Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 04-09-2019 Uruchomiony przez Jola (administrator) LAPTOP-SIDJI4VS (Acer Aspire E5-575G) (08-09-2019 18:51:49) Uruchomiony z C:\Users\Jola\Documents\Nowy folder (2) Załadowane profile: Jola (Dostępne profile: Jola & Dawid) Platform: Windows 10 Home Wersja 1903 18362.295 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files\KMSpico\Service_KMS.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated -> acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Amazon Services LLC -> ) C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fshoster64.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsorsp64.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsulprothoster.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel(R) CN -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\Temp\DELE7B3.tmp (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\Temp\DELE7D4.tmp (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1001.7.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mshta.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\Jola\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1903344 2016-02-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Brak podpisu cyfrowego] HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1146579958-381356915-3942461415-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1146579958-381356915-3942461415-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3642880 2016-05-08] (x264vfw project) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [309248 2015-12-18] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3613696 2016-05-08] (x264vfw project) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-27] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0B1F6B3C-E7D9-45E8-BB22-1C0AE22708D8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LAPTOP-SIDJI4VS-Jola LAPTOP-SIDJI4VS => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {10805DC0-6BE2-476A-A5F0-A11620C0CA06} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {119CB73D-93E9-4C52-9D69-30F067AD8B96} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {181BAEED-0DCD-4D21-846E-6A9220291066} - System32\Tasks\App Explorer => C:\Users\Jola\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7417512 2019-08-27] (SweetLabs Inc. -> SweetLabs, Inc) <==== UWAGA Task: {1EBDDE7C-520A-4084-8A8B-A958A541F65C} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [740544 2015-11-01] () [Brak podpisu cyfrowego] Task: {57765B75-13BA-4E2B-90B9-6852CCC071BB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {5A8C5CDE-3D27-4211-A3B4-D4A8D5FBB8DA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated) Task: {5F0DC8EE-2F97-4BD2-9830-A8193EA09D39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-05] (Google Inc -> Google Inc.) Task: {813CA1E4-2EA7-42B9-8F95-0FAB30EFC28A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {85D7A8B8-0A35-47A7-9F5F-2856C773F8AD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {8711A06F-50AA-46D0-8C6B-25F83F278646} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {AAAA78A8-20F6-4C46-A9F8-16F87AF90E56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-05] (Google Inc -> Google Inc.) Task: {B0A1AD74-05A7-4252-8130-70601E0180A2} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: ) Task: {B340AA16-3034-44E0-A8FF-CC3E85DCEF93} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {BA15375D-1271-4348-8E60-E3031E47F062} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fs_hotfix.exe [268744 2019-03-25] (F-Secure Corporation -> F-Secure Corporation) Task: {C5E71F32-710A-4A1B-B700-6DF142DB4AF6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {DA373233-071A-4568-B38E-078241CD5DD3} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-05-24] (Acer Incorporated -> Acer Incorporated) Task: {DBCD0D5F-05B8-477E-B8F2-257FAA3F092C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems) Task: {DCB763CE-FE5B-4828-9F66-E0BE02BDFB7A} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{4859c34c-f23a-4b3c-b966-5e560c74ad6d}: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{81379808-56cb-48fd-9564-15fa69583ffe}: [DhcpNameServer] 62.179.1.62 62.179.1.63 Internet Explorer: ================== HKU\S-1-5-21-1146579958-381356915-3942461415-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.acer15.msn.com/?pc=ACTE HKU\S-1-5-21-1146579958-381356915-3942461415-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.acer15.msn.com/?pc=ACTE SearchScopes: HKU\S-1-5-21-1146579958-381356915-3942461415-1001 -> DefaultScope {907B0AAB-23CA-4DBF-B331-76E1A8F138D2} URL = SearchScopes: HKU\S-1-5-21-1146579958-381356915-3942461415-1001 -> {907B0AAB-23CA-4DBF-B331-76E1A8F138D2} URL = BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Program Files (x86)\Amazon\Amazon Assistant\aaMessenger.dll [2018-02-22] (Amazon Services LLC -> ) BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1567426121\browser\install\fs_ie_https\fs_ie_https64.dll [2019-09-02] (F-Secure Corporation -> F-Secure Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Program Files (x86)\Amazon\Amazon Assistant\aaMessenger.dll [2018-02-22] (Amazon Services LLC -> ) BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1567426121\browser\install\fs_ie_https\fs_ie_https.dll [2019-09-02] (F-Secure Corporation -> F-Secure Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2016-05-05] [Przestarzałe] FF Extension: (Polski Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pl@firefox.mozilla.org [2016-05-05] [Przestarzałe] FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-05-05] [Przestarzałe] FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1567426121\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1567426121\browser\install\fs_firefox_https\fs_firefox_https.xpi [2019-09-02] FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1567426121\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> ) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxps://www.google.pl/" CHR DefaultSearchURL: Default -> hxxp://a.wpimg.pl/a/i/stg/550/favicon.ico CHR Profile: C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default [2019-09-08] CHR DownloadDir: C:\Users\Jola\Desktop CHR Extension: (Prezentacje) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15] CHR Extension: (Dokumenty) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15] CHR Extension: (Dysk Google) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-05] CHR Extension: (YouTube) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-05] CHR Extension: (Poczta) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpidnlocdigmigganjfkmhjkpgigjecm [2017-03-05] CHR Extension: (Facebook) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2017-03-05] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-27] CHR Extension: (LIBRUS Synergia) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\enpnngfdkfdnfpagggmifgacmahpnnom [2017-03-05] CHR Extension: (Cat Taiki Theme) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\epjigjbihgjmelngicfmimbpbfebldcp [2017-03-05] CHR Extension: (Arkusze) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15] CHR Extension: (Dokumenty Google offline) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-18] CHR Extension: (Allegro) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdhjjnhpikfdmmhbgmgcnmadfoioafc [2017-03-05] CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2019-09-02] CHR Extension: (Groupon) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkppdjhjafoajbkhnbmopbadhfgcmmch [2017-03-05] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Terapiamed Kraków - przychodnia zdrow...) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofgekjmabjkfbfbenafmlmkjjllicoj [2018-11-29] CHR Extension: (Gmail) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15] CHR Extension: (Chrome Media Router) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-09] CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2018-02-22] (Amazon Services LLC -> ) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-07-17] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 fshoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe [209864 2019-03-25] (F-Secure Corporation -> F-Secure Corporation) R2 fsnethoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe [209864 2019-03-25] (F-Secure Corporation -> F-Secure Corporation) S2 fsulhoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fshoster64.exe [584776 2019-09-04] (F-Secure Corporation -> F-Secure Corporation) R2 fsulnethoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fshoster64.exe [584776 2019-09-04] (F-Secure Corporation -> F-Secure Corporation) R2 fsulorsp; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsorsp64.exe [101248 2019-09-04] (F-Secure Corporation -> F-Secure Corporation) R2 fsulprothoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsulprothoster.exe [584776 2019-09-04] (F-Secure Corporation -> F-Secure Corporation) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation) R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806144 2018-11-08] (ICEpower a/s -> ICEpower) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Brak podpisu cyfrowego] R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26576 2018-01-11] (Intel(R) CN -> Intel Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Brak podpisu cyfrowego] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-17] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation) R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI -> @ByELDI) [Brak podpisu cyfrowego] R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (Acer Incorporated -> acer) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-09-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-09-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. ) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-07-24] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-07-24] (Disc Soft Ltd -> Disc Soft Ltd) R3 F-Secure Gatekeeper; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsulgk.sys [289952 2019-09-04] (F-Secure Corporation -> F-Secure Corporation) R1 F-Secure UL HIPS; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fshs.sys [102560 2019-09-04] (F-Secure Corporation -> F-Secure Corporation) U5 fsbts; C:\Windows\System32\Drivers\fsbts.sys [65872 2018-08-07] (F-Secure Corporation -> ) S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15296 2019-05-09] (Microsoft Windows Early Launch Anti-malware Publisher -> F-Secure Corporation) S3 fsni; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif\1567426121\fsni64.sys [111472 2019-09-02] (F-Secure Corporation -> F-Secure Corporation) R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1016496 2018-12-24] (Intel(R) Rapid Storage Technology -> Intel Corporation) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation -> NVIDIA Corporation) R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2360048 2018-08-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek Semiconductor Corp -> Realtek ) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation) R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66144 2016-09-07] (Synaptics Incorporated -> Synaptics Incorporated) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-09-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-09-08] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-09-08 18:35 - 2019-09-08 18:51 - 000000000 ____D C:\FRST 2019-09-08 18:34 - 2019-09-08 18:51 - 000000000 ____D C:\Users\Jola\Documents\Nowy folder (2) 2019-09-04 10:33 - 2019-09-04 10:34 - 000000000 ____D C:\Users\Jola\AppData\Local\Intel 2019-09-04 10:32 - 2019-09-04 10:32 - 000000000 ____D C:\WINDOWS\LastGood 2019-09-04 10:30 - 2018-10-14 23:54 - 000242512 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll 2019-09-04 10:30 - 2018-10-14 23:54 - 000209992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll 2019-08-17 13:54 - 2019-08-17 13:54 - 037650432 _____ C:\Users\Jola\Desktop\DSCN6121.MOV 2019-08-16 11:28 - 2019-08-16 11:28 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 022625280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 008012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 007753728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 005916160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2019-08-16 11:28 - 2019-08-16 11:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2019-08-16 11:28 - 2019-08-16 11:28 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000633344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000428544 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000093104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2019-08-16 11:28 - 2019-08-16 11:28 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2019-08-16 11:28 - 2019-08-16 11:28 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2019-08-16 11:27 - 2019-08-16 11:28 - 025901056 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 017785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 009926672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 007890256 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 007277568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 007251808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 006518184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 006226864 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 006071432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 005753944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 004562904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 003724800 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 003698176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 003590672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 002990096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 002798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 002724352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 002449432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 002094592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-08-16 11:27 - 2019-08-16 11:27 - 001717776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001647280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001509936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 001505808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 001413328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001391416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-08-16 11:27 - 2019-08-16 11:27 - 001337872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001301008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 001262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001259008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001213240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001072144 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 001056704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 001037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000889664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000876560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000829776 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 000821904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 000804880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 000796088 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 000752792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000524216 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000481592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-08-16 11:27 - 2019-08-16 11:27 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2019-08-16 11:27 - 2019-08-16 11:27 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000441360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 000386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 000316432 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000300176 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000210448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000210400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000202256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000170920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2019-08-16 11:27 - 2019-08-16 11:27 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2019-08-16 11:27 - 2019-08-16 11:27 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS 2019-08-16 11:27 - 2019-08-16 11:27 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2019-08-16 11:27 - 2019-08-16 11:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll 2019-08-16 11:01 - 2019-08-16 11:01 - 000000000 ____D C:\Users\Jola\AppData\Roaming\MPC-HC ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-09-08 18:55 - 2017-04-29 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2019-09-08 18:55 - 2017-04-29 17:06 - 000000000 ____D C:\Users\Jola\Documents\Nowy folder 2019-09-08 18:53 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender 2019-09-08 18:53 - 2018-06-08 12:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-09-08 18:46 - 2019-08-05 23:09 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck 2019-09-08 18:43 - 2017-07-06 21:15 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2019-09-08 18:17 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-09-08 17:33 - 2019-08-05 22:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-09-08 15:04 - 2019-08-05 23:09 - 000005344 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LAPTOP-SIDJI4VS-Jola LAPTOP-SIDJI4VS 2019-09-08 14:59 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-09-08 14:59 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-09-08 12:46 - 2018-06-08 12:18 - 000000000 ____D C:\Users\Jola\AppData\Local\Host App Service 2019-09-08 12:43 - 2017-03-05 14:17 - 000000000 __SHD C:\Users\Jola\IntelGraphicsProfiles 2019-09-07 22:54 - 2016-12-09 20:39 - 000000000 ____D C:\ProgramData\NVIDIA 2019-09-05 20:22 - 2019-08-05 23:09 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1146579958-381356915-3942461415-1001 2019-09-05 20:21 - 2019-08-05 17:38 - 000002408 _____ C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-09-05 20:21 - 2017-03-05 14:26 - 000000000 ___RD C:\Users\Jola\OneDrive 2019-09-04 14:12 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF 2019-09-04 10:33 - 2017-06-03 09:23 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2019-09-04 10:33 - 2017-05-21 22:49 - 000000000 ____D C:\Program Files\Intel 2019-09-04 10:33 - 2017-05-21 22:49 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2019-09-04 10:33 - 2016-12-09 20:29 - 000000000 ____D C:\ProgramData\Intel 2019-08-27 11:03 - 2017-03-05 14:31 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-08-25 12:20 - 2017-03-05 14:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-08-17 12:38 - 2019-08-04 22:16 - 000000000 ___DC C:\WINDOWS\Panther 2019-08-16 14:24 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-08-16 12:48 - 2019-08-05 23:00 - 001770296 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-08-16 12:48 - 2019-03-19 14:23 - 000785588 _____ C:\WINDOWS\system32\perfh015.dat 2019-08-16 12:48 - 2019-03-19 14:23 - 000152350 _____ C:\WINDOWS\system32\perfc015.dat 2019-08-16 12:42 - 2017-12-23 20:13 - 000000000 ___RD C:\Users\Jola\3D Objects 2019-08-16 12:42 - 2016-11-21 11:19 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-08-16 12:40 - 2019-08-05 23:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-08-16 12:40 - 2019-08-05 22:35 - 000444168 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-08-16 12:38 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-08-16 12:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-08-16 12:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-08-16 12:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-08-16 12:03 - 2017-03-05 19:41 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-08-16 11:36 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing 2019-08-16 11:36 - 2017-03-05 19:41 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-08-15 20:07 - 2019-08-05 23:09 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2019-08-10 19:20 - 2019-08-07 18:34 - 000000000 ____D C:\Users\Jola\Desktop\KUDOWA 2019-08-09 16:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF ==================== SigCheck =============================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ============================