Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 11-12-2021 Uruchomiony przez proko (administrator) ASUS (ASUSTeK COMPUTER INC. N56VZ) (11-12-2021 16:19:18) Uruchomiony z C:\Users\proko\Desktop\FRST Załadowane profile: proko Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.1348 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [795744 2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460384 2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [InstallHelper] => C:\ProgramData\Citrix\Citrix Workspace 2002\InstallHelper.exe [429152 2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKU\S-1-5-21-1555994830-1867149527-2771563359-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-11-22] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1555994830-1867149527-2771563359-1001\...\MountPoints2: {04e41e18-b8d3-11eb-aec7-10bf482f5f1f} - "F:\HiSuiteDownLoader.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-07] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1B722DB4-B5F8-40F1-9049-33A8A22551A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1F542D2D-8B98-4D97-B7E2-CA908ED4FBDA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849720 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2CE81F31-CD41-4B13-B06E-6FCB14615F8D} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {3FC0A696-EF91-4E75-B6E9-CD8A381DB987} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849720 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {42BF1C92-FC97-4980-8DFB-07532F1CF550} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4D25B164-E898-4914-8E9A-71A1D798E247} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {52685043-95A1-4F51-9425-E9AD010BCC44} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {676162ED-72CD-4D54-8CC5-E90836B96ACB} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6C2F274D-CD06-40AB-BC89-730DAEA67FF4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek) Task: {7420862C-F640-4A8A-A299-EAC9B68DB6EF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {7926E812-CAF4-4176-9716-8CC5232820DE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {840C883D-C32C-4DFE-ADAE-9337D35C0047} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729208 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {853793F3-662F-4EA4-B0EA-E0ACF2075A74} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {91D6DFD8-D872-440B-8E4D-3A1E54323C83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-04] (Google LLC -> Google LLC) Task: {93E4B776-3626-41B6-AD90-6F6AD93F6C38} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {951FD808-0491-4EF0-9AED-34EA90EDCDAB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {9F0FFC2B-3AAE-46EE-BD7C-AD988718BB78} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B6EF228C-E52C-4879-BFB2-EFB710B47F20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BACC6DF3-4636-4C30-B84E-0432A8C0F634} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BE0FE3B2-DDF4-4B72-A642-56E46E3F9CC1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {C2323978-83CA-4052-A50D-075CC5DF15ED} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591160 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F07F574C-3846-46F9-9962-817CCBC6F53D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F0AEB97E-9865-417F-9927-D39E89E9CBD4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-04] (Google LLC -> Google LLC) Task: {F3E431EE-DCA6-405E-B945-0D06751E3A09} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.3.1 Tcpip\..\Interfaces\{ad3bceea-e5fa-4297-ba7e-79e29e54ea41}: [DhcpNameServer] 31.135.197.148 8.8.8.8 Tcpip\..\Interfaces\{ebf1db41-c753-4cd2-821f-e2debc50aa20}: [DhcpNameServer] 192.168.3.1 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Profile 1 Edge Profile: C:\Users\proko\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2020-08-28] Edge Profile: C:\Users\proko\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-12-09] Edge HomePage: Profile 1 -> hxxps://www.msn.com/?OCID=IE11FREDHP&PC=UF01 Edge Extension: (uBlock Origin) - C:\Users\proko\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2021-12-08] FireFox: ======== FF DefaultProfile: xefqihhy.default FF ProfilePath: C:\Users\proko\AppData\Roaming\Mozilla\Firefox\Profiles\xefqihhy.default [2020-01-04] FF ProfilePath: C:\Users\proko\AppData\Roaming\Mozilla\Firefox\Profiles\0vbtx7yq.default-release [2021-12-11] FF Extension: (uBlock Origin) - C:\Users\proko\AppData\Roaming\Mozilla\Firefox\Profiles\0vbtx7yq.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-12-03] FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default [2021-12-11] CHR Extension: (Prezentacje) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-04] CHR Extension: (Media Helper for Instagram) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\albdnahmanonkmhoamgfjbjgbjabbiid [2021-12-07] CHR Extension: (Dokumenty) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-04] CHR Extension: (Dysk Google) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20] CHR Extension: (YouTube) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-04] CHR Extension: (uBlock Origin) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-12-03] CHR Extension: (Arkusze) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-04] CHR Extension: (Dokumenty Google offline) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-02] CHR Extension: (Allow Right-Click) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\hompjdfbfmmmgflfjdlnkohcplmboaeo [2021-08-18] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\proko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-05-15] (BattlEye Innovations e.K. -> ) R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [40544 2020-03-11] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47760 2021-09-01] (SteelSeries ApS -> SteelSeries ApS) R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2019-12-16] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-12-11 16:18 - 2021-12-11 16:19 - 000000000 ____D C:\FRST 2021-12-11 16:16 - 2021-12-11 16:19 - 000000000 ____D C:\Users\proko\Desktop\FRST 2021-12-11 16:15 - 2021-12-11 16:16 - 002311168 _____ (Farbar) C:\Users\proko\Downloads\FRST64.exe 2021-12-11 11:40 - 2021-12-11 11:40 - 000212283 _____ C:\Users\proko\Desktop\Diana wyniki badań - 07.12.21.pdf 2021-12-08 09:07 - 2021-12-09 18:24 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-11-29 15:22 - 2021-11-29 15:43 - 000000000 ____D C:\Users\proko\Desktop\Nowy folder 2021-11-19 14:05 - 2021-11-19 14:05 - 000000000 ___HD C:\$WinREAgent 2021-11-18 17:08 - 2021-12-09 22:22 - 000000000 ____D C:\Users\proko\AppData\Roaming\discord 2021-11-18 17:08 - 2021-12-09 21:27 - 000000000 ____D C:\Users\proko\AppData\Local\Discord 2021-11-18 17:08 - 2021-11-18 17:08 - 000002231 _____ C:\Users\proko\Desktop\Discord.lnk 2021-11-18 17:08 - 2021-11-18 17:08 - 000000000 ____D C:\Users\proko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2021-11-18 17:00 - 2021-11-18 17:00 - 082973864 _____ (Discord Inc.) C:\Users\proko\Downloads\DiscordSetup.exe 2021-11-14 16:05 - 2021-11-14 16:05 - 000034193 _____ C:\Users\proko\Downloads\SKL_07_2021.pdf 2021-11-14 16:05 - 2021-11-14 16:05 - 000034193 _____ C:\Users\proko\Downloads\SKL_06_2021.pdf 2021-11-14 16:05 - 2021-11-14 16:05 - 000034193 _____ C:\Users\proko\Desktop\SKL_07_2021.pdf 2021-11-14 16:05 - 2021-11-14 16:05 - 000034193 _____ C:\Users\proko\Desktop\SKL_06_2021.pdf 2021-11-14 16:05 - 2021-11-14 16:05 - 000034192 _____ C:\Users\proko\Downloads\SKL_10_2021.pdf 2021-11-14 16:05 - 2021-11-14 16:05 - 000034192 _____ C:\Users\proko\Desktop\SKL_10_2021.pdf 2021-11-14 16:04 - 2021-11-14 16:04 - 000034193 _____ C:\Users\proko\Downloads\SKL_05_2021 (1).pdf 2021-11-14 16:04 - 2021-11-14 16:04 - 000034193 _____ C:\Users\proko\Desktop\SKL_05_2021.pdf 2021-11-14 15:37 - 2021-11-14 15:37 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-11-14 15:37 - 2021-11-14 15:37 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-14 15:37 - 2021-11-14 15:37 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-14 15:36 - 2021-11-14 15:36 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-12-11 16:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-12-11 16:09 - 2020-01-04 14:47 - 000000000 ____D C:\Users\proko\AppData\LocalLow\Mozilla 2021-12-11 16:09 - 2020-01-04 14:31 - 000000000 ____D C:\ProgramData\NVIDIA 2021-12-11 16:07 - 2020-01-04 15:38 - 000000000 ____D C:\Program Files (x86)\Steam 2021-12-11 16:06 - 2020-01-04 15:18 - 000000000 ____D C:\Program Files (x86)\Google 2021-12-11 16:06 - 2020-01-04 14:44 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2021-12-11 16:06 - 2020-01-04 14:34 - 000000000 __SHD C:\Users\proko\IntelGraphicsProfiles 2021-12-11 16:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-12-11 11:59 - 2021-04-02 12:09 - 000000000 ____D C:\Users\proko\AppData\Roaming\HearthstoneDeckTracker 2021-12-11 11:59 - 2021-04-02 11:49 - 000000000 ____D C:\Users\proko\AppData\Local\Battle.net 2021-12-11 11:58 - 2021-04-02 11:47 - 000000000 ____D C:\Program Files (x86)\Battle.net 2021-12-11 11:36 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-12-11 11:30 - 2020-08-08 16:10 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-12-09 19:13 - 2020-08-04 15:55 - 001678234 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-12-09 19:13 - 2019-12-07 16:09 - 000748862 _____ C:\WINDOWS\system32\perfh015.dat 2021-12-09 19:13 - 2019-12-07 16:09 - 000144572 _____ C:\WINDOWS\system32\perfc015.dat 2021-12-09 19:13 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-12-09 18:28 - 2020-01-04 14:13 - 000000000 ____D C:\Users\proko\AppData\Local\Packages 2021-12-09 18:24 - 2020-08-04 15:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-12-09 18:24 - 2020-08-04 15:53 - 000008192 ___SH C:\DumpStack.log.tmp 2021-12-09 18:24 - 2020-01-04 14:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-12-09 18:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-12-09 18:24 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-12-09 18:23 - 2020-03-03 16:03 - 000000000 ____D C:\Users\proko\AppData\Local\Citrix 2021-12-08 16:07 - 2021-11-02 19:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-12-08 16:07 - 2020-01-04 14:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-12-07 19:51 - 2021-04-02 12:10 - 000002511 _____ C:\Users\proko\Desktop\Hearthstone Deck Tracker.lnk 2021-12-07 19:51 - 2021-04-02 12:10 - 000000000 ____D C:\Users\proko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim 2021-12-07 19:51 - 2021-04-02 12:09 - 000000000 ____D C:\Users\proko\AppData\Local\HearthstoneDeckTracker 2021-12-07 19:51 - 2021-04-02 11:50 - 000000000 ____D C:\Program Files (x86)\Hearthstone 2021-12-07 19:51 - 2020-08-06 09:38 - 000000000 ____D C:\Users\proko\AppData\Local\SquirrelTemp 2021-12-07 13:29 - 2020-08-04 15:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-12-07 05:56 - 2020-01-04 15:19 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-12-03 20:25 - 2021-02-23 17:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-12-02 09:48 - 2020-08-08 16:10 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-12-02 09:48 - 2020-08-08 16:10 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-11-26 15:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-14 16:34 - 2020-01-04 14:17 - 000000000 ____D C:\Users\proko\AppData\Local\D3DSCache 2021-11-14 15:59 - 2021-08-20 20:24 - 000000000 ____D C:\Program Files (x86)\Diablo II Resurrected Beta 2021-11-14 15:56 - 2020-08-04 15:53 - 000258584 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-14 15:55 - 2019-12-07 16:12 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-11-14 15:55 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-11-14 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-14 15:55 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-14 15:14 - 2020-01-04 14:20 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-14 15:13 - 2020-01-04 14:20 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================