Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-04-2020 Uruchomiony przez Mateusz (administrator) ACER (Acer Aspire E5-572G) (10-04-2020 21:10:25) Uruchomiony z C:\Users\Mateusz\Desktop\Programy Załadowane profile: Mateusz (Dostępne profile: Mateusz) Platform: Windows 10 Pro Wersja 1803 17134.1246 (X64) Język: Polski (Polska) Domyślna przeglądarka nie została wykryta! Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18389440 2018-07-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [TeamSpeak 3 Client] => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [15306392 2019-04-17] (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Programy\DAEMON Tools Lite\DTAgent.exe [371304 2019-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [CCleaner Smart Cleaning] => D:\Programy\cc\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [launchOnStartup] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7937608 2019-12-04] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [Dashlane] => C:\Users\Mateusz\AppData\Roaming\Dashlane\Dashlane.exe [321536 2020-03-23] (Dashlane USA, Inc. -> Dashlane, Inc.) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [DashlanePlugin] => C:\Users\Mateusz\AppData\Roaming\Dashlane\DashlanePlugin.exe [342528 2020-03-23] (Dashlane USA, Inc. -> Dashlane, Inc.) HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3 HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28] ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {047CFC9D-EDC6-4799-9619-A15B5F1C4E00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-10] (Microsoft Corporation -> Microsoft Corporation) Task: {08995CAB-363A-4148-8312-8043E4DA5B7E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0F473565-EC3F-485A-A593-35BB36E8209B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {106B7B00-8460-4E3E-A274-EF388F1EC6BD} - System32\Tasks\CCleaner Update => D:\Programy\cc\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd) Task: {1A019906-32ED-45E6-BF3B-4010C9A101F3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-19] (Adobe Inc. -> Adobe) Task: {23B92A1E-5ECA-442E-902B-8648908E0E27} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {47527DA7-DDC0-4711-A674-81BD592EE23B} - System32\Tasks\EPSON L365 Series Update {9DCCC472-7576-4EDA-9C28-374DDA6AB880} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {5759EE6B-E3F6-4047-A233-04D1BDE59266} - System32\Tasks\CCleanerSkipUAC => D:\Programy\cc\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) Task: {62BC8A30-CEDB-412F-98A7-6D9FF811C400} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7A09D7FE-51F6-466E-B9B4-9F0607CCC310} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {830EB5A9-0954-4B37-B892-A5BF74EB46AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8B74AD0E-0A11-49FA-9A8B-A43F45D4396E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-10] (Microsoft Corporation -> Microsoft Corporation) Task: {8B974AF4-EABA-476E-867C-8D1C1CF9DE6E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {8D4C4EC7-E51F-4532-9895-88BEDE140D68} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-19] (Adobe Inc. -> Adobe) Task: {9678026D-916E-4497-8750-E3D7A11A26EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {9FF637F1-AF63-43D8-B8AB-18915473F825} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation) Task: {AE45042A-B353-46E8-815E-0824B615C604} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B38A4BEB-E55C-4EDA-A811-2837A537E8C4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B842E7D4-1AD6-471F-BCE7-31BF897B1C6D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572456 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BB499F47-D340-4C79-841C-F773CF14868F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-10] (Microsoft Corporation -> Microsoft Corporation) Task: {C31830BA-D598-419A-B5DA-F3A601940EC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-10] (Microsoft Corporation -> Microsoft Corporation) Task: {CA9E7554-6B56-4607-BFE2-F55ADB0E2094} - System32\Tasks\EPSON L365 Series Update {73C448CB-6DA0-485F-B256-D3AB586E3EDE} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {CEA63E53-8242-43D4-822A-AE63FDEF1D95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D666941D-4CE3-4651-8117-68EA039365E9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation) Task: {E948729E-F3AE-45A5-B502-50C5E5F8FF7F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EF315C88-4D51-4FB5-BA8C-591D286D617A} - System32\Tasks\EPSON L365 Series Update {2F26BF6D-68A8-4096-A0F1-F81E487795A3} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {F950BDD6-CB6E-4D98-99C0-67B4382C6708} - System32\Tasks\Overwolf Updater Task => D:\Programy\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\EPSON L365 Series Update {2F26BF6D-68A8-4096-A0F1-F81E487795A3}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE:/EXE:{2F26BF6D-68A8-4096-A0F1-F81E487795A3} /F:UpdateWORKGROUP\ACER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON L365 Series Update {73C448CB-6DA0-485F-B256-D3AB586E3EDE}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE:/EXE:{73C448CB-6DA0-485F-B256-D3AB586E3EDE} /F:UpdateWORKGROUP\ACER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON L365 Series Update {9DCCC472-7576-4EDA-9C28-374DDA6AB880}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE:/EXE:{9DCCC472-7576-4EDA-9C28-374DDA6AB880} /F:UpdateWORKGROUP\ACER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.33.1 Tcpip\..\Interfaces\{56fcc7dd-c037-4ad5-97de-803fbe0ea3c0}: [DhcpNameServer] 192.168.33.1 Tcpip\..\Interfaces\{8b66e20c-1942-4b9a-a8e2-33524f922c6d}: [DhcpNameServer] 192.168.33.1 Internet Explorer: ================== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-11] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-11] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-10] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626328 2020-03-30] (Microsoft Corporation -> Microsoft Corporation) S3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1208392 2019-12-04] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2019-12-04] (GOG Sp. z o.o. -> GOG.com) R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [483808 2018-07-15] (ICEpower a/s -> ICEpower a/s) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353760 2019-03-12] (Intel Corporation -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [761088 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [737552 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-08] (Malwarebytes Inc -> Malwarebytes) S3 OverwolfUpdater; D:\Programy\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5098408 2019-09-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [254552 2017-05-13] (Synaptics Incorporated -> Synaptics Incorporated) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-07-02] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [72648 2011-01-05] (Future Technology Devices International Ltd -> FTDI Ltd.) S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [85320 2011-01-05] (Future Technology Devices International Ltd -> FTDI Ltd.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2020-04-08] (Malwarebytes Inc -> Malwarebytes) R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{50A5B6BC-D22C-4E8C-A709-E1275078F265}\MpKslDrv.sys [43232 2020-04-10] (Microsoft Windows -> Microsoft Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_2f1946ae97d3f755\nvlddmkm.sys [20736440 2019-03-11] (NVIDIA Corporation -> NVIDIA Corporation) S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [45152 2018-11-01] (NVIDIA Corporation -> NVIDIA Corporation) S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) S3 optousb; C:\WINDOWS\System32\drivers\optousb.sys [27264 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.) S3 optovcm; C:\WINDOWS\System32\drivers\optovcm.sys [34432 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1139424 2018-08-17] (Realtek Semiconductor Corp. -> Realtek ) R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [865216 2018-03-23] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) S3 Ser2at; C:\WINDOWS\System32\drivers\ser2at64.sys [90112 2013-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.) R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [48992 2019-03-26] (Synaptics Incorporated -> Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) R3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [56920 2017-05-13] (Synaptics Incorporated -> Synaptics Incorporated) S3 t_mouse.sys; C:\WINDOWS\System32\drivers\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-04-10 12:33 - 2020-04-10 12:33 - 000006666 _____ C:\Users\Mateusz\Desktop\eset.txt 2020-04-10 12:04 - 2020-04-10 12:04 - 000000672 _____ C:\Users\Mateusz\Desktop\ESET Online Scanner.lnk 2020-04-10 12:03 - 2020-04-10 12:03 - 000000771 _____ C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2020-04-10 12:03 - 2020-04-10 12:03 - 000000000 ____D C:\Users\Mateusz\AppData\Local\ESET 2020-04-10 12:02 - 2020-04-10 12:04 - 014566496 _____ (ESET spol. s r.o.) C:\Users\Mateusz\Downloads\esetonlinescanner_enu.exe 2020-04-10 11:26 - 2020-04-10 11:26 - 000089670 _____ C:\Users\Mateusz\Documents\bookmarks_10.04.2020.html 2020-04-08 18:11 - 2020-04-08 18:11 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-04-08 18:11 - 2020-04-08 18:11 - 000216544 ____N (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2020-04-08 11:00 - 2020-04-08 11:00 - 000000085 _____ C:\WINDOWS\wininit.ini 2020-04-08 10:06 - 2020-04-08 10:08 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Guild Wars 2 2020-04-08 09:42 - 2020-04-10 21:10 - 000000000 ____D C:\Users\Mateusz\Desktop\Programy 2020-04-08 08:28 - 2020-04-08 08:28 - 000007601 _____ C:\Users\Mateusz\AppData\Local\Resmon.ResmonCfg 2020-04-08 07:07 - 2020-04-08 07:07 - 000000000 ____D C:\Users\Mateusz\AppData\LocalLow\Dashlane 2020-04-08 07:06 - 2020-04-08 07:06 - 000001782 _____ C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane.lnk 2020-04-08 07:05 - 2020-04-08 07:05 - 000000000 ____D C:\Program Files (x86)\Dashlane 2020-04-08 07:03 - 2020-04-08 07:07 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Dashlane 2020-04-08 07:03 - 2020-04-08 07:03 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane 2020-04-08 06:57 - 2020-04-10 12:50 - 000024031 _____ C:\Users\Mateusz\Documents\Hasła w Chrome.csv 2020-04-07 23:36 - 2020-04-07 23:40 - 000300398 _____ C:\TDSSKiller.3.1.0.28_07.04.2020_23.36.28_log.txt 2020-04-07 23:05 - 2020-04-10 21:12 - 000000000 ____D C:\FRST 2020-04-07 23:03 - 2019-03-18 18:13 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200407-230327.backup 2020-04-07 22:56 - 2020-04-07 22:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking 2020-04-07 22:55 - 2020-04-08 11:02 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2020-04-07 22:55 - 2020-04-08 11:00 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2020-04-07 22:53 - 2020-04-08 08:55 - 000000000 ____D C:\AdwCleaner 2020-04-07 15:51 - 2020-04-08 06:51 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Tibia 2020-04-06 09:59 - 2020-04-06 09:59 - 000000660 _____ C:\Users\Mateusz\Documents\1.txt 2020-04-05 08:52 - 2020-04-10 11:33 - 000000000 ____D C:\Users\Mateusz\Desktop\Gry 2020-03-22 12:45 - 2020-04-07 14:30 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Wargaming.net 2020-03-22 12:44 - 2020-04-10 11:33 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net 2020-03-22 12:44 - 2020-03-22 12:44 - 000000000 ____D C:\ProgramData\Wargaming.net 2020-03-19 12:09 - 2020-03-19 12:09 - 000004630 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-03-19 12:09 - 2020-03-19 12:09 - 000004470 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 2020-03-18 18:52 - 2020-03-18 18:52 - 000000000 ___RD C:\Users\Mateusz\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App 2020-03-17 17:50 - 2020-03-17 17:50 - 000000000 ____D C:\Users\Mateusz\AppData\LocalLow\Dead Mage 2020-03-15 14:17 - 2020-04-05 21:40 - 000063482 _____ C:\Users\Mateusz\Documents\Zeszyt1.xlsx 2020-03-14 09:26 - 2020-03-14 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-04-10 21:05 - 2019-03-18 18:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2020-04-10 21:05 - 2015-01-12 15:36 - 000000000 __SHD C:\Users\Mateusz\IntelGraphicsProfiles 2020-04-10 21:04 - 2019-03-18 18:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-04-10 21:04 - 2019-03-18 18:43 - 000000000 ____D C:\ProgramData\NVIDIA 2020-04-10 21:04 - 2019-03-18 18:16 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-04-10 21:04 - 2019-03-18 17:59 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-04-10 20:44 - 2019-03-18 18:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-04-10 12:13 - 2019-03-18 22:09 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\uTorrent 2020-04-10 12:02 - 2019-03-18 19:17 - 000000000 ____D C:\Program Files (x86)\Google 2020-04-10 12:00 - 2019-03-18 18:16 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-04-10 11:33 - 2019-12-22 11:00 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra 2020-04-10 11:33 - 2019-11-09 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3DO 2020-04-10 11:33 - 2019-08-27 20:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Classic 2020-04-10 11:33 - 2019-08-27 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2020-04-10 11:33 - 2019-03-18 18:53 - 000000000 ____D C:\Users\Mateusz 2020-04-10 11:33 - 2018-11-04 09:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView 2020-04-10 11:33 - 2018-10-27 11:04 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navitel Navigator update center 2020-04-10 11:33 - 2018-01-16 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com 2020-04-10 11:33 - 2017-04-08 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GfK 2020-04-10 06:46 - 2019-03-18 22:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-04-09 23:03 - 2020-01-04 23:22 - 000000000 ____D C:\Users\Mateusz\AppData\LocalLow\uTorrent 2020-04-09 22:13 - 2019-03-21 17:44 - 000000000 ____D C:\Users\Mateusz\AppData\Local\BitTorrentHelper 2020-04-09 10:53 - 2019-03-18 18:16 - 000000000 ___HD C:\Program Files\WindowsApps 2020-04-08 10:27 - 2019-03-18 19:20 - 000000000 ____D C:\Users\Mateusz\AppData\Local\D3DSCache 2020-04-08 06:36 - 2019-03-18 19:03 - 001763508 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-04-08 06:36 - 2019-03-18 18:23 - 000783756 _____ C:\WINDOWS\system32\perfh015.dat 2020-04-08 06:36 - 2019-03-18 18:23 - 000151882 _____ C:\WINDOWS\system32\perfc015.dat 2020-04-08 06:36 - 2019-03-18 18:14 - 000000000 ____D C:\WINDOWS\INF 2020-04-07 23:44 - 2019-05-08 19:57 - 000000000 ____D C:\Users\Mateusz\AppData\Local\CrashDumps 2020-04-02 13:25 - 2019-03-18 21:11 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-03-22 12:51 - 2019-11-30 23:30 - 000000000 ____D C:\GAMES 2020-03-22 08:31 - 2019-03-18 19:11 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1306913016-1850766916-1665871449-1001 2020-03-22 08:31 - 2015-08-10 11:07 - 000000000 __RDO C:\Users\Mateusz\OneDrive 2020-03-20 22:42 - 2019-03-18 19:00 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Packages 2020-03-20 11:06 - 2019-03-21 19:22 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-03-20 11:05 - 2018-08-14 16:20 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-03-19 12:09 - 2019-03-21 19:19 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Adobe 2020-03-19 12:09 - 2019-03-18 18:16 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-03-19 12:08 - 2019-03-18 18:16 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-03-17 17:46 - 2019-07-06 18:10 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite 2020-03-17 17:08 - 2019-06-28 08:49 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-03-17 17:01 - 2020-01-28 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-03-14 09:29 - 2019-05-08 19:50 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\TS3Client 2020-03-14 09:29 - 2019-03-18 18:16 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-03-14 09:29 - 2019-03-18 17:59 - 000000000 ____D C:\WINDOWS\Panther ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-04-08 08:28 - 2020-04-08 08:28 - 000007601 _____ () C:\Users\Mateusz\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================