Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-12-2019 Uruchomiony przez Xantyr (administrator) DESKTOP-NURIL69 (MSI MS-7817) (07-01-2020 17:27:11) Uruchomiony z C:\Users\Xantyr\Downloads Załadowane profile: Xantyr (Dostępne profile: Xantyr) Platform: Windows 10 Pro Wersja 1903 18362.535 (X64) Język: Polski (Polska) Domyślna przeglądarka: "C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe" -- "%1" Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0347941.inf_amd64_0d38c490fafef610\B347949\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0347941.inf_amd64_0d38c490fafef610\B347949\atiesrxx.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (F.lux Software LLC -> f.lux Software LLC) C:\Users\Xantyr\AppData\Local\FluxSoftware\Flux\flux.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-14] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\Run: [Discord] => C:\Users\Xantyr\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\Run: [f.lux] => C:\Users\Xantyr\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC) HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-29] (Valve -> Valve Corporation) HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Xantyr\AppData\Local\Microsoft\Teams\Update.exe [1790192 2019-06-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\MountPoints2: {ff62f107-163d-11e9-b312-d8cb8abed927} - "E:\HiSuiteDownLoader.exe" HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3 HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8237E44A-0054-442C-B6B6-EA0509993955}] -> C:\Program Files (x86)\Google\Chrome Beta\Application\80.0.3987.16\Installer\chrmstp.exe [2019-12-20] (Google LLC -> Google LLC) Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Plants vs Zombies.lnk [2019-06-26] ShortcutTarget: Plants vs Zombies.lnk -> C:\Program Files\Plants vs Zombies\PlantsVsZombies.exe (Brak pliku) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {058E9EEF-C653-408E-823B-636FD65E84E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.) Task: {166238BF-2F9E-42D7-B44C-14D1B37CDC32} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-10] (Adobe Inc. -> Adobe) Task: {16D92F4F-71F1-4206-B60C-BCD94EDF094B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376152 2019-12-22] (Microsoft Corporation -> Microsoft Corporation) Task: {1BD50384-C573-4EA2-B1F2-57131D3ADB9B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1438600 2019-12-22] (Microsoft Corporation -> Microsoft Corporation) Task: {1E4DC54D-375A-4A72-A288-6BEA7400C8DC} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-10-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {201B9039-F765-4BC8-A54F-CACB14564BD3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {22D37000-4F04-4438-862F-65BD5F81060A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4359992 2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Task: {450362AD-FBBD-4DF9-92E7-9184DCE853F8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {5A34049A-4AD9-41F5-8349-D2EF6D80622A} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-10-23] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] Task: {687CBA34-7A07-4AE4-93CE-E8B3EEF9F8DB} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {6C8CCB59-84C8-4C9D-8074-A61CA0E5D34E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115240 2019-12-22] (Microsoft Corporation -> Microsoft Corporation) Task: {6F7CC167-E1D4-42BC-B54F-130A0BA70E5C} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-10-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {6FAB618B-9323-4CFD-9A9A-275E33A365F8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2019-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {70108297-1EC3-43A1-9BE0-ECB032F88E37} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {7F896796-C773-4411-B5BE-7BCA89737A2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-14] (Google Inc -> Google Inc.) Task: {7FA5808A-27FF-43BB-B00D-265F03ADC3B3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2019-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {8327174B-1957-4378-B05C-AEC703D578BE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-10] (Adobe Inc. -> Adobe) Task: {87E687CB-2F86-43BA-B60C-134BBBC1FC30} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4359992 2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Task: {A6FC2AB3-F3ED-4B4A-8B99-87B1D78AC54C} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-10-23] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] Task: {B373719A-B930-4F24-80DA-A2E3B7C776B2} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431816 2019-12-01] (Overwolf Ltd -> Overwolf LTD) Task: {BBFC3207-9385-4BFD-8E2B-15C988121108} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {C063AB9F-7F7A-4B0A-ADED-091B5637AB54} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) Task: {D816F27B-F79E-401F-86F2-08DFC02A08A1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115240 2019-12-22] (Microsoft Corporation -> Microsoft Corporation) Task: {EF4028CB-FA3B-4DCC-BD9C-E03B310200D5} - System32\Tasks\Opera scheduled Autoupdate 1529694336 => C:\Program Files\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software) Task: {F7795F11-BD6F-4062-B5B0-3ADFBE864454} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376152 2019-12-22] (Microsoft Corporation -> Microsoft Corporation) Task: {FBE57DF6-2978-425E-A6DC-6C8D262FABB5} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 185.138.239.105 8.8.8.8 Tcpip\..\Interfaces\{cdb3dd0e-9429-4c0b-84f1-630d5cfec965}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{ff9619ff-cedd-44cd-a567-3d295a281708}: [DhcpNameServer] 185.138.239.105 8.8.8.8 Internet Explorer: ================== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-14] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-01] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-01] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-14] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-11-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Xantyr\AppData\Local\Google\Chrome\User Data\Default [2019-04-05] CHR Extension: (Prezentacje) - C:\Users\Xantyr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-22] CHR Extension: (Dokumenty) - C:\Users\Xantyr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-22] CHR Extension: (Dysk Google) - C:\Users\Xantyr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-22] CHR Extension: (YouTube) - C:\Users\Xantyr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-22] CHR Extension: (Arkusze) - C:\Users\Xantyr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-22] CHR Extension: (Dokumenty Google offline) - C:\Users\Xantyr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-22] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Xantyr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-22] CHR Extension: (Gmail) - C:\Users\Xantyr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-22] CHR Extension: (Chrome Media Router) - C:\Users\Xantyr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-22] CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] StartMenuInternet: Google Chrome Beta - C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\Xantyr\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-12-11] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0347941.inf_amd64_0d38c490fafef610\B347949\atiesrxx.exe [509352 2019-10-24] (Advanced Micro Devices, Inc. -> AMD) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-06-24] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11165560 2019-12-10] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-23] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-14] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-14] (ESET, spol. s r.o. -> ESET) S3 GoogleChromeBetaElevationService; C:\Program Files (x86)\Google\Chrome Beta\Application\80.0.3987.16\elevation_service.exe [1112560 2019-12-17] (Google LLC -> Google LLC) S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [18534552 2019-10-28] (Mail.Ru LLC -> LLC Mail.Ru) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431816 2019-12-01] (Overwolf Ltd -> Overwolf LTD) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-06-12] (Microsoft Windows -> ) S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-10-04] (Microsoft Windows -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-05] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-05] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0347941.inf_amd64_0d38c490fafef610\B347949\atikmdag.sys [60658592 2019-10-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0347941.inf_amd64_0d38c490fafef610\B347949\atikmpag.sys [598440 2019-10-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-28] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-28] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-14] (ESET, spol. s r.o. -> ESET) S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2019-10-28] (Mail.Ru LLC -> LLC Mail.Ru) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek ) S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2019-07-02] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-11] (Microsoft Windows -> Microsoft Corporation) U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50176 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-05] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-05] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-01-07 17:27 - 2020-01-07 17:27 - 000023050 _____ C:\Users\Xantyr\Downloads\FRST.txt 2020-01-07 17:21 - 2020-01-07 17:21 - 008237744 _____ (Malwarebytes) C:\Users\Xantyr\Downloads\adwcleaner_8.0.1.exe 2020-01-07 17:21 - 2020-01-07 17:21 - 002272256 _____ (Farbar) C:\Users\Xantyr\Downloads\FRST64.exe 2020-01-07 16:50 - 2020-01-07 16:50 - 748531654 _____ C:\WINDOWS\MEMORY.DMP 2020-01-07 12:58 - 2020-01-07 12:58 - 000000706 _____ C:\Users\Public\Desktop\Slime Rancher.lnk 2020-01-07 12:58 - 2020-01-07 12:58 - 000000000 ____D C:\Users\Xantyr\AppData\LocalLow\Monomi Park 2020-01-07 12:58 - 2020-01-07 12:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slime Rancher [GOG.com] 2020-01-07 12:57 - 2020-01-07 12:57 - 000000000 ____D C:\Users\Xantyr\Downloads\Slime.Rancher.v1.4.1c 2020-01-07 12:48 - 2020-01-07 12:56 - 645244112 _____ C:\Users\Xantyr\Downloads\Slime.Rancher.v1.4.1c.zip 2020-01-07 12:44 - 2020-01-07 12:44 - 000000000 ____D C:\Users\Xantyr\Downloads\syf w pobranych 2020-01-07 10:41 - 2020-01-07 10:41 - 000001103 _____ C:\Users\Public\Desktop\Minecraft Launcher.lnk 2020-01-07 10:41 - 2020-01-07 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher 2020-01-07 10:41 - 2020-01-07 10:41 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher 2020-01-07 10:38 - 2020-01-07 10:38 - 000000000 ____D C:\Users\Xantyr\Desktop\moj pulpit 2019-12-14 18:41 - 2019-12-14 18:41 - 000000000 ____D C:\Users\Xantyr\AppData\Roaming\ArchlightOnlineTest 2019-12-11 21:13 - 2019-12-11 23:14 - 000000000 ____D C:\Users\Xantyr\archlight 2019-12-11 21:12 - 2019-12-14 07:52 - 000000000 ____D C:\Users\Xantyr\AppData\Roaming\ArchLight Launcher 2019-12-11 21:12 - 2019-12-11 21:12 - 000000000 ____D C:\Users\Xantyr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArchLight Launcher 2019-12-11 19:30 - 2019-12-11 19:30 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-12-11 19:30 - 2019-12-11 19:30 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-12-11 19:30 - 2019-12-11 19:30 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-12-11 19:30 - 2019-12-11 19:30 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-12-11 19:30 - 2019-12-11 19:30 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2019-12-11 19:30 - 2019-12-11 19:30 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-12-11 19:30 - 2019-12-11 19:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-01-07 17:27 - 2019-04-05 09:16 - 000000000 ____D C:\FRST 2020-01-07 17:24 - 2019-10-13 16:50 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate 2020-01-07 17:24 - 2019-06-12 10:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-01-07 17:24 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-01-07 17:24 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-01-07 17:24 - 2018-07-01 12:07 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2020-01-07 17:19 - 2019-06-12 10:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-01-07 14:59 - 2018-06-25 08:48 - 000000000 ____D C:\Users\Xantyr\AppData\Roaming\.minecraft 2020-01-07 13:30 - 2019-05-28 19:17 - 000000000 ____D C:\Users\Xantyr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2020-01-07 12:56 - 2019-06-12 11:02 - 001768484 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-01-07 12:56 - 2019-03-19 13:24 - 000784514 _____ C:\WINDOWS\system32\perfh015.dat 2020-01-07 12:56 - 2019-03-19 13:24 - 000152312 _____ C:\WINDOWS\system32\perfc015.dat 2020-01-07 12:56 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2020-01-07 12:40 - 2019-06-12 10:47 - 000000000 ____D C:\Users\Xantyr 2020-01-07 10:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-12-27 15:32 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-12-23 17:26 - 2018-06-14 14:24 - 000000000 ____D C:\Users\Xantyr\AppData\Roaming\discord 2019-12-22 16:38 - 2019-03-08 12:27 - 000000000 ____D C:\Users\Xantyr\AppData\Roaming\slobs-client 2019-12-22 15:38 - 2019-09-23 21:41 - 000000000 ____D C:\Users\Xantyr\AppData\Roaming\vlc 2019-12-22 15:28 - 2019-06-24 00:17 - 000000000 ____D C:\Users\Xantyr\Documents\Nagrania dźwiękowe 2019-12-22 15:26 - 2019-03-08 12:26 - 000000000 ____D C:\Program Files\Streamlabs OBS 2019-12-22 07:31 - 2018-07-02 06:14 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-12-21 07:33 - 2018-07-06 09:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-12-20 15:55 - 2019-06-12 10:59 - 000004000 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1529694336 2019-12-20 15:55 - 2018-06-22 20:05 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2019-12-20 15:55 - 2018-06-22 20:05 - 000000000 ____D C:\Program Files\Opera 2019-12-20 08:23 - 2018-06-14 14:23 - 000000000 ____D C:\Users\Xantyr\AppData\Roaming\Google 2019-12-20 07:49 - 2018-06-14 14:10 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome Beta.lnk 2019-12-20 07:49 - 2018-06-14 14:10 - 000002321 _____ C:\Users\Public\Desktop\Google Chrome Beta.lnk 2019-12-18 14:33 - 2018-06-15 02:20 - 000002220 _____ C:\Users\Xantyr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PXG Client.lnk 2019-12-17 01:39 - 2019-08-06 16:10 - 000000000 ____D C:\ProgramData\Overwolf 2019-12-14 07:39 - 2019-06-12 10:59 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2019-12-14 07:39 - 2019-06-12 10:59 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2019-12-14 07:36 - 2019-02-27 08:59 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2019-12-12 22:47 - 2019-08-06 16:10 - 000000000 ____D C:\Program Files (x86)\Overwolf 2019-12-11 19:35 - 2018-06-14 13:32 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-12-11 19:35 - 2018-06-14 13:32 - 000000000 ___RD C:\Users\Xantyr\3D Objects 2019-12-11 19:34 - 2019-06-12 10:54 - 000437552 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-12-11 19:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-12-11 19:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-12-11 19:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-12-11 19:33 - 2018-06-14 16:55 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-12-11 19:31 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-12-11 19:31 - 2018-06-14 16:55 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-12-10 20:09 - 2019-06-12 10:59 - 000004702 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier 2019-12-10 20:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-12-10 20:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-06-22 16:36 - 2019-06-22 16:36 - 000001605 _____ () C:\Users\Xantyr\AppData\Local\recently-used.xbel 2018-06-27 19:44 - 2018-10-28 18:19 - 000007597 _____ () C:\Users\Xantyr\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================