FRST.txt

CMD przekierowuje na stronę Exinariuminix.xxx podczas uruchamiania systemu - jak to naprawić?

Cześć przy starcie systemu wyskakuje mi cmd i automatycznie przekierowuje na strone exinariuminix. Widziałem, że potrzebny jest dla każdego osobny fix. Czy można prosić o pomoc? Wydzieliłem jako nowy temat. RADU23

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-10-2020
Uruchomiony przez Matek (administrator) MATEO (Acer Aspire V3-574G) (16-10-2020 11:06:27)
Uruchomiony z C:\Users\Matek\Downloads
Załadowane profile: Matek
Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

() [Brak podpisu cyfrowego] C:\Users\Matek\Downloads\ScreenShooter-Portable-5.30-x64\ScreenShooter-Portable-5.30-x64\ScreenShooter5.exe
(Acer Incorporated - & gt; Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated - & gt; Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporated - & gt; Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated - & gt; Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated - & gt; Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated - & gt; Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Adobe Inc. - & gt; Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Beijing Qihu Technology Co., Ltd. - & gt; Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Beijing Qihu Technology Co., Ltd. - & gt; Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Beijing Qihu Technology Co., Ltd. - & gt; Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Dolby Laboratories, Inc. - & gt; Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe & lt; 11 & gt;
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Ivaylo Beltchev - & gt; IvoSoft) [Brak podpisu cyfrowego] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe & lt; 3 & gt;
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe & lt; 2 & gt;
(Oracle America, Inc. - & gt; Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Qualcomm Atheros - & gt; Qualcomm Atheros) [Brak podpisu cyfrowego] C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN & Bluetooth Installer\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp - & gt; Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TeamViewer GmbH - & gt; TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(WinZip Computing LLC - & gt; WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RtHDVBg_Dolby] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2018-04-13] (Realtek Semiconductor Corp - & gt; Realtek Semiconductor)
HKLM\...\Run: [NvBackend] = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-16] (NVIDIA Corporation - & gt; NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] = & gt; C:\Windows\system32\nvspcap64.dll [1514528 2015-01-16] (NVIDIA Corporation PE Sign v2014 - & gt; NVIDIA Corporation) [Brak podpisu cyfrowego]
HKLM\...\Run: [Classic Start Menu] = & gt; C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev - & gt; IvoSoft) [Brak podpisu cyfrowego]
HKLM\...\Run: [WinZip UN] = & gt; C:\Program Files\WinZip\WZUpdateNotifier.exe [1878016 2017-04-21] (WinZip) [Brak podpisu cyfrowego]
HKLM\...\Run: [WinZip PreLoader] = & gt; C:\Program Files\WinZip\WzPreloader.exe [124360 2017-04-21] (Corel Corporation - & gt; WinZip Computing, S.L.)
HKLM\...\Run: [WinZip FAH] = & gt; C:\Program Files\WinZip\FAHConsole.exe [436416 2017-04-21] (WinZip Computing LLC - & gt; WinZip Computing, S.L.)
HKLM-x32\...\Run: [QHSafeTray] = & gt; C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [413000 2019-07-10] (Beijing Qihu Technology Co., Ltd. - & gt; Qihoo 360 Technology Co. Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. - & gt; Oracle Corporation)
HKU\S-1-5-21-1590281666-1744561026-2606995780-1001\...\Run: [Steam] = & gt; C:\Program Files (x86)\Steam\steam.exe [3395360 2020-09-04] (Valve - & gt; Valve Corporation)
HKU\S-1-5-21-1590281666-1744561026-2606995780-1001\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-04-03] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
HKU\S-1-5-21-1590281666-1744561026-2606995780-1001\...\Run: [screenshooter] = & gt; C:\Users\Matek\Downloads\ScreenShooter-Portable-5.30-x64\ScreenShooter-Portable-5.30-x64\ScreenShooter5.exe [967680 2015-09-18] () [Brak podpisu cyfrowego]
HKU\S-1-5-21-1590281666-1744561026-2606995780-1001\...\Run: [Matek] = & gt; cmd.exe /c start www.exinariuminix.info
HKU\S-1-5-21-1590281666-1744561026-2606995780-1001\...\MountPoints2: {3414721c-8df1-11e8-8276-2c600c919b85} - " G:\setup.exe "
HKU\S-1-5-21-1590281666-1744561026-2606995780-1001\...\MountPoints2: {5f60920d-42e4-11e8-8269-2c600c919b85} - " F:\setup.exe "
HKU\S-1-5-21-1590281666-1744561026-2606995780-1001\...\MountPoints2: {f28523ac-35f5-11e9-828f-2c600c919b85} - " H:\HiSuiteDownLoader.exe "
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.75\Installer\chrmstp.exe [2020-10-13] (Google LLC - & gt; Google LLC)
GroupPolicy: Ograniczenia ? & lt; ==== UWAGA

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {2CDCEF50-E44E-41EC-9FB1-8630A49C657F} - System32\Tasks\BacKGroundAgent = & gt; C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated - & gt; Acer Incorporated)
Task: {31D3E4C2-EAB5-4052-8C7F-DF19A4BA2DB8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 = & gt; C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {4625FBC0-D445-42A1-91CF-38AF6BD9649E} - System32\Tasks\ACC = & gt; C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
Task: {484AAE3F-9AAF-4DF7-B073-F32BE83778E2} - System32\Tasks\Quick Access Quick Launcher = & gt; C:\Program Files\Acer\Acer Quick Access\QALauncher.exe
Task: {4F62EDDE-F2E6-4CF3-B53C-D7AB15311FCC} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-13] (Google Inc - & gt; Google Inc.)
Task: {5EB911F0-84AD-4D8E-B2C3-002A06B3B2B5} - System32\Tasks\TNTClientUpdater = & gt; C:\Program Files (x86)\GameforgeLogin\updater.exe [505496 2018-10-08] (Gameforge 4D GmbH - & gt; )
Task: {615FA2FA-F144-4294-B60E-55C704DE047A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 = & gt; C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {71E678FD-4C54-4BD0-BFDA-64293BD5D986} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1590281666-1744561026-2606995780-1001 = & gt; C:\Users\Matek\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2018-06-26] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {844CC542-6D50-4530-BC55-160C13D6AF7D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat = & gt; C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {8CC42166-E36E-41E6-AFB4-C4B6F11AAB2D} - System32\Tasks\Software Update Application = & gt; C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474344 2014-06-09] (Acer Incorporated - & gt; Acer Incorporated)
Task: {A5B28417-416D-4BFC-8E5E-E0DF1C6E317B} - System32\Tasks\WinZip Update Notifier = & gt; C:\Program Files\WinZip\WZUpdateNotifier.exe [1878016 2017-04-21] (WinZip) [Brak podpisu cyfrowego]
Task: {B5836F21-39B4-4084-903B-5C5636529E17} - System32\Tasks\Matek = & gt; cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Matek /t REG_SZ /d " cmd.exe /c start www.exinariuminix.info "
Task: {C149B3DC-E578-4819-AFC3-B02C19B49FE2} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. - & gt; Adobe Inc.)
Task: {C5D26442-59A4-41FF-8591-B5E256C961D0} - System32\Tasks\Recovery Management\Notification = & gt; C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [490728 2014-10-16] (Acer Incorporated - & gt; Acer Incorporated)
Task: {C669EC54-4CFF-4CEB-8C5D-9320A401AE4E} - System32\Tasks\Launch Manager = & gt; C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [419048 2015-01-26] (Acer Incorporated - & gt; Acer Incorporate)
Task: {D6130AF8-6D71-4B8D-AA51-D6FE1AA26966} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-13] (Google Inc - & gt; Google Inc.)
Task: {F9995160-1F33-4B45-9D90-D8B13F335EF6} - System32\Tasks\DolbySelectorTask = & gt; C:\Program Files\Dolby Digital Plus\ddp.exe [585600 2014-04-07] (Dolby Laboratories, Inc. - & gt; Dolby Laboratories Inc.)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3EAAA4CE-8615-44D3-87DE-3160BE8201AA}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AAAA1CB7-DA95-4CF2-AB2B-1AFA90F7A1FA}: [DhcpNameServer] 188.0.32.9 94.246.128.4 188.117.188.117

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi = & gt; nie znaleziono
FF Plugin: @java.com/DTPlugin,version=11.251.2 - & gt; C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-06] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 - & gt; C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-06] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN - & gt; VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf - & gt; C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated - & gt; Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf - & gt; C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated - & gt; Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp - & gt; C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated - & gt; Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf - & gt; C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated - & gt; Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel(R) Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel(R) Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-05-15] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - & gt; C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Brak pliku]
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. - & gt; Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default [2020-10-16]
CHR HomePage: Default - & gt; mysearch.avg.com
CHR StartupUrls: Default - & gt; " hxxp://google.pl/ "
CHR DefaultSearchURL: Default - & gt; hxxps://mysearch.avg.com/search?rvt=1 & sap=dsp & q={searchTerms}
CHR DefaultSearchKeyword: Default - & gt; hxxps://mysearch.avg.com
CHR Extension: (Prezentacje) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-13]
CHR Extension: (Dokumenty) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-13]
CHR Extension: (Dysk Google) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Bloker reklam AdGuard) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2020-08-18]
CHR Extension: (YouTube) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-13]
CHR Extension: (AVG Secure Search) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2020-10-16]
CHR Extension: (uBlock Origin) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-10-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-17]
CHR Extension: (Arkusze) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-18]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-16]
CHR Profile: C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-10-04]
CHR Profile: C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-10-12]
CHR Extension: (Prezentacje) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-15]
CHR Extension: (Dokumenty) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-15]
CHR Extension: (Dysk Google) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-15]
CHR Extension: (YouTube) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-28]
CHR Extension: (Arkusze) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-28]
CHR Extension: (360 Internet Protection) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\glcimepnljoholdmjchkloafkggfoijh [2018-10-01]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Matek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-05]
CHR Profile: C:\Users\Matek\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-06]
CHR HKU\S-1-5-21-1590281666-1744561026-2606995780-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

==================== Usługi (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. - & gt; Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN & Bluetooth Installer\Bluetooth Suite\adminservice.exe [309328 2015-05-29] (Qualcomm Atheros - & gt; Qualcomm Atheros) [Brak podpisu cyfrowego]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated - & gt; Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606120 2018-04-03] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
S2 DrvCovEx; C:\Windows\SysWOW64\DrvCovEx.exe [45056 2016-11-01] () [Brak podpisu cyfrowego]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2018-11-09] (EasyAntiCheat Oy - & gt; EasyAntiCheat Ltd)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [471784 2015-01-26] (Acer Incorporated - & gt; Acer Incorporate)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [978824 2020-07-31] (Beijing Qihu Technology Co., Ltd. - & gt; Qihoo 360 Technology Co. Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH - & gt; TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 ePowerSvc; " C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe " [X]
S2 GamesAppIntegrationService; " C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe " [X]
S3 GamesAppService; " C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe " [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]
S3 QASvc; " C:\Program Files\Acer\Acer Quick Access\QASvc.exe " [X]
S3 RMSvc; " C:\Program Files\Acer\Acer Quick Access\RMSvc.exe " [X]
S3 UEIPSvc; " C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe " [X]

===================== Sterowniki (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [190680 2020-07-06] (Beijing Qihu Technology Co., Ltd. - & gt; 360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2019-03-06] (Qihoo 360 Software (Beijing) Company Limited - & gt; 360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2019-03-06] (Qihoo 360 Software (Beijing) Company Limited - & gt; 360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [337280 2020-06-05] (Beijing Qihu Technology Co., Ltd. - & gt; 360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [49088 2018-04-02] (Qihoo 360 Software (Beijing) Company Limited - & gt; 360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [457672 2019-11-04] (Beijing Qihu Technology Co., Ltd. - & gt; 360.cn)
R1 360Hvm; C:\Windows\System32\Drivers\360Hvm64.sys [322944 2020-06-23] (Beijing Qihu Technology Co., Ltd. - & gt; 360安全中心)
R1 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [96424 2018-04-02] (Qihoo 360 Software (Beijing) Company Limited - & gt; 360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [219520 2020-05-29] (Beijing Qihu Technology Co., Ltd. - & gt; 360.cn)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-04-19] (Disc Soft Ltd - & gt; Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-04-19] (Disc Soft Ltd - & gt; Disc Soft Ltd)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated - & gt; Acer Incorporated)
S3 mpszfilt; C:\Windows\System32\DRIVERS\mpszfilt.sys [20632 2016-11-01] (AlcorMicro, Corp. - & gt; Generic)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-08] (Nvidia Corporation - & gt; Windows (R) Win 7 DDK provider)
R3 Qcamain; C:\Windows\system32\DRIVERS\Qcamainx64.sys [2294808 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher - & gt; Qualcomm Atheros, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated - & gt; Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows - & gt; Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows - & gt; Microsoft Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc (utworzone) ===================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2020-10-16 11:06 - 2020-10-16 11:06 - 000025163 _____ C:\Users\Matek\Downloads\FRST.txt
2020-10-16 11:05 - 2020-10-16 11:06 - 000000000 ____D C:\FRST
2020-10-16 11:01 - 2020-10-16 11:01 - 002299904 _____ (Farbar) C:\Users\Matek\Downloads\FRST64.exe
2020-10-16 10:59 - 2020-10-16 10:59 - 008447152 _____ (Malwarebytes) C:\Users\Matek\Downloads\AdwCleaner.exe
2020-10-13 21:13 - 2020-09-30 05:04 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-10-13 21:13 - 2020-09-30 04:15 - 001381888 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2020-10-13 21:13 - 2020-09-29 06:11 - 003642368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-10-13 21:13 - 2020-09-24 08:43 - 002535968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2020-10-13 21:13 - 2020-09-24 08:36 - 002173392 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-10-13 21:13 - 2020-09-24 08:01 - 025759232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-10-13 21:13 - 2020-09-24 07:00 - 001902240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-10-13 21:13 - 2020-09-24 06:53 - 001561296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-10-13 21:13 - 2020-09-24 06:28 - 002914304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-10-13 21:13 - 2020-09-24 06:16 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-10-13 21:13 - 2020-09-24 06:13 - 020293632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-10-13 21:13 - 2020-09-24 05:54 - 002306048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-10-13 21:13 - 2020-09-24 05:40 - 015494144 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-10-13 21:13 - 2020-09-24 05:33 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-10-13 21:13 - 2020-09-24 05:29 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-10-13 21:13 - 2020-09-24 05:26 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-10-13 21:13 - 2020-09-24 05:20 - 013872640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-10-13 21:13 - 2020-09-24 05:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-10-13 21:13 - 2020-09-24 05:07 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-10-13 21:13 - 2020-09-24 05:04 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-10-13 21:13 - 2020-09-24 05:01 - 001920512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-10-13 21:13 - 2020-09-24 05:00 - 001341952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-10-13 21:13 - 2020-09-24 04:55 - 003826176 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-10-13 21:13 - 2020-09-24 04:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-10-13 21:13 - 2020-09-24 04:52 - 003278848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-10-13 21:13 - 2020-09-10 22:20 - 001757184 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-10-13 21:13 - 2020-09-10 22:14 - 002349056 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2020-10-13 21:13 - 2020-09-10 21:56 - 001551360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2020-10-13 21:12 - 2020-09-30 09:20 - 000135240 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2020-10-13 21:12 - 2020-09-30 04:56 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-10-13 21:12 - 2020-09-30 04:48 - 001118720 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2020-10-13 21:12 - 2020-09-29 07:32 - 000115616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2020-10-13 21:12 - 2020-09-29 06:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-10-13 21:12 - 2020-09-29 05:54 - 001067520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2020-10-13 21:12 - 2020-09-24 08:47 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2020-10-13 21:12 - 2020-09-24 08:36 - 007363320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-10-13 21:12 - 2020-09-24 07:01 - 000098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2020-10-13 21:12 - 2020-09-24 06:25 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-10-13 21:12 - 2020-09-24 06:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-10-13 21:12 - 2020-09-24 06:14 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-10-13 21:12 - 2020-09-24 06:04 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2020-10-13 21:12 - 2020-09-24 05:57 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-10-13 21:12 - 2020-09-24 05:55 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-10-13 21:12 - 2020-09-24 05:53 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-10-13 21:12 - 2020-09-24 05:53 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-10-13 21:12 - 2020-09-24 05:52 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2020-10-13 21:12 - 2020-09-24 05:51 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-10-13 21:12 - 2020-09-24 05:47 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-10-13 21:12 - 2020-09-24 05:47 - 000653824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-10-13 21:12 - 2020-09-24 05:41 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-10-13 21:12 - 2020-09-24 05:39 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-10-13 21:12 - 2020-09-24 05:39 - 000484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdial32.dll
2020-10-13 21:12 - 2020-09-24 05:39 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-10-13 21:12 - 2020-09-24 05:38 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-10-13 21:12 - 2020-09-24 05:37 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-10-13 21:12 - 2020-09-24 05:32 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-10-13 21:12 - 2020-09-24 05:32 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-10-13 21:12 - 2020-09-24 05:31 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-10-13 21:12 - 2020-09-24 05:30 - 000279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-10-13 21:12 - 2020-09-24 05:30 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2020-10-13 21:12 - 2020-09-24 05:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-10-13 21:12 - 2020-09-24 05:27 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-10-13 21:12 - 2020-09-24 05:26 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-10-13 21:12 - 2020-09-24 05:26 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-10-13 21:12 - 2020-09-24 05:25 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-10-13 21:12 - 2020-09-24 05:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-10-13 21:12 - 2020-09-24 05:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-10-13 21:12 - 2020-09-24 05:22 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-10-13 21:12 - 2020-09-24 05:21 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-10-13 21:12 - 2020-09-24 05:18 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-10-13 21:12 - 2020-09-24 05:13 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-10-13 21:12 - 2020-09-24 05:10 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-10-13 21:12 - 2020-09-24 05:08 - 000905728 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-10-13 21:12 - 2020-09-24 05:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-10-13 21:12 - 2020-09-24 05:07 - 001099264 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-10-13 21:12 - 2020-09-24 05:06 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-10-13 21:12 - 2020-09-24 05:03 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-10-13 21:12 - 2020-09-24 05:00 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-10-13 21:12 - 2020-09-24 04:59 - 000710656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-10-13 21:12 - 2020-09-24 04:53 - 001684992 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-10-13 21:12 - 2020-09-15 09:06 - 001311776 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-10-13 21:12 - 2020-09-15 08:57 - 000325320 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-10-13 21:12 - 2020-09-15 07:24 - 000245752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-10-13 21:12 - 2020-09-15 06:49 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2020-10-13 21:12 - 2020-09-15 06:15 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-10-13 21:12 - 2020-09-11 18:31 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-10-13 21:12 - 2020-09-11 11:39 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2020-10-13 21:12 - 2020-09-11 10:23 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-10-13 21:12 - 2020-09-11 01:49 - 001370680 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-10-13 21:12 - 2020-09-10 23:27 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-10-13 21:12 - 2020-09-10 22:51 - 000642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-10-13 21:12 - 2020-09-10 22:51 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-10-13 21:12 - 2020-09-10 22:11 - 001088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-10-13 21:12 - 2020-09-10 22:02 - 001495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-10-13 21:12 - 2020-09-10 03:24 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-10-12 03:33 - 2020-10-12 03:35 - 000000000 ____D C:\AdwCleaner
2020-10-12 03:31 - 2020-10-12 03:31 - 000000235 _____ C:\DelFix.txt

==================== Jeden miesiąc (zmodyfikowane) ==================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2020-12-31 02:26 - 2018-04-13 01:03 - 000003972 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{9BFA1321-5486-4E53-A019-2FB6E24E3F0F}
2020-10-16 11:06 - 2018-04-21 13:16 - 006763520 ___SH C:\Users\Matek\Downloads\Thumbs.db
2020-10-16 11:04 - 2018-04-13 16:06 - 000000000 ____D C:\Users\Matek\AppData\LocalLow\360WD
2020-10-16 11:04 - 2018-04-13 15:39 - 000000000 ____D C:\Users\Matek\AppData\Local\ClassicShell
2020-10-16 11:03 - 2020-09-08 21:34 - 000000001 _____ C:\Windows\system32\Drivers\360Hvm64.dat
2020-10-16 11:03 - 2019-01-28 22:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-10-16 11:03 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-16 11:01 - 2018-04-13 01:03 - 000003482 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-16 11:01 - 2018-04-13 01:03 - 000003354 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-16 10:57 - 2015-06-14 17:27 - 000801022 _____ C:\Windows\system32\perfh015.dat
2020-10-16 10:57 - 2015-06-14 17:27 - 000160728 _____ C:\Windows\system32\perfc015.dat
2020-10-16 10:57 - 2014-11-21 10:44 - 001817498 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-16 10:57 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-10-16 10:55 - 2018-04-13 01:02 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1590281666-1744561026-2606995780-1001
2020-10-16 10:52 - 2018-04-13 16:06 - 000000000 ____D C:\Users\Matek\AppData\Roaming\360safe
2020-10-14 10:53 - 2018-04-13 16:37 - 001200128 ___SH C:\Users\Matek\Desktop\Thumbs.db
2020-10-14 10:52 - 2020-03-29 17:03 - 000000000 ____D C:\Users\Matek\Desktop\zdjęcia do wywołania
2020-10-13 22:07 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2020-10-13 22:07 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2020-10-13 22:03 - 2013-08-22 15:25 - 000000199 _____ C:\Windows\win.ini
2020-10-13 21:06 - 2018-04-13 01:04 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-12 20:44 - 2020-05-15 21:26 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2020-10-12 20:44 - 2020-05-15 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-10-12 20:44 - 2018-08-23 17:47 - 000000000 ____D C:\Riot Games
2020-10-12 16:21 - 2015-03-24 15:04 - 000000000 ____D C:\ProgramData\Acer
2020-10-12 03:35 - 2015-03-24 15:11 - 000000000 ____D C:\Program Files\Acer
2020-10-12 03:35 - 2015-03-24 15:04 - 000000000 ____D C:\Program Files (x86)\Acer
2020-10-12 03:14 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-10-12 03:09 - 2020-04-01 22:42 - 000000266 __RSH C:\ProgramData\ntuser.pol
2020-10-11 22:30 - 2019-01-28 22:14 - 000000000 ____D C:\Program Files (x86)\SAT
2020-10-11 22:30 - 2018-06-26 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
2020-10-11 22:30 - 2018-04-15 14:08 - 000000000 __SHD C:\$360Section
2020-10-11 22:30 - 2018-04-13 16:07 - 000000000 ____D C:\ProgramData\360Quarant
2020-10-02 22:58 - 2018-04-14 11:00 - 000835472 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-10-02 22:58 - 2018-04-14 11:00 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-27 20:28 - 2018-04-13 23:56 - 000000000 ____D C:\Windows\system32\MRT
2020-09-27 20:25 - 2018-04-13 16:32 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-27 20:25 - 2018-04-13 16:32 - 000001985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-27 20:23 - 2018-08-23 17:47 - 000000000 ____D C:\ProgramData\Riot Games
2020-09-27 20:23 - 2018-04-13 23:56 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-17 21:53 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-17 21:53 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness

==================== Pliki w katalogu głównym wybranych folderów ========

2018-04-13 16:31 - 2018-04-13 16:31 - 000000266 _____ () C:\ProgramData\fontcacheev1.dat
2019-07-23 20:34 - 2019-07-23 20:34 - 001098112 _____ (Simon Tatham) C:\Users\Matek\putty.exe
2019-01-28 22:25 - 2019-01-28 22:27 - 000013394 _____ () C:\Users\Matek\AppData\Roaming\WinSCP.ini
2019-01-28 22:27 - 2019-01-28 22:27 - 000000600 _____ () C:\Users\Matek\AppData\Roaming\winscp.rnd
2018-06-26 21:19 - 2018-06-26 21:19 - 000003584 _____ () C:\Users\Matek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)


LastRegBack: 2020-09-30 22:05
==================== Koniec FRST.txt ========================