Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 27-12-2021 Uruchomiony przez mmari (administrator) MANIEK (ASUS All Series) (31-12-2021 18:35:46) Uruchomiony z F:\programy\frst Załadowane profile: mmari Platform: Microsoft Windows 11 Pro Wersja 21H2 22000.376 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe <2> (Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DataCardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd. -> ) C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (IP Izmaylov Artem Andreevich -> AIMP DevTeam) C:\Program Files (x86)\AIMP\AIMP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmoi.inf_amd64_0bbf4b02936bf7cd\Display.NvContainer\NVDisplay.Container.exe <2> ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8841472 2016-06-17] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.) HKLM-x32\...\Run: [cmsc] => "c:\program files (x86)\cmcm\Clean Master\cmtray.exe" -autorun (Brak pliku) HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\Run: [DAEMON Tools Lite Automount] => E:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-25] (Disc Soft Ltd -> Disc Soft Ltd) [Brak podpisu cyfrowego] HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5694464 2021-12-18] (Tonec Inc.) [Brak podpisu cyfrowego] HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\Policies\Explorer: [nolowdiskspacechecks] 1 HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\MountPoints2: {d1312cb1-634b-11ec-96a1-40167ea8d5cf} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\MountPoints2: {fab83c82-565c-11ec-966b-40167ea8d5cf} - "G:\AutoRun.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-23] (Google LLC -> Google LLC) AppInit_DLLs-x32: C:\PROGRA~1\COMMON~1\System\symsrv.dll => C:\Program Files\Common Files\System\symsrv.dll [69337 2021-12-31] (Microsoft Corporation) [Brak podpisu cyfrowego] <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0CD32AE4-964D-4DDE-B4E9-401BADD68929} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {24623D97-BAD6-4A3D-8488-A0F765C15418} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4299569C-F43E-49A2-999D-95CC0029A4AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {573F3CBB-F79A-46F3-B836-25BC14D77029} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6088B4B5-2D60-4574-9A99-BC04BB3C4654} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-36516833-2863556059-2971446713-1002 => C:\Users\mmari\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Brak pliku) Task: {9F457556-61E2-42AC-BAAE-0D8783C86B6C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [763255 2021-11-12] (Piriform) [Brak podpisu cyfrowego] Task: {B85C287C-5546-4941-87B8-836169674611} - System32\Tasks\CCleanerSkipUAC - mmari => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {C765C5CA-4948-439D-83A4-54068D587BB9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-36516833-2863556059-2971446713-1002 => C:\Users\mmari\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Brak pliku) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) ProxyServer: [S-1-5-21-36516833-2863556059-2971446713-1001] => hxxp://80.48.119.28:8080 Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{2ac395b0-cfaf-4cbf-92ae-2a1099512eba}: [NameServer] 185.89.185.1 89.108.195.20 Tcpip\..\Interfaces\{edcb4980-0192-4003-8fcd-f74853602ae3}: [NameServer] 9.9.9.9,149.112.112.112 Tcpip\..\Interfaces\{edcb4980-0192-4003-8fcd-f74853602ae3}: [DhcpNameServer] 192.168.0.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA Edge: ======= Edge Profile: C:\Users\mmari\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-31] Edge HKU\S-1-5-21-36516833-2863556059-2971446713-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2021-07-17] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\mmari\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\mmari\AppData\Roaming\IDM\idmmzcc5 [2021-11-23] [Przestarzałe] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Przestarzałe] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> E:\Program Files\java\bin\dtplugin\npDeployJava1.dll [2021-12-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> E:\Program Files\java\bin\plugin2\npjp2.dll [2021-12-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\mmari\AppData\Local\Google\Chrome\User Data\Default [2021-12-31] CHR StartupUrls: Default -> "hxxp://www.google.com","hxxps://www.google.com/","hxxps://www.google.com/" CHR Extension: (Chrome Remote Desktop) - C:\Users\mmari\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-12-12] CHR Extension: (CDA Downloader) - C:\Users\mmari\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjimfkhkcjoadjpldapeomibodflgdpa [2021-11-27] CHR Extension: (Chomikuj.pl) - C:\Users\mmari\AppData\Local\Google\Chrome\User Data\Default\Extensions\mabmeicndgkgfompmmdkijoamfleoadk [2021-11-27] CHR Extension: (IDM Integration Module) - C:\Users\mmari\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-12-29] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\mmari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-27] CHR Extension: (Flash-HTML5 for YouTube™) - C:\Users\mmari\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj [2021-11-27] CHR Profile: C:\Users\mmari\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-24] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-07-17] CHR HKU\S-1-5-21-36516833-2863556059-2971446713-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-07-17] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-07-17] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2021-11-27] (ASUSTeK Computer Inc. -> ) S3 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2021-11-27] (ASUSTeK Computer Inc. -> ) [Brak podpisu cyfrowego] R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe [72536 2021-11-04] (Google LLC -> Google LLC) S3 Disc Soft Lite Bus Service; e:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd -> Disc Soft Ltd) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] (Huawei Technologies Co., Ltd. -> ) S2 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [651856 2013-10-26] (Huawei Technologies Co., Ltd. -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6078536 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmoi.inf_amd64_0bbf4b02936bf7cd\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmoi.inf_amd64_0bbf4b02936bf7cd\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] (ASUSTeK Computer Inc. -> ) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2021-11-23] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2021-11-23] (Disc Soft Ltd -> Disc Soft Ltd) S3 ew_hwusbdev; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 ew_usbenumfilter; C:\Windows\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 Hsp; C:\Windows\System32\drivers\Hsp.sys [110904 2021-11-23] (Microsoft Windows -> Microsoft Corporation) R3 huawei_enumerator; C:\Windows\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2021-11-23] (Martin Malik - REALiX -> REALiX(tm)) S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [124800 2014-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusb_wwanecm; C:\Windows\System32\drivers\ew_wwanecm.sys [379392 2014-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [89776 2021-12-31] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation) R3 MpKslb0da1d83; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{419AA029-1070-461B-BF82-2850B8187160}\MpKslDrv.sys [134376 2021-12-31] (Microsoft Windows -> Microsoft Corporation) S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation) S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X] S0 MBAMSwissArmy; System32\Drivers\mbamswissarmy.sys [X] U0 Partizan; system32\drivers\Partizan.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-12-31 18:35 - 2021-12-31 18:35 - 000000000 ____D C:\FRST 2021-12-31 18:31 - 2021-12-31 18:31 - 000000000 ____D C:\Users\mmari\.dbus-keyrings 2021-12-31 18:30 - 2021-12-31 18:32 - 000000000 ____D C:\Program Files (x86)\BleachBit 2021-12-30 15:21 - 2021-12-31 18:33 - 000000000 ____D C:\Program Files\CCleaner 2021-12-30 15:21 - 2021-12-30 15:21 - 000002886 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - mmari 2021-12-30 15:21 - 2021-12-30 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-12-24 04:23 - 2021-12-24 04:23 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KMPlayer 64X 2021-12-24 04:22 - 2021-12-24 04:23 - 000000000 ____D C:\Program Files\KMPlayer 64X 2021-12-24 02:55 - 2021-12-30 15:22 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update 2021-12-24 02:33 - 2021-12-30 15:18 - 000000000 ____D C:\Users\mmari\AppData\Local\UnHackMe 2021-12-24 02:32 - 2021-12-31 15:59 - 000000000 ____D C:\Program Files (x86)\UnHackMe 2021-12-24 02:32 - 2021-11-09 12:57 - 000015440 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys 2021-12-24 02:32 - 2015-12-28 11:32 - 000049968 _____ (Greatis Software) C:\Windows\system32\partizan.exe 2021-12-24 00:49 - 2021-12-24 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III 2021-12-24 00:41 - 2021-12-24 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA18 2021-12-24 00:04 - 2021-12-24 00:04 - 000000000 ____D C:\Users\mmari\OneDrive\Dokumenty\Battlefield 1 2021-12-24 00:02 - 2021-12-24 00:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab 2021-12-23 23:46 - 2021-12-23 23:46 - 000000000 ____D C:\Users\mmari\AppData\Local\SKIDROW 2021-12-23 00:50 - 2021-12-23 00:50 - 000000000 ____D C:\Windows\SysWOW64\RelevantKnowledge Setup 2021-12-22 18:31 - 2021-12-22 18:31 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2021-12-18 07:21 - 2021-12-18 07:27 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Wise Memory Optimzer 2021-12-18 07:21 - 2021-12-18 07:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer 2021-12-18 07:21 - 2021-12-18 07:21 - 000000000 ____D C:\Program Files (x86)\Wise 2021-12-18 07:12 - 2021-12-18 07:12 - 000000193 _____ C:\Windows\WORDPAD.INI 2021-12-18 07:11 - 2021-12-18 07:11 - 000000000 ____D C:\Users\mmari\AppData\LocalLow\Temp 2021-12-18 00:17 - 2021-12-18 00:17 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net 2021-12-16 13:18 - 2021-12-16 13:18 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin Core 2021-12-16 13:08 - 2021-12-16 13:08 - 000000000 ____D C:\Users\mmari\AppData\Local\Yandex 2021-12-15 20:54 - 2021-12-15 20:54 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Need for Speed - The Run_Uninstall 2021-12-15 20:18 - 2021-12-15 20:18 - 000000000 ____D C:\Users\mmari\OneDrive\Dokumenty\NFSTR 2021-12-15 03:08 - 2021-12-15 03:08 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-36516833-2863556059-2971446713-1002 2021-12-15 03:08 - 2021-12-15 03:08 - 000003356 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-36516833-2863556059-2971446713-1002 2021-12-15 03:05 - 2021-12-15 03:05 - 000015000 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-12-15 03:03 - 2021-12-15 03:04 - 000000000 ___HD C:\$WinREAgent 2021-12-12 14:30 - 2021-12-31 17:43 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome 2021-12-12 14:20 - 2021-12-12 14:20 - 000000000 ____D C:\ProgramData\Google 2021-12-07 03:43 - 2021-12-07 03:44 - 000000000 ____D C:\Users\mmari\AppData\Local\CyberGhost 2021-12-06 10:08 - 2021-12-06 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader 2021-12-06 10:08 - 2021-12-06 10:08 - 000000000 ____D C:\Program Files\MegaDownloader 2021-12-06 07:59 - 2014-06-12 07:22 - 000124800 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys 2021-12-06 07:59 - 2014-05-05 14:26 - 000379392 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys 2021-12-06 07:58 - 2021-12-18 07:29 - 000000000 ____D C:\ProgramData\DataCardService 2021-12-06 07:58 - 2021-12-06 07:58 - 000000000 ____D C:\ProgramData\PLAY ONLINE 2021-12-06 07:58 - 2021-12-06 07:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PLAY ONLINE 2021-12-06 07:58 - 2013-11-30 10:11 - 000246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2021-12-06 07:58 - 2013-11-30 10:10 - 000110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2021-12-06 07:58 - 2013-11-30 10:10 - 000091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2021-12-06 07:58 - 2013-11-30 10:10 - 000077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2021-12-06 07:58 - 2013-11-30 10:10 - 000030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2021-12-06 07:58 - 2013-11-30 10:01 - 000456704 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2021-12-06 07:58 - 2013-11-30 09:55 - 000226176 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2021-12-06 07:58 - 2013-01-25 02:16 - 000109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2021-12-06 07:58 - 2012-12-22 02:46 - 000014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2021-12-06 07:58 - 2010-10-08 09:59 - 000032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2021-12-06 07:58 - 2010-09-26 11:09 - 000022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2021-12-06 07:57 - 2021-12-06 07:58 - 000000000 ____D C:\Program Files (x86)\PLAY ONLINE 2021-12-06 05:54 - 2021-12-06 05:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 15 2021-12-06 05:09 - 2016-08-10 09:43 - 000456704 _____ (FragSoft) C:\Windows\system32\ISDone.dll 2021-12-06 04:56 - 2021-12-06 05:12 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Winamp 2021-12-06 03:11 - 2021-12-06 03:15 - 000001429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2021-12-06 03:11 - 2021-12-06 03:11 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Visual Studio Setup 2021-12-06 03:11 - 2021-12-06 03:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2021-12-06 03:10 - 2021-12-06 03:10 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio 2021-12-06 02:51 - 2021-12-06 02:51 - 000164696 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2021-12-06 02:51 - 2021-12-06 02:51 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Sun 2021-12-06 02:51 - 2021-12-06 02:51 - 000000000 ____D C:\ProgramData\Oracle 2021-12-06 02:51 - 2021-12-06 02:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2021-12-06 02:50 - 2021-12-06 02:50 - 000000000 ____D C:\Users\mmari\AppData\LocalLow\Oracle 2021-12-06 02:29 - 2021-12-06 02:29 - 001207319 _____ C:\Windows\unins000.exe 2021-12-06 02:29 - 2021-12-06 02:29 - 000010714 _____ C:\Windows\unins000.dat 2021-12-06 02:29 - 2021-12-06 02:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2021-12-06 02:29 - 2021-12-06 02:29 - 000000000 ____D C:\Program Files\Microsoft Silverlight 2021-12-06 02:29 - 2021-12-06 02:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2021-12-06 02:29 - 2017-04-01 20:44 - 003450616 _____ (Red Hat) C:\Windows\system32\cygwin1.dll 2021-12-06 02:29 - 2017-01-26 07:25 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll 2021-12-06 02:29 - 2017-01-26 07:25 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll 2021-12-06 02:29 - 2017-01-26 07:25 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libssl32.dll 2021-12-06 02:29 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll 2021-12-06 02:29 - 2014-01-31 03:14 - 001055676 _____ (Free Software Foundation) C:\Windows\system32\libiconv2.dll 2021-12-06 02:29 - 2014-01-25 14:30 - 000131072 _____ (Sereby Corporation) C:\Windows\system32\AiORuntimes.dll 2021-12-06 02:29 - 2012-06-14 15:36 - 000107520 _____ C:\Windows\system32\zlib1.dll 2021-12-06 02:29 - 2012-04-03 17:11 - 000138752 _____ C:\Windows\system32\libpng15.dll 2021-12-06 02:29 - 2011-10-12 04:09 - 004033440 _____ (Intel Corporation) C:\Windows\system32\libmmd.dll 2021-12-06 02:29 - 2011-01-12 14:36 - 001054208 _____ (Microsoft Corporation) C:\Windows\system32\mfc71u.dll 2021-12-06 02:29 - 2011-01-12 14:25 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\mfc71DEU.dll 2021-12-06 02:29 - 2011-01-12 14:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ITA.dll 2021-12-06 02:29 - 2011-01-12 14:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71FRA.dll 2021-12-06 02:29 - 2011-01-12 14:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ESP.dll 2021-12-06 02:29 - 2011-01-12 14:25 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ENU.dll 2021-12-06 02:29 - 2011-01-12 14:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71KOR.dll 2021-12-06 02:29 - 2011-01-12 14:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71JPN.dll 2021-12-06 02:29 - 2011-01-12 14:25 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc71CHT.dll 2021-12-06 02:29 - 2011-01-12 14:25 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc71CHS.dll 2021-12-06 02:29 - 2011-01-12 14:19 - 001060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll 2021-12-06 02:29 - 2011-01-12 13:53 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\atl71.dll 2021-12-06 02:29 - 2008-08-26 07:40 - 000162304 _____ C:\Windows\system32\libpng13.dll 2021-12-06 02:29 - 2007-02-01 23:13 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll 2021-12-06 02:29 - 2007-02-01 20:11 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll 2021-12-06 02:29 - 2007-01-30 23:04 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll 2021-12-06 02:29 - 2006-08-26 01:28 - 001017344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70u.dll 2021-12-06 02:29 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ITA.dll 2021-12-06 02:29 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70FRA.dll 2021-12-06 02:29 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ESP.dll 2021-12-06 02:29 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70DEU.dll 2021-12-06 02:29 - 2006-08-26 01:15 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ENU.dll 2021-12-06 02:29 - 2006-08-26 01:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70KOR.dll 2021-12-06 02:29 - 2006-08-26 01:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70JPN.dll 2021-12-06 02:29 - 2006-08-26 01:15 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc70CHT.dll 2021-12-06 02:29 - 2006-08-26 01:15 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc70CHS.dll 2021-12-06 02:29 - 2006-08-26 01:07 - 001024000 _____ (Microsoft Corporation) C:\Windows\system32\mfc70.dll 2021-12-06 02:29 - 2006-08-26 00:17 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\atl70.dll 2021-12-06 02:29 - 2005-05-06 14:52 - 000103424 _____ (GNU ) C:\Windows\system32\libintl3.dll 2021-12-06 02:29 - 2005-01-20 20:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\msvci70.dll 2021-12-06 02:29 - 2002-01-05 06:40 - 000487424 _____ (Microsoft Corporation) C:\Windows\system32\msvcp70.dll 2021-12-06 02:29 - 1996-01-12 04:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\system32\vb40032.dll 2021-12-06 01:19 - 2021-12-06 01:19 - 000000000 ____D C:\Users\mmari\AppData\LocalLow\Sun 2021-12-03 13:30 - 2021-12-03 13:30 - 000000000 ____D C:\Users\mmari\AppData\Roaming\kcleaner ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-12-31 18:35 - 2021-11-23 15:22 - 000000000 ____D C:\Users\mmari\AppData\Roaming\AIMP 2021-12-31 18:33 - 2021-06-05 13:09 - 000000000 ____D C:\Windows\INF 2021-12-31 18:32 - 2021-11-23 21:29 - 000132832 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi_ev.sys 2021-12-31 18:32 - 2021-11-23 21:29 - 000124592 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys 2021-12-31 18:32 - 2021-11-23 21:29 - 000089776 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64_ev.sys 2021-12-31 18:32 - 2021-11-23 21:29 - 000089776 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64.sys 2021-12-31 18:32 - 2021-11-23 21:29 - 000081584 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64_del.sys 2021-12-31 18:31 - 2021-11-23 18:55 - 000000000 ____D C:\Users\mmari\AppData\Roaming\DMCache 2021-12-31 18:31 - 2021-11-23 15:05 - 000000000 ____D C:\Users\mmari 2021-12-31 18:22 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\SystemTemp 2021-12-31 17:31 - 2021-11-23 18:47 - 000000000 ____D C:\Users\mmari\OneDrive\Dokumenty\FIFA 18 2021-12-31 17:28 - 2021-11-23 15:07 - 000000000 ____D C:\Users\mmari\AppData\Local\D3DSCache 2021-12-31 17:22 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\system32\NDF 2021-12-31 17:21 - 2021-11-23 15:01 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-12-31 17:17 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-12-31 17:02 - 2021-11-23 15:08 - 001794264 _____ C:\Windows\system32\PerfStringBackup.INI 2021-12-31 17:02 - 2021-06-05 18:35 - 000796720 _____ C:\Windows\system32\perfh015.dat 2021-12-31 17:02 - 2021-06-05 18:35 - 000157826 _____ C:\Windows\system32\perfc015.dat 2021-12-31 16:55 - 2021-11-23 15:34 - 000000000 ____D C:\ProgramData\NVIDIA 2021-12-31 16:55 - 2021-11-23 15:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-12-31 16:54 - 2021-06-05 13:01 - 000524288 _____ C:\Windows\system32\config\BBI 2021-12-31 16:52 - 2021-06-05 13:10 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-12-31 16:45 - 2021-11-27 03:21 - 000000266 __RSH C:\ProgramData\ntuser.pol 2021-12-31 16:45 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files\Common Files\System 2021-12-30 15:22 - 2021-11-23 18:55 - 000000000 ____D C:\Users\mmari\AppData\Roaming\IDM 2021-12-30 14:54 - 2021-11-26 02:56 - 000000000 ____D C:\Users\mmari\AppData\Roaming\qBittorrent 2021-12-28 19:14 - 2021-11-23 21:21 - 000000000 ____D C:\Program Files (x86)\GPU-Z 2021-12-24 05:18 - 2021-11-23 18:20 - 000000000 ____D C:\Users\mmari\AppData\Roaming\DAEMON Tools Lite 2021-12-24 04:56 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\Help 2021-12-24 04:37 - 2021-11-26 14:16 - 000000000 ____D C:\Program Files (x86)\IObit 2021-12-24 04:37 - 2021-11-23 15:37 - 000000000 ____D C:\ProgramData\IObit 2021-12-24 02:56 - 2021-11-27 04:31 - 000001144 _____ C:\Windows\SysWOW64\PARTIZAN.TXT 2021-12-24 02:56 - 2021-11-23 18:55 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager 2021-12-24 02:02 - 2021-11-29 02:21 - 000000000 ____D C:\Users\mmari\AppData\Local\CrashDumps 2021-12-24 01:59 - 2021-11-23 15:24 - 000000000 ____D C:\ProgramData\Package Cache 2021-12-24 01:00 - 2021-11-23 20:44 - 000000000 ____D C:\Users\mmari\OneDrive\Dokumenty\gothic3 2021-12-24 00:49 - 2021-11-23 15:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2021-12-24 00:02 - 2021-11-23 16:01 - 000000000 ____D C:\Windows\SysWOW64\directx 2021-12-23 19:22 - 2021-11-29 11:39 - 000012288 ___SH C:\DumpStack.log.tmp 2021-12-22 13:42 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\AppReadiness 2021-12-18 21:17 - 2021-11-23 18:55 - 000000000 ____D C:\Users\mmari\Downloads\Compressed 2021-12-18 06:33 - 2021-11-23 18:59 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2021-12-18 00:17 - 2021-11-26 00:56 - 000000000 ____D C:\Users\mmari\AppData\Roaming\Wargaming.net 2021-12-17 23:25 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps 2021-12-16 12:37 - 2021-11-23 15:01 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-12-15 20:54 - 2021-11-26 03:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2021-12-15 03:11 - 2021-11-23 15:07 - 000000000 ____D C:\Users\mmari\AppData\Local\Packages 2021-12-15 03:10 - 2021-06-05 13:10 - 000000000 ___RD C:\Windows\PrintDialog 2021-12-15 03:08 - 2021-11-23 15:07 - 000000000 ____D C:\ProgramData\Packages 2021-12-15 03:07 - 2021-11-23 15:07 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-12-15 03:07 - 2021-06-05 13:10 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-12-15 03:06 - 2021-10-29 08:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-12-15 03:06 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\SystemResources 2021-12-15 03:06 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\system32\setup 2021-12-15 03:06 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\system32\oobe 2021-12-15 03:06 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\bcastdvr 2021-12-15 03:06 - 2021-06-05 13:01 - 000000000 ____D C:\Windows\CbsTemp 2021-12-15 03:02 - 2021-11-23 20:49 - 000000000 ____D C:\Windows\system32\MRT 2021-12-15 03:01 - 2021-11-23 20:49 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-12-12 14:19 - 2021-11-23 15:55 - 000000000 ____D C:\Program Files (x86)\Google 2021-12-06 09:35 - 2021-11-23 18:21 - 000000000 ____D C:\Users\mmari\AppData\Local\MegaDownloader 2021-12-06 02:29 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\System 2021-12-06 01:14 - 2021-11-23 15:09 - 000000000 ____D C:\Users\mmari\AppData\Local\VirtualStore 2021-12-03 13:47 - 2021-11-23 15:22 - 000000000 ____D C:\Program Files (x86)\AIMP ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-11-29 11:09 - 2021-11-29 11:09 - 000000017 _____ () C:\Users\mmari\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================