Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-04-2020 Uruchomiony przez Mateusz (administrator) ACER (Acer Aspire E5-572G) (07-04-2020 23:07:11) Uruchomiony z C:\Users\Mateusz\Desktop Załadowane profile: Mateusz (Dostępne profile: Mateusz) Platform: Windows 10 Pro Wersja 1803 17134.1246 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) D:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) D:\Programy\DAEMON Tools Lite\DTShellHlp.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18389440 2018-07-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [TeamSpeak 3 Client] => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [15306392 2019-04-17] (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [ProductAuthenticationService] => C:\Users\Mateusz\AppData\Roaming\ProductAuthenticationService\pas.exe [1003024 2019-06-28] (DVJ LIMITED -> DVJ LIMITED) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Programy\DAEMON Tools Lite\DTAgent.exe [371304 2019-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [CCleaner Smart Cleaning] => D:\Programy\cc\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\Run: [launchOnStartup] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7937608 2019-12-04] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001\...\MountPoints2: {a700a1e4-22a5-11ea-af0d-3010b390232d} - "I:\setup.exe" HKU\S-1-5-21-1306913016-1850766916-1665871449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04072020225207137\...\Run: [TeamSpeak 3 Client] => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [15306392 2019-04-17] (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04072020225207137\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04072020225207137\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04072020225207137\...\Run: [ProductAuthenticationService] => C:\Users\Mateusz\AppData\Roaming\ProductAuthenticationService\pas.exe [1003024 2019-06-28] (DVJ LIMITED -> DVJ LIMITED) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04072020225207137\...\Run: [DAEMON Tools Lite Automount] => D:\Programy\DAEMON Tools Lite\DTAgent.exe [371304 2019-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04072020225207137\...\Run: [CCleaner Smart Cleaning] => D:\Programy\cc\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04072020225207137\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04072020225207137\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-1306913016-1850766916-1665871449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04072020225207137\...\Run: [launchOnStartup] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7937608 2019-12-04] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-1306913016-1850766916-1665871449-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04072020225207137\...\MountPoints2: {a700a1e4-22a5-11ea-af0d-3010b390232d} - "I:\setup.exe" HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3 HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC) BootExecute: autocheck autochk * sdnclean64.exe ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {08995CAB-363A-4148-8312-8043E4DA5B7E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0CD33AB7-EABB-4375-9E6C-D8A138875D84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.) Task: {0F473565-EC3F-485A-A593-35BB36E8209B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {106B7B00-8460-4E3E-A274-EF388F1EC6BD} - System32\Tasks\CCleaner Update => D:\Programy\cc\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd) Task: {1A019906-32ED-45E6-BF3B-4010C9A101F3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-19] (Adobe Inc. -> Adobe) Task: {23B92A1E-5ECA-442E-902B-8648908E0E27} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3CF1D441-9E3B-432A-89A4-14C51584D99C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {47527DA7-DDC0-4711-A674-81BD592EE23B} - System32\Tasks\EPSON L365 Series Update {9DCCC472-7576-4EDA-9C28-374DDA6AB880} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {571E5C99-C6D5-4DBD-9046-75EBF482E253} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.) Task: {5759EE6B-E3F6-4047-A233-04D1BDE59266} - System32\Tasks\CCleanerSkipUAC => D:\Programy\cc\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) Task: {59BCD3DE-72C2-406C-87DC-DE19D629C85F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4369824 2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Task: {5FE03CC9-8BC4-4A38-93CB-AB227360FDF1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4369824 2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Task: {62BC8A30-CEDB-412F-98A7-6D9FF811C400} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {68EBBE83-2260-4FED-A0EE-98F88EDEC7B5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {7A09D7FE-51F6-466E-B9B4-9F0607CCC310} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {82DEEE20-8B27-48FC-BDD7-05990E555EA2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {830EB5A9-0954-4B37-B892-A5BF74EB46AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8B974AF4-EABA-476E-867C-8D1C1CF9DE6E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {8D4C4EC7-E51F-4532-9895-88BEDE140D68} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-19] (Adobe Inc. -> Adobe) Task: {9678026D-916E-4497-8750-E3D7A11A26EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {AE45042A-B353-46E8-815E-0824B615C604} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B38A4BEB-E55C-4EDA-A811-2837A537E8C4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B842E7D4-1AD6-471F-BCE7-31BF897B1C6D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572456 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BEA8DF2F-6794-4787-A444-468CBA38DF93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {C698C591-5203-4FED-B8CC-47C86C42775E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {CA9E7554-6B56-4607-BFE2-F55ADB0E2094} - System32\Tasks\EPSON L365 Series Update {73C448CB-6DA0-485F-B256-D3AB586E3EDE} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {CEA63E53-8242-43D4-822A-AE63FDEF1D95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E5C7C34D-7DD8-4402-9034-5EE77CEFE85B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {E948729E-F3AE-45A5-B502-50C5E5F8FF7F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EB41DD63-691B-480E-8298-263DA29AF7E0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {EF315C88-4D51-4FB5-BA8C-591D286D617A} - System32\Tasks\EPSON L365 Series Update {2F26BF6D-68A8-4096-A0F1-F81E487795A3} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {F950BDD6-CB6E-4D98-99C0-67B4382C6708} - System32\Tasks\Overwolf Updater Task => D:\Programy\Overwolf\OverwolfUpdater.exe [2440520 2020-01-16] (Overwolf Ltd -> Overwolf LTD) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\EPSON L365 Series Update {2F26BF6D-68A8-4096-A0F1-F81E487795A3}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE:/EXE:{2F26BF6D-68A8-4096-A0F1-F81E487795A3} /F:UpdateWORKGROUP\ACER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON L365 Series Update {73C448CB-6DA0-485F-B256-D3AB586E3EDE}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE:/EXE:{73C448CB-6DA0-485F-B256-D3AB586E3EDE} /F:UpdateWORKGROUP\ACER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON L365 Series Update {9DCCC472-7576-4EDA-9C28-374DDA6AB880}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE:/EXE:{9DCCC472-7576-4EDA-9C28-374DDA6AB880} /F:UpdateWORKGROUP\ACER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.33.1 Tcpip\..\Interfaces\{56fcc7dd-c037-4ad5-97de-803fbe0ea3c0}: [DhcpNameServer] 192.168.33.1 Tcpip\..\Interfaces\{8b66e20c-1942-4b9a-a8e2-33524f922c6d}: [DhcpNameServer] 192.168.33.1 Internet Explorer: ================== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-11] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-11] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-08] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default [2020-04-07] CHR Notifications: Default -> hxxps://do.centrum24.pl CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYrVZt9IZ6VMb9dSyS-pNWJIo55Z3ZlC_AlhLIlBXKYjoBuYfOZykhbjJ8UwNEALzxRqZL2jcRlvtV0OjRR0F1o-PKOi5u8ftx5JZ3By8vkbwaElRZJa7Ytgjr9AMqn_kL8NjYLNTzcDnAD64Ua9S2PQ3h0Sw,, CHR StartupUrls: Default -> "hxxps://www.google.pl/" CHR Extension: (Prezentacje) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18] CHR Extension: (Dysk Google) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-18] CHR Extension: (Arkusze) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18] CHR Extension: (Dokumenty Google offline) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06] CHR Extension: (Gmail) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02] CHR Extension: (Chrome Media Router) - C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2020-04-07] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation) R3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1208392 2019-12-04] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2019-12-04] (GOG Sp. z o.o. -> GOG.com) R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [483808 2018-07-15] (ICEpower a/s -> ICEpower a/s) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353760 2019-03-12] (Intel Corporation -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [761088 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [737552 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-08] (Malwarebytes Inc -> Malwarebytes) S3 OverwolfUpdater; D:\Programy\Overwolf\OverwolfUpdater.exe [2440520 2020-01-16] (Overwolf Ltd -> Overwolf LTD) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5098408 2019-09-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [254552 2017-05-13] (Synaptics Incorporated -> Synaptics Incorporated) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-07-02] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [72648 2011-01-05] (Future Technology Devices International Ltd -> FTDI Ltd.) S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [85320 2011-01-05] (Future Technology Devices International Ltd -> FTDI Ltd.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2020-04-07] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2020-04-07] (Malwarebytes Inc -> Malwarebytes) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_2f1946ae97d3f755\nvlddmkm.sys [20736440 2019-03-11] (NVIDIA Corporation -> NVIDIA Corporation) S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [45152 2018-11-01] (NVIDIA Corporation -> NVIDIA Corporation) S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation) S3 optousb; C:\WINDOWS\System32\drivers\optousb.sys [27264 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.) S3 optovcm; C:\WINDOWS\System32\drivers\optovcm.sys [34432 2013-03-11] (Microsoft Windows Hardware Compatibility Publisher -> OPTO ELECTRONICS CO.,LTD.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1139424 2018-08-17] (Realtek Semiconductor Corp. -> Realtek ) R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [865216 2018-03-23] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) S3 Ser2at; C:\WINDOWS\System32\drivers\ser2at64.sys [90112 2013-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.) R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [48992 2019-03-26] (Synaptics Incorporated -> Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) R3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [56920 2017-05-13] (Synaptics Incorporated -> Synaptics Incorporated) S3 t_mouse.sys; C:\WINDOWS\System32\drivers\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-04-07 23:07 - 2020-04-07 23:13 - 000033376 _____ C:\Users\Mateusz\Desktop\FRST.txt 2020-04-07 23:05 - 2020-04-07 23:11 - 000000000 ____D C:\FRST 2020-04-07 23:05 - 2020-04-07 23:05 - 002281472 _____ (Farbar) C:\Users\Mateusz\Desktop\FRST64.exe 2020-04-07 23:03 - 2019-03-18 18:13 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200407-230327.backup 2020-04-07 22:56 - 2020-04-07 22:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking 2020-04-07 22:55 - 2020-04-07 23:06 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2020-04-07 22:55 - 2020-04-07 22:58 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2020-04-07 22:55 - 2020-04-07 22:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2020-04-07 22:55 - 2020-04-07 22:55 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2020-04-07 22:55 - 2020-04-07 22:55 - 000001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2020-04-07 22:55 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe 2020-04-07 22:53 - 2020-04-07 22:53 - 000000000 ____D C:\AdwCleaner 2020-04-07 22:52 - 2020-04-07 22:52 - 008196784 _____ (Malwarebytes) C:\Users\Mateusz\Desktop\adwcleaner_8.0.4.exe 2020-04-07 22:50 - 2020-04-07 22:51 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\Mateusz\Desktop\spybotsd-2.7.64.0.exe 2020-04-07 15:53 - 2020-04-07 15:53 - 000000000 ____D C:\Users\Mateusz\AppData\Local\BattlEye 2020-04-07 15:51 - 2020-04-07 15:54 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Tibia 2020-04-06 09:59 - 2020-04-06 09:59 - 000000660 _____ C:\Users\Mateusz\Documents\1.txt 2020-04-05 08:52 - 2020-04-07 16:28 - 000000000 ____D C:\Users\Mateusz\Desktop\Gry 2020-03-22 12:45 - 2020-04-07 14:30 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Wargaming.net 2020-03-22 12:44 - 2020-04-07 14:29 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net 2020-03-22 12:44 - 2020-03-22 12:44 - 000000000 ____D C:\ProgramData\Wargaming.net 2020-03-19 12:09 - 2020-03-19 12:09 - 000004630 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-03-19 12:09 - 2020-03-19 12:09 - 000004470 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 2020-03-18 18:52 - 2020-03-18 18:52 - 000000000 ___RD C:\Users\Mateusz\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App 2020-03-17 17:50 - 2020-03-17 17:50 - 000000000 ____D C:\Users\Mateusz\AppData\LocalLow\Dead Mage 2020-03-15 14:17 - 2020-04-05 21:40 - 000063482 _____ C:\Users\Mateusz\Documents\Zeszyt1.xlsx 2020-03-14 09:26 - 2020-03-14 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-04-07 22:31 - 2020-01-08 16:42 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-04-07 22:31 - 2020-01-08 16:42 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2020-04-07 22:18 - 2019-03-18 18:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-04-07 22:18 - 2019-03-18 18:16 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-04-07 18:58 - 2020-01-04 23:22 - 000000000 ____D C:\Users\Mateusz\AppData\LocalLow\uTorrent 2020-04-07 18:58 - 2019-03-18 22:09 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\uTorrent 2020-04-07 18:55 - 2019-03-21 17:44 - 000000000 ____D C:\Users\Mateusz\AppData\Local\BitTorrentHelper 2020-04-07 15:52 - 2019-05-08 19:57 - 000000000 ____D C:\Users\Mateusz\AppData\Local\CrashDumps 2020-04-07 15:51 - 2018-03-01 17:44 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tibia 2020-04-07 07:03 - 2019-03-18 19:18 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-04-07 06:29 - 2019-03-18 18:16 - 000000000 ___HD C:\Program Files\WindowsApps 2020-04-07 06:29 - 2019-03-18 18:16 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-04-02 13:25 - 2019-03-18 21:11 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-03-29 18:28 - 2019-03-18 19:20 - 000000000 ____D C:\Users\Mateusz\AppData\Local\D3DSCache 2020-03-22 12:51 - 2019-11-30 23:30 - 000000000 ____D C:\GAMES 2020-03-22 08:31 - 2019-03-18 19:11 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1306913016-1850766916-1665871449-1001 2020-03-22 08:31 - 2015-08-10 11:07 - 000000000 __RDO C:\Users\Mateusz\OneDrive 2020-03-21 08:57 - 2019-03-18 19:18 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-21 08:57 - 2019-03-18 19:18 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-03-20 22:42 - 2019-03-18 19:00 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Packages 2020-03-20 11:06 - 2019-03-21 19:22 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-03-20 11:05 - 2018-08-14 16:20 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-03-19 12:09 - 2019-03-21 19:19 - 000000000 ____D C:\Users\Mateusz\AppData\Local\Adobe 2020-03-19 12:09 - 2019-03-18 18:16 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-03-19 12:08 - 2019-03-18 18:16 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-03-17 17:46 - 2019-07-06 18:10 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite 2020-03-17 17:08 - 2019-06-28 08:49 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-03-17 17:01 - 2020-01-28 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-03-17 12:23 - 2019-03-18 22:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-03-14 20:59 - 2019-03-18 18:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2020-03-14 20:59 - 2019-03-18 18:43 - 000000000 ____D C:\ProgramData\NVIDIA 2020-03-14 20:59 - 2015-01-12 15:36 - 000000000 __SHD C:\Users\Mateusz\IntelGraphicsProfiles 2020-03-14 20:58 - 2019-03-18 18:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-03-14 20:58 - 2019-03-18 17:59 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-03-14 14:09 - 2019-03-18 18:14 - 000000000 ____D C:\WINDOWS\INF 2020-03-14 09:29 - 2019-05-08 19:50 - 000000000 ____D C:\Users\Mateusz\AppData\Roaming\TS3Client 2020-03-14 09:29 - 2019-03-18 18:16 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-03-14 09:29 - 2019-03-18 17:59 - 000000000 ____D C:\WINDOWS\Panther ==================== Pliki w katalogu głównym wybranych folderów ======== 2018-10-13 10:44 - 2018-10-13 10:44 - 165944248 _____ (GOG.com ) C:\Users\Mateusz\Heroes of Might & Magic III Complete.exe ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================