448bc0ca}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge Profile: C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-18] Edge Extension: (Outlook) - C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-01-17] Edge Extension: (Word) - C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-01-17] Edge Extension: (Excel) - C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-01-17] Edge Extension: (T-Сashback — кэшбэк-сервис) - C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odbmjgikedenicicookngdckhkjbebpd [2021-11-17] Edge Extension: (PowerPoint) - C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-01-17] Edge HKLM-x32\...\Edge\Extension: [odbmjgikedenicicookngdckhkjbebpd] FireFox: ======== FF DefaultProfile: yoqvj92f.default FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304 [2021-11-18] FF DownloadDir: C:\Users\Dawid\Desktop FF Homepage: Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304 -> hxxps://www.google.pl/ FF Notifications: Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304 -> hxxps://www.pyszne.pl; hxxps://mail-notification.info; hxxps://zarabotok-online.xyz; hxxps://supertopfreegames.com; hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://mnthor.xyz FF Extension: (Video Downloader professional) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304\Extensions\ffext_basicvideoext@startpage24.xpi [2021-11-17] FF Extension: (Breaking Bad 3) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304\Extensions\{a4b257bd-569a-487b-9159-5cafe487cac7}.xpi [2020-02-02] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-09] FF Extension: (Back to The Future Cool Delorean) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304\Extensions\{f0621ff3-745a-464b-b74c-43175aba9b59}.xpi [2020-02-02] FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\yoqvj92f.default [2021-11-16] FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\xmbo7y0g.default-release [2021-11-16] FF Homepage: Mozilla\Firefox\Profiles\xmbo7y0g.default-release -> hxxps://www.google.com/ FF Notifications: Mozilla\Firefox\Profiles\xmbo7y0g.default-release -> hxxps://mail-notification.info; hxxps://zarabotok-online.xyz; hxxps://supertopfreegames.com; hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://mnthor.xyz FF Extension: (Breaking Bad 3) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\xmbo7y0g.default-release\Extensions\{a4b257bd-569a-487b-9159-5cafe487cac7}.xpi [2020-02-01] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\xmbo7y0g.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-01] FF Extension: (Back to The Future Cool Delorean) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\xmbo7y0g.default-release\Extensions\{f0621ff3-745a-464b-b74c-43175aba9b59}.xpi [2020-02-01] FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\Programy\Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> E:\PROGRAMY\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> E:\PROGRAMY\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> E:\PROGRAMY\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> E:\PROGRAMY\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> E:\PROGRAMY\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> E:\Programy\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-05-14] (Nero AG -> Nero AG) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-11-18] Chrome: ======= CHR Profile: C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default [2021-11-16] CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Extension: (Safe Torrent Scanner) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-10-10] CHR Extension: (e-pity - dodatek) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2021-10-10] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3139904 2021-10-27] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3139904 2021-10-27] (ESET, spol. s r.o. -> ESET) R2 FoxitReaderUpdateService; E:\PROGRAMY\FOXIT READER\FoxitPDFReaderUpdateService.exe [2363000 2021-09-24] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [31400 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe [2018768 2015-08-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2016-12-05] (Rivet Networks LLC -> Rivet Networks) R2 LightKeeperService; E:\Programy\Dragon Center\Mystic_Light\LightKeeperService.exe [81552 2020-03-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2108600 2017-09-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2347704 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4054200 2017-09-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2247352 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2489016 2017-09-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [4848312 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MSI_Cloud_Service; C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe [97232 2015-06-30] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [113336 2017-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2210104 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe [69072 2015-07-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183472 2020-03-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-03-11] (SteelSeries ApS -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-17] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-17] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-11-15] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183408 2021-10-27] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [124496 2021-10-27] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-10-25] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [201984 2021-10-27] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43920 2021-10-27] (ESET, spol. s r.o. -> ESET) R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) R1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [69736 2021-10-27] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-10-27] (ESET, spol. s r.o. -> ESET) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2019-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) S3 GPCIDrv; E:\Programy\Gigabyte\GPCIDrv64.sys [14376 2014-08-11] (Giga-Byte Technology -> ) R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [65616 2020-02-09] (Martin Malik - REALiX -> REALiX(tm)) R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.) R3 NTIOLib_CC_DDR; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 NTIOLib_OCKit_MB; C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\NTIOLib_X64.sys [13776 2016-09-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 NVVADARM; C:\WINDOWS\system32\drivers\nvvadarm.sys [40256 2014-09-14] (NVIDIA Corporation -> NVIDIA Corporation) R2 RAMDriv; C:\WINDOWS\system32\DRIVERS\ramdriv.sys [81912 2012-12-27] (Christiaan Ghijselinck -> Micro-Star Int'l Co., Ltd.) R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [81912 2012-12-27] (Christiaan Ghijselinck -> Micro-Star Int'l Co., Ltd.) S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [867064 2021-02-13] (Duplex Secure Ltd -> Duplex Secure Ltd.) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-12-23] (SteelSeries ApS -> ) R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-17] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-17] (Microsoft Windows -> Microsoft Corporation) S3 netr28ux; \SystemRoot\System32\drivers\netr28ux.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-11-18 19:42 - 2021-11-18 19:42 - 000034401 _____ C:\Users\Dawid\Desktop\FRST.txt 2021-11-18 19:36 - 2021-11-18 19:36 - 000000000 ___HD C:\$WinREAgent 2021-11-18 19:34 - 2021-11-18 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2021-11-18 19:34 - 2021-11-18 19:34 - 000000000 ____D C:\ProgramData\ESET 2021-11-18 19:34 - 2021-11-18 19:34 - 000000000 ____D C:\Program Files\ESET 2021-11-18 19:27 - 2021-11-18 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder 2021-11-18 19:26 - 2021-11-18 19:26 - 001004492 _____ C:\WINDOWS\Minidump\111821-7875-01.dmp 2021-11-18 19:23 - 2021-11-18 19:23 - 000000000 _____ C:\WINDOWS\Minidump\111821-8125-01.dmp 2021-11-18 19:15 - 2021-11-18 19:16 - 001224268 _____ C:\WINDOWS\Minidump\111821-7718-01.dmp 2021-11-18 19:15 - 2021-11-18 19:15 - 000000000 _____ C:\WINDOWS\Minidump\111821-7890-01.dmp 2021-11-18 19:12 - 2021-11-18 19:12 - 000000000 _____ C:\WINDOWS\Minidump\111821-12437-01.dmp 2021-11-18 19:11 - 2021-11-18 19:26 - 1093557988 _____ C:\WINDOWS\MEMORY.DMP 2021-11-17 20:08 - 2021-11-17 20:08 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2 2021-11-17 20:05 - 2021-11-18 19:42 - 000000000 ____D C:\FRST 2021-11-17 20:04 - 2021-11-17 20:05 - 002311680 _____ (Farbar) C:\Users\Dawid\Desktop\FRST64.exe 2021-11-17 17:51 - 2021-11-17 18:11 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET 2021-11-17 17:40 - 2021-11-18 19:30 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-11-16 19:04 - 2021-11-16 19:11 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\warmded 2021-11-16 19:04 - 2021-11-16 19:11 - 000000000 ____D C:\Users\Dawid\AppData\LocalLow\qO7qM6fA3 2021-11-16 19:04 - 2021-11-16 19:04 - 000001938 _____ C:\Users\Dawid\AppData\LocalLow\thunderbird.txt 2021-11-16 19:04 - 2021-11-16 19:04 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\NCH Software 2021-11-16 19:04 - 2021-11-16 19:04 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\clergy 2021-11-16 19:04 - 2021-11-16 19:04 - 000000000 ____D C:\Program Files (x86)\foler 2021-11-16 19:03 - 2021-11-16 19:11 - 000000000 ____D C:\ProgramData\MemoryOptimizer 2021-11-16 19:03 - 2021-11-16 19:11 - 000000000 ____D C:\Program Files (x86)\Hidden Disk 5 2021-11-16 19:03 - 2021-11-16 19:03 - 000003356 _____ C:\WINDOWS\system32\Tasks\Microsoft Windows Defender Update 2021-11-16 19:03 - 2021-11-16 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hidden Disk 5 2021-11-16 19:03 - 2021-11-16 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\acSupport.com 2021-11-16 19:03 - 2021-11-16 19:03 - 000000000 ____D C:\Program Files (x86)\acSupport.com 2021-11-16 19:03 - 2019-12-24 23:16 - 004136792 ___RH (KirySoft ) C:\Users\Dawid\Desktop\wscc_x64_setup.exe 2021-11-16 18:16 - 2021-11-16 18:16 - 000000000 ____D C:\Users\Dawid\AppData\Local\SUPERYARD 2021-11-14 19:03 - 2021-11-14 19:03 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-11-14 19:03 - 2021-11-14 19:03 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-11-14 19:03 - 2021-11-14 19:03 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-11-14 19:03 - 2021-11-14 19:03 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-11-14 19:03 - 2021-11-14 19:03 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2021-11-14 19:03 - 2021-11-14 19:03 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-14 19:02 - 2021-11-14 19:02 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2021-11-14 19:02 - 2021-11-14 19:02 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-11-14 19:02 - 2021-11-14 19:02 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-11-14 19:02 - 2021-11-14 19:02 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-11-14 19:02 - 2021-11-14 19:02 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-14 18:51 - 2021-11-14 18:51 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-14 18:51 - 2021-11-14 18:51 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-11-03 18:47 - 2021-11-03 18:47 - 000000000 ____D C:\Users\Dawid\AppData\LocalLow\Oracle 2021-11-03 18:47 - 2021-11-03 18:47 - 000000000 ____D C:\Program Files\Java 2021-10-27 15:14 - 2021-10-27 15:14 - 000201984 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys 2021-10-27 15:14 - 2021-10-27 15:14 - 000183408 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys 2021-10-27 15:14 - 2021-10-27 15:14 - 000124496 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys 2021-10-27 15:14 - 2021-10-27 15:14 - 000107456 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2021-10-27 15:14 - 2021-10-27 15:14 - 000069736 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys 2021-10-27 15:14 - 2021-10-27 15:14 - 000043920 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys 2021-10-25 17:30 - 2021-10-25 17:30 - 000015824 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-11-18 19:43 - 2020-02-01 17:32 - 000000000 ____D C:\ProgramData\Mozilla 2021-11-18 19:42 - 2020-02-01 17:32 - 000000000 ____D C:\Users\Dawid\AppData\LocalLow\Mozilla 2021-11-18 19:41 - 2020-06-21 20:52 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-11-18 19:41 - 2019-12-07 16:09 - 000784340 _____ C:\WINDOWS\system32\perfh015.dat 2021-11-18 19:41 - 2019-12-07 16:09 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat 2021-11-18 19:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-11-18 19:39 - 2020-02-02 12:33 - 000000000 ____D C:\ProgramData\NVIDIA 2021-11-18 19:39 - 2020-02-01 20:36 - 000000000 ____D C:\Program Files\CCleaner 2021-11-18 19:38 - 2021-10-09 22:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-11-18 19:37 - 2020-06-21 20:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-11-18 19:37 - 2020-06-21 20:51 - 000008192 ___SH C:\DumpStack.log.tmp 2021-11-18 19:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-18 19:37 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-18 19:36 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-11-18 19:36 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-18 19:34 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-11-18 19:26 - 2021-03-04 17:00 - 000000000 ____D C:\WINDOWS\Minidump 2021-11-18 19:26 - 2020-06-21 20:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-18 19:26 - 2020-02-02 02:42 - 000000000 ____D C:\Users\Dawid\AppData\Local\CrashDumps 2021-11-18 19:16 - 2020-06-21 20:11 - 000000000 ____D C:\Users\Dawid 2021-11-18 17:56 - 2020-06-22 16:33 - 000003468 _____ C:\WINDOWS\system32\Tasks\ESET Windows 10 upgrade – Refresh settings 2021-11-18 17:56 - 2020-06-21 20:54 - 000003350 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-534369914-791047530-272632127-1001 2021-11-18 17:56 - 2020-06-21 20:11 - 000002419 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-11-18 17:46 - 2020-02-02 12:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-11-18 17:44 - 2021-09-20 17:52 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-11-18 17:44 - 2021-09-20 17:52 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-11-17 20:08 - 2020-02-02 12:18 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-11-17 19:20 - 2020-06-21 20:54 - 000004196 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{9BEFEB3F-55B7-4DD8-B2C2-12AED0004119} 2021-11-17 18:24 - 2020-02-01 16:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-11-17 18:11 - 2020-02-02 11:57 - 000000000 ____D C:\Users\Dawid\AppData\Local\ESET 2021-11-16 19:30 - 2021-02-28 16:12 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\uTorrent 2021-11-16 19:05 - 2021-01-19 18:26 - 000004744 __RSH C:\ProgramData\ntuser.pol 2021-11-16 19:05 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-11-16 18:42 - 2020-06-21 20:54 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-11-16 17:29 - 2020-02-01 17:07 - 000000000 ____D C:\ProgramData\Packages 2021-11-16 17:29 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-16 17:15 - 2020-02-01 17:03 - 000000000 ____D C:\Users\Dawid\AppData\Local\Packages 2021-11-14 19:10 - 2020-04-26 12:40 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-11-14 19:08 - 2020-06-21 20:51 - 000432808 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-14 19:08 - 2020-02-02 12:18 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-11-14 19:07 - 2019-12-07 16:12 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-11-14 19:07 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-11-14 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-14 19:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-14 18:52 - 2021-03-28 14:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-11-14 18:52 - 2020-11-16 18:12 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-14 18:51 - 2020-05-30 15:44 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-11-04 17:31 - 2020-02-02 12:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-11-03 18:47 - 2021-08-01 15:57 - 000191832 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2021-11-03 18:47 - 2021-08-01 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2021-10-28 17:39 - 2020-04-18 15:38 - 000000000 ____D C:\Users\Dawid\Documents\The Witcher 3 ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-04-18 23:36 - 2020-04-28 16:46 - 001065984 _____ () C:\Users\Dawid\AppData\Local\file__0.localstorage 2020-04-11 14:04 - 2020-05-03 15:15 - 000007597 _____ () C:\Users\Dawid\AppData\Local\Resmon.ResmonCfg 2021-11-18 18:22 - 2021-11-18 19:27 - 000028994 _____ () C:\Users\Dawid\AppData\Local\Temptnodlogo.png ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================