Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19-01-2021 Uruchomiony przez Dawid (administrator) MSI (MSI MS-7978) (19-01-2021 17:52:13) Uruchomiony z C:\Users\Dawid\Desktop Załadowane profile: Dawid Platform: Windows 10 Pro Wersja 20H2 19042.746 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Kalendarz XP\Kalendarz.exe () [Brak podpisu cyfrowego] C:\Program Files (x86)\RocketDock\RocketDock.exe () [Brak podpisu cyfrowego] C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSISvc32.exe () [Brak podpisu cyfrowego] C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSISvc64.exe (A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe (A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) E:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) E:\Programy\DAEMON Tools Lite\DTShellHlp.exe (A-Volute -> ) C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) E:\Programy\Foxit Reader\FoxitReaderUpdateService.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (Malwarebytes Inc -> Malwarebytes) C:\Users\Dawid\Desktop\MBSetup-80562.80562-consumer.exe (Malwarebytes Inc -> Malwarebytes) I:\Gówno jebane\MBAMInstallerService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) E:\Programy\Dragon Center\Mystic_Light\LightKeeperService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [NahimicMSIUILauncher] => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [532448 2015-08-07] (A-Volute -> ) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Brak podpisu cyfrowego] HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [USB_Speed_Up] => C:\MSI\MSI USB Speed Up\USB_Speed_Up.exe [2394040 2017-02-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835768 2017-09-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26310800 2020-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-534369914-791047530-272632127-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19840752 2019-12-30] (A FOUR TECH CO., LTD. -> ) HKU\S-1-5-21-534369914-791047530-272632127-1001\...\Run: [BloodyKeyboard] => C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe [10865904 2020-01-09] (A FOUR TECH CO., LTD. -> ) HKU\S-1-5-21-534369914-791047530-272632127-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Brak podpisu cyfrowego] HKU\S-1-5-21-534369914-791047530-272632127-1001\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) HKU\S-1-5-21-534369914-791047530-272632127-1001\...\MountPoints2: {43e36cd3-b49e-11ea-a1f4-d8cb8ac6a9dc} - "M:\HiSuiteDownLoader.exe" HKU\S-1-5-21-534369914-791047530-272632127-1001\...\MountPoints2: {d580a498-3bd2-11eb-a219-d8cb8ac6a9dc} - "M:\HiSuiteDownLoader.exe" HKU\S-1-5-21-534369914-791047530-272632127-1001\...\MountPoints2: {d580a4ae-3bd2-11eb-a219-d8cb8ac6a9dc} - "M:\HiSuiteDownLoader.exe" HKU\S-1-5-21-534369914-791047530-272632127-1001\...\Winlogon: [Shell] %comspec% <==== UWAGA HKU\S-1-5-21-534369914-791047530-272632127-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist "C:\Users\Dawid\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" ( start /MIN "" "C:\Users\Dawid\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2020-02-01] ShortcutTarget: GIGABYTE OC_GURU.lnk -> E:\Programy\Gigabyte\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [Brak podpisu cyfrowego] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2020-02-02] ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks LLC -> Rivet Networks) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-03-12] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS) Startup: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kalendarz — skrót (2).lnk [2020-02-02] ShortcutTarget: Kalendarz — skrót (2).lnk -> C:\Program Files (x86)\Kalendarz XP\Kalendarz.exe () [Brak podpisu cyfrowego] GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {05FF3708-E317-489F-B945-B223DA0CC71F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0E617EAF-536D-4852-88E2-6F89293F1025} - System32\Tasks\microsoft\windows\windowsupdate\clean => cmd.exe /c attrib -h -s C:\Users\Dawid\AppData\Roaming\*.exe & attrib -h -s C:\Users\Dawid\AppData\Roaming\*.bat & del C:\Users\Dawid\AppData\Roaming\*.bat & del C:\Users\Dawid\AppData\Roaming\svchosts.exe Task: {13DC9BB3-B50A-4F9E-ABCF-07FF54D9778B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [4838816 2014-09-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics.) Task: {1D83036A-BD3F-4CA3-9678-C08425F1D705} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2AB8C73D-437F-4CCF-82FC-9C3D1F33AA25} - System32\Tasks\NahimicVRSvc64Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe Task: {2ABEF5DE-26E5-48DF-98FF-1AA731DCC4E0} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 5.2\upgrade.exe [1862008 2020-11-19] (ESET, spol. s r.o. -> ESET) Task: {2D691B30-6E6F-481B-98EB-9C168495A3B5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3A1C3B85-606C-4A57-B9BA-675FC2A4E429} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3D35B572-05DE-4482-AA47-0E74B76E0830} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {49F0A250-70F5-47C4-BAC0-B63728CEBABD} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {4BB1FBA4-BAC5-4795-BE9B-969ED2E33679} - System32\Tasks\NahimicMSIsvc32Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIsvc32.exe [815616 2015-08-07] () [Brak podpisu cyfrowego] Task: {4FC5CDD9-45AE-406E-A77F-E7B269959908} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {554B9474-55D0-4F9A-85B1-BB5D3F80047C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {64F0D298-47B5-4833-A3D6-E87A8A08132B} - System32\Tasks\ESET Windows 10 upgrade – Perform upgrade => C:\Program Files\Common Files\AV\ESET Smart Security 5.2\upgrade.exe [1862008 2020-11-19] (ESET, spol. s r.o. -> ESET) Task: {712A2603-B6C9-4258-A7AF-7E8E7CBBA474} - System32\Tasks\NahimicMSIUILauncherRun => C:\Program Files\Nahimic\NahimicMSI\UserInterface\NahimicMSIUILauncher.exe [532448 2015-08-07] (A-Volute -> ) Task: {81F36AD6-68B6-407C-A38E-50B9D7FC31D4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation) Task: {88A6B59D-543F-40C1-9E36-2ED6E7E3F742} - System32\Tasks\NahimicMSIsvc64Run => C:\Program Files\Nahimic\NahimicMSI\UserInterface\x64\NahimicMSIsvc64.exe [276992 2015-08-07] () [Brak podpisu cyfrowego] Task: {893A0A9C-6D0B-4B76-89E1-FBAAD25A7B9F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => E:\Programy\Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {994E31BF-6EC0-48D5-9B1D-A6E75E8435F0} - System32\Tasks\Agent Activation Runtime\S-1-5-21-534369914-791047530-272632127-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2021-01-17] (Microsoft Windows -> ) Task: {AB65F582-F27E-43E1-9216-34258F6B74C4} - System32\Tasks\klcp_update => E:\Programy\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2020-01-21] () [Brak podpisu cyfrowego] Task: {AC5B06FF-C7E2-49CA-BFE3-FEEC60C22C1C} - System32\Tasks\NahimicVRSvc32Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe Task: {B191D588-8BD4-4AEA-98BF-DE6E0AE07ABB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {CB50D85D-3EA1-44DE-A5C9-CA8F3B26B96E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => E:\Programy\Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {CD81C27F-FF92-468D-BFAB-FA11A55C67C9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DFF6A2AA-E52A-4B30-85D0-7BDCC6697187} - System32\Tasks\windowupdate => C:\Windows\lsa.exe Task: {E067986A-761A-412E-89A3-D2EDFE310E3D} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2015-11-20] (Intel(R) Software -> Intel Corporation) Task: {E28B21F9-8023-4EBC-BBFE-56961A42F146} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F4D8A710-DC1F-4877-927C-DCF629B9DAD1} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) Task: {F65F6BA2-AE61-41E3-9819-DCF2689E7BA5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {F81817D7-BFC0-4907-81DD-8CBF8E2155B4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {FF10D75F-B15A-4E85-B90D-2E8CE33109FB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{5da41520-01f9-41a2-b18a-4aec364c2f0a}: [DhcpNameServer] 192.168.8.1 Edge: ======= Edge Profile: C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-17] Edge Extension: (Outlook) - C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-01-17] Edge Extension: (Word) - C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-01-17] Edge Extension: (Excel) - C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-01-17] Edge Extension: (PowerPoint) - C:\Users\Dawid\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-01-17] FireFox: ======== FF DefaultProfile: yoqvj92f.default FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304 [2021-01-19] FF DownloadDir: C:\Users\Dawid\Desktop FF Extension: (Breaking Bad 3) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304\Extensions\{a4b257bd-569a-487b-9159-5cafe487cac7}.xpi [2020-02-02] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-15] FF Extension: (Back to The Future Cool Delorean) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\epchpdek.default-release-1-1580642519304\Extensions\{f0621ff3-745a-464b-b74c-43175aba9b59}.xpi [2020-02-02] FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\yoqvj92f.default [2020-02-01] FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\xmbo7y0g.default-release [2021-01-17] FF Extension: (Breaking Bad 3) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\xmbo7y0g.default-release\Extensions\{a4b257bd-569a-487b-9159-5cafe487cac7}.xpi [2020-02-01] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\xmbo7y0g.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-01] FF Extension: (Back to The Future Cool Delorean) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\xmbo7y0g.default-release\Extensions\{f0621ff3-745a-464b-b74c-43175aba9b59}.xpi [2020-02-01] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2020-06-21] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\Programy\Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> E:\PROGRAMY\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> E:\PROGRAMY\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> E:\PROGRAMY\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> E:\PROGRAMY\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> E:\PROGRAMY\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> E:\Programy\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-05-14] (Nero AG -> Nero AG) ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 Disc Soft Lite Bus Service; E:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-02-01] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET, spol. s r.o. -> ESET) R2 FoxitReaderUpdateService; E:\PROGRAMY\FOXIT READER\FoxitReaderUpdateService.exe [2357864 2020-08-31] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-11-07] (NVIDIA Corporation -> NVIDIA) R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [31400 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe [2018768 2015-08-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2016-12-05] (Rivet Networks LLC -> Rivet Networks) R2 LightKeeperService; E:\Programy\Dragon Center\Mystic_Light\LightKeeperService.exe [81552 2020-03-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MBAMInstallerService; I:\Gówno jebane\MBAMInstallerService.exe [6719056 2021-01-19] (Malwarebytes Inc -> Malwarebytes) S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2108600 2017-09-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2347704 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4054200 2017-09-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2247352 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2489016 2017-09-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [4848312 2017-08-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MSI_Cloud_Service; C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe [97232 2015-06-30] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [113336 2017-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2333328 2020-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe [69072 2015-07-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183472 2020-03-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-17] (Microsoft Windows Publisher -> Microsoft Corporation) S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-03-11] (SteelSeries ApS -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-17] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-17] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5dcb5bbf5c3edcf2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [145736 2016-09-19] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-02-01] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-02-01] (AVB Disc Soft, SIA -> Disc Soft Ltd) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET, spol. s r.o. -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET, spol. s r.o. -> ESET) R1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET, spol. s r.o. -> ESET) R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET, spol. s r.o. -> ESET) R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET, spol. s r.o. -> ESET) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2019-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) S3 GPCIDrv; E:\Programy\Gigabyte\GPCIDrv64.sys [14376 2014-08-11] (Giga-Byte Technology -> ) R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [65616 2020-02-09] (Martin Malik - REALiX -> REALiX(tm)) R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.) R3 NTIOLib_CC_DDR; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 NTIOLib_MB; C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 NTIOLib_OCKit_MB; C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\NTIOLib_X64.sys [13776 2016-09-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 NVVADARM; C:\WINDOWS\system32\drivers\nvvadarm.sys [40256 2014-09-14] (NVIDIA Corporation -> NVIDIA Corporation) R2 RAMDriv; C:\WINDOWS\system32\DRIVERS\ramdriv.sys [81912 2012-12-27] (Christiaan Ghijselinck -> Micro-Star Int'l Co., Ltd.) R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [81912 2012-12-27] (Christiaan Ghijselinck -> Micro-Star Int'l Co., Ltd.) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-12-23] (SteelSeries ApS -> ) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-01-17] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-17] (Microsoft Windows -> Microsoft Corporation) S3 MSICDSetup; \??\J:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\J:\NTIOLib_X64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-01-19 17:52 - 2021-01-19 17:52 - 000032137 _____ C:\Users\Dawid\Desktop\FRST.txt 2021-01-19 17:52 - 2021-01-19 17:52 - 000000000 ____D C:\Users\Dawid\Desktop\FRST-OlderVersion 2021-01-19 17:51 - 2021-01-19 17:52 - 000000000 ____D C:\FRST 2021-01-19 17:38 - 2021-01-19 17:38 - 001965536 _____ (Malwarebytes) C:\Users\Dawid\Desktop\MBSetup-80562.80562-consumer.exe 2021-01-19 17:35 - 2021-01-19 17:52 - 002295808 _____ (Farbar) C:\Users\Dawid\Desktop\FRST64.exe 2021-01-19 17:23 - 2021-01-19 17:53 - 085375558 _____ C:\Users\Dawid\Desktop\mb4-setup-consumer-4.3.0.206-1.0.1146-1.0.35789.exe.part 2021-01-19 17:23 - 2021-01-19 17:24 - 008458096 _____ (Malwarebytes) C:\Users\Dawid\Desktop\adwcleaner_8.0.9.exe 2021-01-19 17:23 - 2021-01-19 17:24 - 001790024 _____ (Malwarebytes) C:\Users\Dawid\Desktop\JRT.exe 2021-01-19 17:23 - 2021-01-19 17:23 - 000000000 _____ C:\Users\Dawid\Desktop\mb4-setup-consumer-4.3.0.206-1.0.1146-1.0.35789.exe 2021-01-19 17:09 - 2021-01-19 17:09 - 000000660 _____ C:\Users\Dawid\Desktop\WINDOWS 10 KLUCZE I KOMENDY.txt 2021-01-17 13:57 - 2021-01-17 13:57 - 000002912 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint (1).lnk 2021-01-17 13:57 - 2021-01-17 13:57 - 000002906 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook (1).lnk 2021-01-17 13:57 - 2021-01-17 13:57 - 000002902 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel (1).lnk 2021-01-17 13:57 - 2021-01-17 13:57 - 000002900 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word (1).lnk 2021-01-17 13:52 - 2021-01-17 13:52 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-01-17 13:52 - 2021-01-17 13:52 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-01-17 13:52 - 2021-01-17 13:52 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-01-17 13:52 - 2021-01-17 13:52 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-01-17 13:52 - 2021-01-17 13:52 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-01-17 13:52 - 2021-01-17 13:52 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-01-17 13:52 - 2021-01-17 13:52 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-01-17 13:52 - 2021-01-17 13:52 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-01-17 13:52 - 2021-01-17 13:52 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-01-17 13:52 - 2021-01-17 13:52 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-01-17 13:52 - 2021-01-17 13:52 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-01-17 13:52 - 2021-01-17 13:52 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-01-17 13:52 - 2021-01-17 13:52 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-01-17 13:52 - 2021-01-17 13:52 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe 2021-01-17 13:52 - 2021-01-17 13:52 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-01-17 13:52 - 2021-01-17 13:52 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-01-17 13:52 - 2021-01-17 13:52 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-01-17 13:52 - 2021-01-17 13:52 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-01-17 13:52 - 2021-01-17 13:52 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-01-17 13:52 - 2021-01-17 13:52 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2021-01-17 13:52 - 2021-01-17 13:52 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-01-17 13:52 - 2021-01-17 13:52 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2021-01-17 13:52 - 2021-01-17 13:52 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2021-01-17 13:51 - 2021-01-17 13:51 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-01-17 13:51 - 2021-01-17 13:51 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-01-17 13:51 - 2021-01-17 13:51 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-01-17 13:51 - 2021-01-17 13:51 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll 2021-01-17 13:51 - 2021-01-17 13:51 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-01-17 13:51 - 2021-01-17 13:51 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll 2021-01-17 13:51 - 2021-01-17 13:51 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-01-17 13:51 - 2021-01-17 13:51 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-01-17 13:51 - 2021-01-17 13:51 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-01-17 13:51 - 2021-01-17 13:51 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2021-01-17 13:51 - 2021-01-17 13:51 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll 2021-01-17 13:51 - 2021-01-17 13:51 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2021-01-17 13:51 - 2021-01-17 13:51 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-01-09 15:32 - 2021-01-09 15:42 - 000000074 _____ C:\Users\Dawid\Desktop\Zimowe Szlaki.txt 2021-01-07 17:25 - 2021-01-07 17:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-12-24 09:56 - 2020-12-24 09:57 - 000000000 ____D C:\Users\Dawid\Documents\Fax 2020-12-24 09:56 - 2020-12-24 09:56 - 000000000 ___RD C:\Users\Dawid\Documents\Scanned Documents ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-01-19 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-19 17:34 - 2020-06-21 20:52 - 001767980 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-01-19 17:34 - 2019-12-07 16:09 - 000784312 _____ C:\WINDOWS\system32\perfh015.dat 2021-01-19 17:34 - 2019-12-07 16:09 - 000152208 _____ C:\WINDOWS\system32\perfc015.dat 2021-01-19 17:34 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-01-19 17:31 - 2020-06-21 20:54 - 000003830 _____ C:\WINDOWS\system32\Tasks\ESET Windows 10 upgrade – Perform upgrade 2021-01-19 17:29 - 2020-02-02 12:33 - 000000000 ____D C:\ProgramData\NVIDIA 2021-01-19 17:29 - 2020-02-01 17:32 - 000000000 ____D C:\ProgramData\Mozilla 2021-01-19 17:28 - 2020-02-01 17:32 - 000000000 ____D C:\Users\Dawid\AppData\LocalLow\Mozilla 2021-01-19 17:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-01-19 17:27 - 2020-06-21 20:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-01-19 17:27 - 2020-06-21 20:51 - 000008192 ___SH C:\DumpStack.log.tmp 2021-01-19 17:27 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-01-19 17:11 - 2020-06-21 20:54 - 000004196 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{9BEFEB3F-55B7-4DD8-B2C2-12AED0004119} 2021-01-18 17:55 - 2020-06-21 20:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-01-17 13:59 - 2020-03-15 13:59 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\uTorrent 2021-01-17 13:59 - 2020-02-02 02:42 - 000000000 ____D C:\Users\Dawid\AppData\Local\CrashDumps 2021-01-17 13:58 - 2020-02-01 20:36 - 000000000 ____D C:\Program Files\CCleaner 2021-01-17 13:58 - 2020-02-01 17:03 - 000000000 ____D C:\Users\Dawid\AppData\Local\Packages 2021-01-17 13:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-01-17 13:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-01-17 13:56 - 2020-06-21 20:51 - 000432808 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-01-17 13:55 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-01-17 13:55 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-01-17 13:55 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-01-17 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-01-17 13:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-01-17 13:51 - 2020-06-21 20:52 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-01-17 13:09 - 2020-11-16 18:12 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-01-17 13:07 - 2020-05-30 15:44 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-01-17 12:57 - 2020-02-01 16:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-01-17 11:51 - 2020-02-02 12:18 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-01-17 11:51 - 2020-02-02 12:18 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-01-17 11:51 - 2020-02-02 12:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-01-16 20:52 - 2020-06-22 16:33 - 000003468 _____ C:\WINDOWS\system32\Tasks\ESET Windows 10 upgrade – Refresh settings 2021-01-07 17:25 - 2020-02-02 12:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-01-03 12:22 - 2020-04-18 15:38 - 000000000 ____D C:\Users\Dawid\Documents\The Witcher 3 2020-12-24 09:57 - 2019-12-07 16:10 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2020-12-20 18:45 - 2020-06-21 20:54 - 000003350 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-534369914-791047530-272632127-1001 2020-12-20 18:45 - 2020-06-21 20:11 - 000002403 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-12-20 18:45 - 2020-02-01 17:05 - 000000000 ___RD C:\Users\Dawid\OneDrive ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-02-09 23:02 - 2020-02-09 23:02 - 000000447 _____ () C:\Users\Dawid\AppData\Roaming\d.vbs 2019-04-08 19:40 - 2019-04-08 19:40 - 000000338 _____ () C:\Users\Dawid\AppData\Roaming\h.vbs 2020-03-24 16:19 - 2020-03-24 16:19 - 004198705 _____ ( ) C:\Users\Dawid\AppData\Roaming\setup.exe 2020-04-18 23:36 - 2020-04-28 16:46 - 001065984 _____ () C:\Users\Dawid\AppData\Local\file__0.localstorage 2020-04-11 14:04 - 2020-05-03 15:15 - 000007597 _____ () C:\Users\Dawid\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) UWAGA: ==> Nie można uzyskać dostępu do BCD. -> 0 ==================== Koniec FRST.txt ========================