Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:12-10-2015 Uruchomiony przez Tom (administrator) DESKTOP-7NRDIOE (07-04-2022 07:13:52) Uruchomiony z C:\Users\Tom\Desktop Załadowane profile: Tom (Dostępne profile: defaultuser0 & Tom) Platform: Windows 10 Enterprise 2016 LTSB (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe () C:\Windows\SysWOW64\srvany.exe (HP) C:\Windows\System32\HPSIsvc.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe () C:\Windows\KMService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Bitdefender) C:\Program Files\Bitdefender Agent\26.0.1.220\DiscoverySrv.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (ALCPU) C:\Program Files\Core Temp\Core Temp.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.BrowserExtensionHost.exe () C:\Windows\System\GfsMgr64.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Windows\SysWOW64\GfsMgr.exe () C:\Windows\SysWOW64\ExMgr.exe () C:\Program Files\HD Audio PCI-e Audio Device\CPL\FaceLift_x64.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Windows\System\HsMgr64.exe () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (JRiver, Inc.) C:\Program Files\J River\Media Center 24\Media Center 24.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe (Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [GFS64] => C:\Windows\system\GfsMgr64.exe [286720 2013-04-26] () HKLM\...\Run: [GFS] => C:\Windows\syswow64\GfsMgr.exe [204800 2013-04-26] () HKLM\...\Run: [SC808HDEX] => C:\Windows\syswow64\ExMgr.exe [204800 2011-02-26] () HKLM\...\Run: [SC808HDSound] => C:\Program Files\HD Audio PCI-e Audio Device\CPL\FaceLift_x64.exe [2401792 2015-07-28] () HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [CL-26-3B578B44-BAE2-45CF-9360-AFC45FB2656D] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-26-3B578B44-BAE2-45CF-9360-AFC45FB2656D\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-26-3B578B44-BAE2-45CF-9360-AFC45FB (dane wartości zawierają 7 znaków więcej). HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-3750971359-2291300900-3584184018-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe [3345408 2012-08-17] () HKU\S-1-5-21-3750971359-2291300900-3584184018-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5703528 2020-11-20] (Adguard Software Ltd) HKU\S-1-5-21-3750971359-2291300900-3584184018-1001\...\MountPoints2: {dae32736-2132-11ec-98d2-bc5ff448238d} - "J:\HiSuiteDownLoader.exe" IFEO\SppExtComObj.exe: [Debugger] SppExtComObjPatcher.exe ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Brak pliku ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Brak pliku ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Brak pliku Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JRiver Media Center 24.lnk [2020-01-24] ShortcutTarget: JRiver Media Center 24.lnk -> C:\Program Files\J River\Media Center 24\Media Center 24.exe (JRiver, Inc.) Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2022-04-05] ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe (VB-AUDIO Software) GroupPolicyScripts: Ograniczenia <======= UWAGA GroupPolicyScripts\User: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{8090b525-2dd2-4c0d-ae04-22fade6b83cb}: [NameServer] 45.95.11.175,193.37.68.40 Tcpip\..\Interfaces\{8090b525-2dd2-4c0d-ae04-22fade6b83cb}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-3750971359-2291300900-3584184018-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp SearchScopes: HKLM-x32 -> DefaultScope - brak wartości BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) DPF: HKLM-x32 {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} hxxp://utilities.pcpitstop.com/nirvana/controls/pcmatic.cab Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2021-01-08] (Microsoft Corporation) Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2021-01-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\nn9rk9bi.default FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Extension: Brak nazwy - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ottt41rp.default-release-1623336488532\Extensions\simple-translate@sienori.xpi [2021-06-11] FF Extension: Brak nazwy - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ottt41rp.default-release-1623336488532\Extensions\Tab-Session-Manager@sienori.xpi [2021-06-11] FF Extension: Brak nazwy - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ottt41rp.default-release-1623336488532\Extensions\{22b0eca1-8c02-4c0d-a5d7-6604ddd9836e}.xpi [2021-06-11] FF Extension: Brak nazwy - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ottt41rp.default-release-1623336488532\Extensions\{99c277af-d778-4a0b-9faa-b1d8165f0a55}.xpi [2021-06-11] StartMenuInternet: Firefox-308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe Chrome: ======= CHR Session Restore: Default -> - funkcja włączona. CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-24] CHR Extension: (Dokumenty) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-24] CHR Extension: (Dysk Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-24] CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-24] CHR Extension: (Session Buddy) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2020-01-24] CHR Extension: (Asystent przeglądarki AdGuard) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2020-10-14] CHR Extension: (Arkusze) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-24] CHR Extension: (Dodatek Google Analytics Opt-out firmy Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2020-02-25] CHR Extension: (Dokumenty Google offline) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-24] CHR Extension: (Szafir SDK Web) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjalhnomhafafofonpdihihjnbafkipc [2021-10-04] CHR Extension: (Simple Translate) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibplnjkanclpjokhdolnendpplpjiace [2020-01-24] CHR Extension: (Morpheon Dark) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2020-04-21] CHR Extension: (Ghostery – Bloker reklam chroniący prywatność) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-03-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-24] CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-24] CHR HKLM-x32\...\Chrome\Extension: [mlomiejdfkolichcflejclcbmpeaniij] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (Opera Software) - C:\Users\Tom\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-26] OPR Extension: (Opera Software) - C:\Users\Tom\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-26] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [177000 2020-11-20] (Adguard Software Ltd) S4 AppVClient; C:\Windows\system32\AppVClient.exe [826616 2021-01-08] (Microsoft Corporation) S3 ATLOISAService; C:\Windows\system\ATLOISAService.exe [512000 2013-10-26] (Cmedia Electronics Inc.) [Brak podpisu cyfrowego] R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2454632 2022-02-10] (Bitdefender) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-05-20] () S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339968 2022-01-05] (Microsoft Corporation) R2 CDPUserSvc_2c514; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R2 CDPUserSvc_2c514; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) S2 debugregsvc; C:\Windows\System32\debugregsvc.dll [29184 2016-07-15] (Microsoft Corporation) S3 DeveloperToolsService; C:\Windows\System32\DeveloperToolsSvc.exe [104448 2021-01-08] (Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811120 2020-01-26] (Epic Games, Inc) S3 FrameServer; C:\Windows\system32\FrameServer.dll [806912 2021-01-08] (Microsoft Corporation) S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.84\elevation_service.exe [1489240 2022-03-25] (Google LLC) S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2019-10-17] (Microsoft Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-04] (Intel Corporation) R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2020-01-24] () [Brak podpisu cyfrowego] S3 MagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [347576 2021-12-09] (Samsung Electronics Co., Ltd.) S3 Media Center 24 Service; C:\Program Files\J River\Media Center 24\JRService.exe [448912 2018-07-26] (JRiver, Inc.) S3 MessagingService; C:\Windows\System32\MessagingService.dll [52224 2021-01-08] (Microsoft Corporation) S3 MessagingService_2c514; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) S3 MessagingService_2c514; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) R2 OneSyncSvc_2c514; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R2 OneSyncSvc_2c514; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) S3 PimIndexMaintenanceSvc_2c514; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) S3 PimIndexMaintenanceSvc_2c514; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [786536 2022-03-23] (Bitdefender) S3 RmSvc; C:\Windows\System32\RMapi.dll [142848 2021-01-08] (Microsoft Corporation) R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [347576 2021-12-09] (Samsung Electronics Co., Ltd.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2866144 2021-11-02] (Microsoft Corporation) S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [160256 2021-01-08] (Microsoft Corporation) R3 SshBroker; C:\Windows\System32\SshBroker.dll [362496 2020-04-11] (Microsoft Corporation) R3 SshProxy; C:\Windows\System32\SshProxy.dll [275968 2020-04-11] (Microsoft Corporation) S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [287744 2021-01-08] (Microsoft Corporation) R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2018-01-01] (Microsoft Corporation) S4 Transmission; C:\Users\Tom\AppData\Local\Programs\Transmission\transmission-qt.exe [1558232 2022-04-04] (Transmission Project) S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [93696 2021-01-08] (Microsoft Corporation) S4 UevAgentService; C:\Windows\system32\AgentService.exe [1227264 2017-09-15] (Microsoft Corporation) S3 UnistoreSvc_2c514; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) S3 UnistoreSvc_2c514; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) S3 UserDataSvc_2c514; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) S3 UserDataSvc_2c514; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2019-03-06] (Microsoft Corporation) S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2019-03-06] (Microsoft Corporation) S4 WebManagement; C:\Windows\system32\WebManagement.exe [1001472 2021-01-08] (Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-24] (Microsoft Corporation) S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2021-01-08] (Microsoft Corporation) S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2018-10-25] (Microsoft Corporation) S3 WpnUserService_2c514; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) S3 WpnUserService_2c514; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) S2 BDAuxSrv; "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdauxsrv_config.json" [X] S2 BDProtSrv; "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings\services\configs\bdprotsrv_config.json" [X] S2 VSSERV; "C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe" "settings/services/configs/bdshieldsrv_config.json" [X] S3 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe" [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation) R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [93184 2020-04-07] () R3 ALSysIO; C:\Users\Tom\AppData\Local\Temp\ALSysIO64.sys [47240 2022-04-07] (Arthur Liberman) R0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.) S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation) S3 AppvStrm; C:\Windows\system32\drivers\AppvStrm.sys [128248 2021-01-08] (Microsoft Corporation) S3 AppvVemgr; C:\Windows\system32\drivers\AppvVemgr.sys [158480 2021-04-08] (Microsoft Corporation) S3 AppvVfs; C:\Windows\system32\drivers\AppvVfs.sys [141048 2021-01-08] (Microsoft Corporation) S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2020-01-24] (ASRock Incorporation) R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2014-07-30] (ASRock Inc.) R3 AsrVDrive; C:\Windows\system32\DRIVERS\AsrVDrive.sys [24400 2015-02-03] (ASRock Inc.) S0 asstahci64; C:\Windows\System32\drivers\asstahci64.sys [88936 2015-06-17] (Asmedia Technology) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices) S3 AxtuDrv; C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [21768 2020-01-24] (RW-Everything) S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation) S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider) S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications) S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications) R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation) S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R3 FMHdAudAddService; C:\Windows\system32\DRIVERS\SC808HDB64.sys [64000 2014-12-19] (C-Media Electronics Inc.) S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76040 2020-12-03] (Microsoft Corporation) S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation) S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2016-07-16] (Intel(R) Corporation) S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation) S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [176384 2016-07-16] (Intel Corporation) S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation) S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] () R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2017-03-17] (Microsoft Corporation) S3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] () R3 jrvad_service; C:\Windows\system32\drivers\JRiverWDMDriver.sys [47480 2018-07-02] (JRiver, Inc.) R3 mango_dev_ad; C:\Windows\system32\drivers\mango_ad.sys [32768 2015-05-29] (Windows (R) Win 7 DDK provider) S3 mango_dev_usb; C:\Windows\System32\Drivers\mango_usb.sys [24576 2015-05-29] (Windows (R) Win 7 DDK provider) S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2017-03-17] (Avago Technologies) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation) S3 MsSecFlt; C:\Windows\System32\drivers\mssecflt.sys [178960 2021-11-02] (Microsoft Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies) S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88848 2021-10-05] (Microsoft Corporation) S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [124416 2019-06-13] (Microsoft Corporation) R0 secnvme; C:\Windows\System32\drivers\secnvme.sys [134000 2019-09-27] (Samsung Electronics Co., Ltd) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2016-07-16] (Microsoft Corporation) S4 UevAgentDriver; C:\Windows\system32\drivers\UevAgentDriver.sys [40288 2016-07-17] (Microsoft Corporation) S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [23040 2016-07-16] (Microsoft Corporation) R3 VBAudioVMAUXVAIOMME; C:\Windows\system32\DRIVERS\vbaudio_vmauxvaio64_win10.sys [71920 2022-04-03] (Windows (R) Win 7 DDK provider) R3 VBAudioVMVAIOMME; C:\Windows\system32\DRIVERS\vbaudio_vmvaio64_win10.sys [71712 2022-04-03] (Windows (R) Win 7 DDK provider) S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-01-01] (Microsoft Corporation) R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation) R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119552 2021-11-02] (Microsoft Corporation) S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2018-03-06] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45664 2020-01-24] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [355760 2020-01-24] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-24] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation) NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation) NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-04-07 07:13 - 2022-04-07 07:14 - 00028278 _____ C:\Users\Tom\Desktop\FRST.txt 2022-04-07 07:13 - 2015-10-13 15:15 - 02196480 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe 2022-04-07 06:57 - 2022-04-07 06:57 - 00421584 _____ C:\ProgramData\cl.uninstall.1649307360.bdinstall.v2.bin 2022-04-07 00:05 - 2022-04-07 00:05 - 00000000 ____D C:\Users\Tom\AppData\Local\ESET 2022-04-06 23:09 - 2022-04-07 07:00 - 00000000 ____D C:\ProgramData\PCPitstopDat 2022-04-06 23:08 - 2022-04-07 07:00 - 00000000 ____D C:\ProgramData\PCPitstop 2022-04-06 23:08 - 2022-04-07 07:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Pitstop 2022-04-06 22:49 - 2022-04-06 22:49 - 00619140 _____ C:\ProgramData\cl.1649278071.bdinstall.v2.bin 2022-04-06 22:49 - 2022-04-06 22:49 - 00111268 _____ C:\ProgramData\cl.kit.1649278070.bdinstall.v2.bin 2022-04-06 22:49 - 2022-04-06 22:49 - 00003846 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2022-04-06 22:49 - 2022-04-06 22:49 - 00000000 ____D C:\ProgramData\Gemma 2022-04-06 22:49 - 2022-04-06 22:49 - 00000000 ____D C:\ProgramData\Atc 2022-04-06 22:49 - 2022-04-06 22:49 - 00000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4 2022-04-06 22:48 - 2022-04-06 22:48 - 00000000 ____D C:\Windows\system32\elambkup 2022-04-06 22:48 - 2022-04-06 22:48 - 00000000 ____D C:\ProgramData\BDLogging 2022-04-06 22:47 - 2022-04-06 22:47 - 00152748 _____ C:\ProgramData\agent.1649278020.bdinstall.v2.bin 2022-04-06 22:47 - 2022-04-06 22:47 - 00000000 ____D C:\ProgramData\Bitdefender Agent 2022-04-06 22:47 - 2022-04-06 22:47 - 00000000 ____D C:\Program Files\Bitdefender Agent 2022-04-06 22:33 - 2022-04-07 07:13 - 00000000 ____D C:\FRST 2022-04-06 22:25 - 2022-04-06 22:26 - 00003396 _____ C:\Users\Tom\Desktop\Rkill.txt 2022-04-05 07:28 - 2022-04-05 07:28 - 00001140 _____ C:\Users\Tom\Desktop\Revo Uninstaller Pro.lnk 2022-04-04 23:19 - 2015-05-29 09:22 - 00024576 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\mango_usb.sys 2022-04-04 23:19 - 2015-05-29 09:21 - 00032768 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\mango_ad.sys 2022-04-04 23:19 - 2013-06-17 22:34 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll 2022-04-04 08:01 - 2022-04-04 08:01 - 00000000 ____D C:\ProgramData\WavePad 2022-04-03 22:15 - 2022-04-03 22:15 - 00000000 ____D C:\Program Files (x86)\round emerge 2022-04-03 08:31 - 2022-04-07 07:02 - 00042988 _____ C:\Users\Tom\AppData\Roaming\VoiceMeeterBananaDefault.xml 2022-04-03 08:21 - 2022-04-03 08:21 - 00001298 _____ C:\Users\Tom\Desktop\Voicemeeter Banana.LNK 2022-04-03 08:02 - 2022-04-05 08:17 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio 2022-04-03 08:02 - 2022-04-05 08:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio 2022-04-03 08:02 - 2022-04-05 08:17 - 00000000 ____D C:\Program Files\VB 2022-04-03 08:02 - 2022-04-03 08:02 - 00071920 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\vbaudio_vmauxvaio64_win10.sys 2022-04-03 08:01 - 2022-04-05 08:17 - 00000000 ____D C:\Program Files (x86)\VB 2022-04-03 08:01 - 2022-04-03 08:01 - 00071712 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\vbaudio_vmvaio64_win10.sys 2022-04-03 00:04 - 2022-04-06 10:04 - 00000000 ____D C:\Users\Tom\AppData\Roaming\TIDAL 2022-04-03 00:04 - 2022-04-03 00:04 - 00002193 _____ C:\Users\Tom\Desktop\TIDAL.lnk 2022-04-03 00:04 - 2022-04-03 00:04 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TIDAL Music AS 2022-04-03 00:04 - 2022-04-03 00:04 - 00000000 ____D C:\Users\Tom\AppData\Local\TIDAL 2022-04-03 00:04 - 2022-04-03 00:04 - 00000000 ____D C:\Users\Tom\AppData\Local\SquirrelTemp 2022-03-27 00:15 - 2022-04-05 00:27 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Disc-Soft 2022-03-27 00:15 - 2022-03-27 00:15 - 00000000 ____D C:\Users\Tom\AppData\Local\Disc_Soft_Ltd 2022-03-27 00:14 - 2022-04-05 00:27 - 00000000 ____D C:\ProgramData\Disc-Soft 2022-03-26 21:31 - 2022-04-06 22:28 - 00000000 ____D C:\AdwCleaner 2022-03-26 21:19 - 2022-04-07 07:02 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job 2022-03-26 21:05 - 2022-03-26 21:05 - 00000008 _____ C:\ProgramData\ts.dat 2022-03-26 21:05 - 2022-03-26 21:05 - 00000004 _____ C:\ProgramData\lock.dat 2022-03-26 21:05 - 2022-03-26 21:05 - 00000004 _____ C:\ProgramData\lir.bats 2022-03-26 20:58 - 2022-03-26 21:04 - 00000000 _____ C:\Windows\system32\userDns.conf 2022-03-26 20:58 - 2022-03-26 20:58 - 00004236 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1648321092 2022-03-26 20:58 - 2022-03-26 20:58 - 00001397 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2022-03-26 20:58 - 2022-03-26 20:58 - 00000000 ____D C:\Users\Tom\AppData\Local\Opera Software 2022-03-26 20:57 - 2022-03-26 21:06 - 00000000 ____D C:\ProgramData\DiskOptimizer 2022-03-26 20:57 - 2022-03-26 20:57 - 00004146 _____ C:\Windows\System32\Tasks\Ghostery Update Task-S-1-5-21-3750971359-2291300900-3584184018-1001 2022-03-26 20:57 - 2022-03-26 20:57 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Opera Software 2022-03-26 20:57 - 2022-03-26 20:57 - 00000000 ____D C:\Users\Tom\AppData\Local\Package Cache 2022-03-20 20:52 - 2022-03-20 20:52 - 00000772 _____ C:\Users\Tom\Desktop\TaxMachine PITy - pity roczne, e-deklaracje.lnk 2022-03-12 22:09 - 2022-03-14 23:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-04-07 07:14 - 2021-01-11 19:32 - 00000000 ____D C:\ProgramData\Adguard 2022-04-07 07:11 - 2020-01-24 03:44 - 01647884 _____ C:\Windows\system32\PerfStringBackup.INI 2022-04-07 07:11 - 2016-07-17 00:03 - 00570338 _____ C:\Windows\system32\perfh015.dat 2022-04-07 07:11 - 2016-07-17 00:03 - 00111070 _____ C:\Windows\system32\perfc015.dat 2022-04-07 07:06 - 2021-11-30 23:49 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Samsung Magician 2022-04-07 07:06 - 2020-01-26 23:45 - 00000000 ____D C:\Users\Tom\AppData\LocalLow\Mozilla 2022-04-07 07:05 - 2021-01-11 19:32 - 00000000 ____D C:\Program Files (x86)\Adguard 2022-04-07 07:05 - 2020-01-24 03:39 - 00000275 _____ C:\Windows\WindowsUpdate.log 2022-04-07 07:05 - 2020-01-24 03:37 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2022-04-07 07:04 - 2016-07-16 08:04 - 00032768 _____ C:\Windows\system32\config\BBI 2022-04-07 07:02 - 2020-01-24 04:19 - 00071568 _____ C:\Windows\PFRO.log 2022-04-07 07:02 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\sru 2022-04-07 01:29 - 2020-01-24 03:37 - 00000000 ____D C:\Windows\system32\SleepStudy 2022-04-06 22:12 - 2016-07-16 13:47 - 00000000 ___HD C:\Windows\ELAMBKUP 2022-04-06 22:10 - 2020-01-25 23:50 - 00000000 ____D C:\Users\Tom\AppData\Roaming\uTorrent 2022-04-06 21:45 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\NDF 2022-04-05 23:31 - 2021-06-05 18:30 - 00002106 _____ C:\Users\Tom\Desktop\Key.txt 2022-04-05 08:23 - 2020-01-24 18:23 - 00007659 _____ C:\Users\Tom\AppData\Local\Resmon.ResmonCfg 2022-04-05 08:17 - 2020-01-24 03:37 - 00056915 _____ C:\Windows\setupact.log 2022-04-05 07:31 - 2020-01-26 21:51 - 00002200 __RSH C:\ProgramData\ntuser.pol 2022-04-04 21:53 - 2020-01-24 09:39 - 00021288 _____ (RW-Everything) C:\Windows\SysWOW64\Drivers\ArdDrv.sys 2022-04-04 08:01 - 2020-01-24 03:43 - 00000000 ____D C:\ProgramData\Package Cache 2022-04-03 17:42 - 2020-12-15 00:48 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Spotify 2022-04-03 17:40 - 2020-12-15 00:48 - 00000000 ____D C:\Users\Tom\AppData\Local\Spotify 2022-04-02 23:28 - 2020-11-06 01:52 - 00000504 _____ C:\ProgramData\sx.log 2022-03-29 17:34 - 2020-01-26 23:45 - 00000000 ____D C:\ProgramData\Mozilla 2022-03-27 08:55 - 2020-01-24 03:40 - 00000000 ____D C:\Users\Tom 2022-03-27 03:05 - 2020-01-25 23:17 - 00069240 _____ C:\Windows\DirectX.log 2022-03-26 20:29 - 2020-01-24 04:11 - 00000000 ____D C:\Program Files (x86)\Google 2022-03-25 23:30 - 2020-01-24 04:12 - 00002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-03-25 23:30 - 2020-01-24 04:12 - 00002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-03-20 20:52 - 2020-05-18 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TaxMachine PITy 2022-03-16 19:15 - 2021-11-29 10:33 - 00002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-03-16 19:15 - 2021-11-29 10:33 - 00002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk 2022-03-16 19:15 - 2020-01-28 20:09 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2022-03-14 23:42 - 2020-05-05 08:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-03-09 00:52 - 2020-01-24 10:00 - 00000000 ____D C:\Windows\system32\MRT 2022-03-09 00:50 - 2020-01-24 10:00 - 145666720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Pliki w katalogu głównym wybranych folderów ======= 2019-08-05 23:16 - 2020-08-09 21:40 - 0051448 _____ () C:\Program Files (x86)\AutoMapa EU.md5 2022-04-03 08:31 - 2022-04-07 07:02 - 0042988 _____ () C:\Users\Tom\AppData\Roaming\VoiceMeeterBananaDefault.xml 2021-02-10 17:02 - 2021-02-10 17:08 - 0000027 _____ () C:\Users\Tom\AppData\Local\ExeLock.lg 2021-02-10 17:06 - 2021-02-10 17:06 - 0000016 _____ () C:\Users\Tom\AppData\Local\lck 2020-01-24 18:23 - 2022-04-05 08:23 - 0007659 _____ () C:\Users\Tom\AppData\Local\Resmon.ResmonCfg 2022-04-06 22:47 - 2022-04-06 22:47 - 0152748 _____ () C:\ProgramData\agent.1649278020.bdinstall.v2.bin 2022-04-06 22:49 - 2022-04-06 22:49 - 0619140 _____ () C:\ProgramData\cl.1649278071.bdinstall.v2.bin 2022-04-06 22:49 - 2022-04-06 22:49 - 0111268 _____ () C:\ProgramData\cl.kit.1649278070.bdinstall.v2.bin 2022-04-07 06:57 - 2022-04-07 06:57 - 0421584 _____ () C:\ProgramData\cl.uninstall.1649307360.bdinstall.v2.bin 2020-02-11 12:23 - 2020-11-05 09:14 - 0000258 _____ () C:\ProgramData\fontcacheev1.dat 2022-03-26 21:05 - 2022-03-26 21:05 - 0000004 _____ () C:\ProgramData\lir.bats 2022-03-26 21:05 - 2022-03-26 21:05 - 0000004 _____ () C:\ProgramData\lock.dat 2020-11-06 01:52 - 2022-04-02 23:28 - 0000504 _____ () C:\ProgramData\sx.log 2022-03-26 21:05 - 2022-03-26 21:05 - 0000008 _____ () C:\ProgramData\ts.dat 2021-10-25 08:42 - 2021-10-25 08:42 - 0000000 _____ () C:\ProgramData\UpdateLock-8216C80C92C4E828 Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\fontcacheev1.dat C:\ProgramData\lock.dat C:\ProgramData\ts.dat Niektóre pliki w TEMP: ==================== C:\Users\Tom\AppData\Local\Temp\bxsdk64.dll C:\Users\Tom\AppData\Local\Temp\JRMediaUninstall.dll C:\Users\Tom\AppData\Local\Temp\Quarantine.exe C:\Users\Tom\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Tom\AppData\Local\Temp\_is2BB9.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2022-04-03 09:38 ==================== Koniec FRST.txt ============================