Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 04-10-2020 Uruchomiony przez tomas (administrator) DESKTOP-538N23J (HP HP Pavilion Notebook) (09-10-2020 16:09:39) Uruchomiony z C:\Users\tomas\Desktop Załadowane profile: tomas Platform: Windows 10 Home Wersja 1809 17763.1098 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Conexant Systems LLC -> Conexant Systems LLC.) C:\Windows\System32\CxAudioSvc.exe (Conexant Systems LLC -> Synaptics Incorporated.) C:\Windows\System32\SynAudSrv.exe (Gaijin Network LTD -> Gaijin Entertainment) C:\Users\tomas\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <28> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\FileSyncHelper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1805.1201.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\Temp\FE2C345F-BDF1-48E5-A83D-7A19AD42933B\DismHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.1090_none_5715d73398f9ea47\TiWorker.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MpCmdRun.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe (Realtek Semiconductor Corp.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe <3> (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [826912 2018-10-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-02-23] (Realtek Semiconductor Corp. -> Realtek) HKLM-x32\...\Run: [cmsc] => "c:\program files (x86)\cmcm\Clean Master\cmtray.exe" -autorun HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-1851588988-349599955-494294557-1002\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1915752 2020-09-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1851588988-349599955-494294557-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3416352 2020-10-07] (Valve -> Valve Corporation) HKU\S-1-5-21-1851588988-349599955-494294557-1002\...\Run: [Gaijin.Net Updater] => C:\Users\tomas\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2350824 2020-07-16] (Gaijin Network LTD -> Gaijin Entertainment) HKU\S-1-5-21-1851588988-349599955-494294557-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2460536 2020-10-01] (Wargaming.net Limited -> Wargaming.net) HKU\S-1-5-21-1851588988-349599955-494294557-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-24] (Google LLC -> Google LLC) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {091D2637-FBAB-49AC-B925-02E85A0412FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {14194BC6-FDBE-43A7-9EB2-22F3BEDC95CA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {18ABFD16-266A-4BA2-A8C0-031CCE22B1DE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {2405D0B5-64F6-4F9F-BABD-13A4CCDB92D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-07] (Google Inc -> Google Inc.) Task: {24AB3F92-FD3C-464F-B2E5-A1197B66A4D0} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {26D2A65D-B775-48AF-8DC2-254E71BD9F74} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {3CA9D545-F745-4477-A6B3-1D513D9E888F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {419FE118-E770-408F-A944-7D15BD1D7316} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {441F385F-C681-40A2-AE35-A0B5DB713654} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {71E295CF-E9FB-4C0F-AE0E-0FBA13FCB085} - System32\Tasks\SmartGameBooster SkipUAC (tomas) => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\SgbMain.exe Task: {796D07A4-167E-4FBB-B92B-981B21AFF228} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7B2CC712-D963-48B8-AA5C-0450636FEBF9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {82264643-CE7A-429D-A0BA-14AAE658BDD2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {88164B76-CE98-484A-BEE9-46ECC8B580F7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation) Task: {88CDF22C-D865-4B0C-B9D1-FCB5560AF7C7} - System32\Tasks\Game_Booster_AutoUpdate => J:\Game Booster 3\AutoUpdate.exe Task: {98D3114B-45EF-4133-848C-3F0F70DCB78D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {AD6D8CDA-DBA5-4986-BB73-52893A1180D2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AE9335F8-2B73-4575-8A61-B20533D46912} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-07] (Google Inc -> Google Inc.) Task: {C6197E95-FC49-4919-B0F5-A3BA2017437C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2751856 2020-09-07] (Microsoft Corporation -> Microsoft Corporation) Task: {CCE80B65-F2BE-46BF-AF38-9B071494C1A4} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DAA894E6-1882-424C-B176-3A5452837DB9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DD8473DA-72FB-478B-8A30-1DC991E179EF} - System32\Tasks\Express Files Updater => C:\Program Files (x86)\ExpressFiles\EFupdater.exe <==== UWAGA Task: {E4ADD5D7-3433-4F2D-8437-5620FA2015E7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F0362BE4-20B7-4973-B1D6-0641F6D86E56} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b9932c57-23b8-480d-b14a-f20539b7531b}: [DhcpNameServer] 10.0.101.2 10.0.101.3 10.0.101.4 Tcpip\..\Interfaces\{bd787223-c86b-4b48-a7b2-561564177427}: [DhcpNameServer] 192.168.0.1 Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-1851588988-349599955-494294557-1002 -> hxxps://www.x-kom.pl/l/dziekujemy-za-zakupy FireFox: ======== FF DefaultProfile: etnyfyod.default FF ProfilePath: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\etnyfyod.default [2020-05-11] FF Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\etnyfyod.default\Extensions\sp@avast.com.xpi [2019-04-15] FF Extension: (Avast Online Security) - C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\etnyfyod.default\Extensions\wrc@avast.com.xpi [2019-04-15] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2020-01-07] (Adobe Systems Incorporated -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-04-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-04-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-09] (Microsoft Corporation -> Microsoft Corporation) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\local-settings.js [2016-04-04] <==== UWAGA (Linkuje do pliku *.cfg) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\mozilla.cfg [2018-11-02] <==== UWAGA Chrome: ======= CHR Profile: C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default [2020-10-09] CHR HomePage: Default -> hxxp://duckduckgo.pl/ CHR StartupUrls: Default -> "hxxps://www.x-kom.pl/l/dziekujemy-za-zakupy" CHR Extension: (Prezentacje) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-15] CHR Extension: (Dokumenty) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-15] CHR Extension: (Dysk Google) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-15] CHR Extension: (YouTube) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-15] CHR Extension: (Tampermonkey) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-05-22] CHR Extension: (Arkusze) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-15] CHR Extension: (Website IP) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmhlgniedlklkpimlibbaoomlpacmk [2020-04-15] CHR Extension: (Dokumenty Google offline) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-14] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-10-07] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06] CHR Extension: (Gmail) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15] CHR Extension: (Chrome Media Router) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-08] CHR Profile: C:\Users\tomas\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-11] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [669184 2018-03-06] (Realtek Semiconductor Corp.) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\FileSyncHelper.exe [2165608 2020-09-07] (Microsoft Corporation -> Microsoft Corporation) S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2593848 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation) S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\OneDriveUpdaterService.exe [2529128 2020-09-07] (Microsoft Corporation -> Microsoft Corporation) S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [101696 2020-03-11] (ProtonVPN AG -> ) S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [60736 2020-03-11] (ProtonVPN AG -> ) R2 RtkBtAudioServ; C:\Windows\RtkBtAudioServ.exe [215992 2018-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 wpscloudsvr; C:\ProgramData\Kingsoft\office6\wpscloudsvr.exe [1482496 2020-09-13] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 cpuz145; C:\Windows\temp\cpuz145\cpuz145_x64.sys [49968 2020-07-07] (CPUID -> CPUID) S3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [89776 2020-01-22] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation) R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{17E28456-8D9D-4EE9-B005-68960B08ABB0}\MpKslDrv.sys [47328 2020-10-09] (Microsoft Windows -> Microsoft Corporation) S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) R3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [44976 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237824 2020-04-09] (Oracle Corporation -> Oracle Corporation) U5 vsock; C:\Windows\System32\Drivers\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation) S3 WinRing0_1_2_0; J:\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (Noriyuki MIYAZAKI -> OpenLibSys.org) R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2019-11-15] (HP Inc. -> HP) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-10-09 16:09 - 2020-10-09 16:10 - 000023388 _____ C:\Users\tomas\Desktop\FRST.txt 2020-10-09 16:08 - 2020-10-09 16:09 - 000000000 ____D C:\FRST 2020-10-09 16:08 - 2020-10-09 16:08 - 002299392 _____ (Farbar) C:\Users\tomas\Desktop\FRST64.exe 2020-10-09 15:56 - 2020-10-09 15:57 - 000000000 ____D C:\Users\tomas\Desktop\processeexplorer 2020-10-04 06:33 - 2020-10-04 06:33 - 000382238 _____ C:\Users\tomas\Desktop\kto_najlepiej_poznal_mity_zajecia_powtorzeniowe1.pdf 2020-10-03 20:26 - 2020-10-04 15:34 - 000021808 _____ C:\Users\tomas\Desktop\tematy zrealizowane.odt 2020-09-24 07:09 - 2020-09-24 07:09 - 000517592 _____ (AVAST Software) C:\Windows\system32\Drivers\asw16d1605c779f00d6.tmp 2020-09-21 16:51 - 2020-09-21 16:51 - 000326408 _____ (AVAST Software) C:\Windows\system32\Drivers\asw676a1defd735661c.tmp 2020-09-21 16:51 - 2020-09-21 16:50 - 000338528 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2020-09-21 16:50 - 2020-09-21 16:50 - 000851600 _____ (AVAST Software) C:\Windows\system32\Drivers\asw679ccbe2a3e3f55c.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000469880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswc4c61f7b6ccaad9c.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000235584 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0c9ed7c0e3a2983d.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000217328 _____ (AVAST Software) C:\Windows\system32\Drivers\asw58eb14d4b6a2d081.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000206392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswcea3ccd9e19afe5e.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000195648 _____ (AVAST Software) C:\Windows\system32\Drivers\asw80fd8a9f79e8eb2f.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000175192 _____ (AVAST Software) C:\Windows\system32\Drivers\asw576f5403b2bf05ab.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswafe1d71e7a4279a0.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000084848 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1191847f14dada76.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswb66033e39a164a66.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000042768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswc2f1111b41fbf785.tmp 2020-09-21 16:50 - 2020-09-21 16:50 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1ad75cdeb45594d2.tmp 2020-09-13 15:39 - 2020-09-13 15:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-09-13 15:36 - 2020-09-13 15:36 - 000000000 ____D C:\kingsoft 2020-09-13 15:35 - 2020-09-13 15:35 - 000000000 ___HD C:\Users\tomas\Documents\KingsoftData 2020-09-13 15:32 - 2020-09-13 15:33 - 156623896 _____ (Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\tomas\Documents\WPSOffice_11.2.0.9635.exe 2020-09-13 14:10 - 2020-10-04 14:30 - 000000000 ____D C:\Users\tomas\Desktop\Madzia Wilczynska PRACA ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-12-31 13:11 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp 2020-10-09 16:05 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-10-09 15:58 - 2019-04-07 12:14 - 000000000 ____D C:\ProgramData\NVIDIA 2020-10-09 15:57 - 2019-07-09 18:40 - 000000000 ____D C:\Program Files (x86)\Steam 2020-10-09 15:56 - 2019-07-17 16:17 - 000000000 __SHD C:\Users\tomas\IntelGraphicsProfiles 2020-10-09 15:56 - 2019-04-15 17:32 - 000000000 ___RD C:\Users\tomas\OneDrive 2020-10-08 21:16 - 2018-11-05 15:59 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-10-08 20:31 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps 2020-10-08 20:31 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness 2020-10-07 18:18 - 2019-10-06 12:39 - 000007598 _____ C:\Users\tomas\AppData\Local\Resmon.ResmonCfg 2020-10-07 18:16 - 2018-11-05 15:59 - 000000000 ____D C:\Windows\system32\Drivers\wd 2020-10-07 18:05 - 2019-04-15 18:01 - 000000000 ____D C:\ProgramData\AVAST Software 2020-10-07 18:01 - 2018-11-05 16:14 - 001772906 _____ C:\Windows\system32\PerfStringBackup.INI 2020-10-07 18:01 - 2018-09-15 18:43 - 000788516 _____ C:\Windows\system32\perfh015.dat 2020-10-07 18:01 - 2018-09-15 18:43 - 000153760 _____ C:\Windows\system32\perfc015.dat 2020-10-07 18:01 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF 2020-10-07 17:56 - 2018-11-05 15:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-10-07 17:56 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI 2020-10-07 17:55 - 2020-09-07 18:30 - 000002728 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2020-10-07 17:55 - 2020-07-29 14:29 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-10-07 17:55 - 2020-07-29 14:29 - 000003196 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-10-07 17:55 - 2020-07-29 14:29 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-10-07 17:55 - 2020-07-29 14:29 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-10-07 17:55 - 2020-07-29 14:29 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-10-07 17:55 - 2020-07-29 14:29 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-10-07 17:55 - 2020-07-29 14:29 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-10-07 17:55 - 2020-07-29 14:29 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-10-07 17:55 - 2020-07-29 14:28 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-10-07 17:55 - 2020-07-29 14:28 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-10-07 17:55 - 2020-07-07 21:37 - 000002390 _____ C:\Windows\system32\Tasks\SmartGameBooster SkipUAC (tomas) 2020-10-07 17:55 - 2020-07-07 21:36 - 000002382 _____ C:\Windows\system32\Tasks\Game_Booster_AutoUpdate 2020-10-07 17:55 - 2020-05-24 14:40 - 000002358 _____ C:\Windows\system32\Tasks\Express Files Updater 2020-10-07 17:55 - 2019-04-07 12:15 - 000003498 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-10-07 17:55 - 2019-04-07 12:15 - 000003274 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-10-07 17:20 - 2020-04-06 12:03 - 000000000 ____D C:\Users\tomas\AppData\Roaming\.minecraft 2020-10-07 17:14 - 2020-04-06 13:19 - 000000000 ____D C:\Users\tomas\AppData\Roaming\.tlauncher 2020-10-05 19:50 - 2018-11-05 15:59 - 000467664 _____ C:\Windows\system32\FNTCACHE.DAT 2020-10-04 13:01 - 2019-04-15 17:30 - 000000000 ____D C:\Users\tomas\AppData\Local\Packages 2020-10-03 20:02 - 2020-06-01 13:06 - 000000000 ____D C:\Users\tomas\Desktop\Prace 2020-10-01 17:46 - 2020-04-24 21:33 - 000000000 ____D C:\Users\tomas\AppData\Local\WarThunder 2020-09-24 07:10 - 2019-04-07 12:16 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-09-21 16:51 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP 2020-09-13 23:23 - 2019-04-15 17:26 - 000000000 ____D C:\Users\tomas 2020-09-13 15:39 - 2020-01-22 15:42 - 000000000 ____D C:\Users\tomas\AppData\Roaming\kingsoft 2020-09-13 15:35 - 2020-01-22 15:42 - 000000000 ____D C:\ProgramData\Kingsoft 2020-09-12 23:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\LiveKernelReports 2020-09-10 20:16 - 2019-12-24 11:42 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-09-04 04:57 - 2019-09-04 04:57 - 000479232 _____ () C:\Users\tomas\setup.exe 2019-10-06 12:39 - 2020-10-07 18:18 - 000007598 _____ () C:\Users\tomas\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================