FRST.txt

Skradzione konto pocztowe i Facebook - podejrzany jest kompu - do analizy logów

Witam. Mam komputer do sprawdzenia, czy w nim nic nie siedzi. Wczoraj tj. w czwartek miała miejsce kradzież konta poczty na Onecie i konta na FB. Są podejrzenia, że komputer jest zainfekowany. Proszę o sprawdzenie logów. Przestępca zmienił hasła do kont i wypisuje do znajomych na FB w sprawie pożyczki. Nie chcę, żeby pozostałe dane wyciekały, jeśli to komputer jest przyczyną. Załączyłem logi z FRST. Pozdrawiam

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19-07-2021 01
Uruchomiony przez Aneta (administrator) ASUS (ASUSTeK COMPUTER INC. N750JK) (30-07-2021 18:09:15)
Uruchomiony z C:\Users\rafal_000\Downloads
Załadowane profile: Aneta
Platform: Windows 10 Home Wersja 21H1 19043.1110 (X64) Język: Polski (Polska)
Domyślna przeglądarka: FF
Tryb startu: Normal

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUS Cloud Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(ASUSTeK Computer Inc. - & gt; ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. - & gt; ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. - & gt; ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. - & gt; ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. - & gt; ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. - & gt; ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Atheros) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Autodesk, Inc. - & gt; Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. - & gt; Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Electronic Arts, Inc. - & gt; Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. - & gt; ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. - & gt; ) C:\Windows\SysWOW64\PnkBstrB.exe
(Filseclab Corporation - & gt; Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(Flexera Software LLC - & gt; Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Google Inc - & gt; Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(HUAWEI Technologies Co., Ltd. - & gt; ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(HUAWEI Technologies Co., Ltd. - & gt; ) C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(HUAWEI Technologies Co., Ltd. - & gt; Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation - Intel® Management Engine Firmware - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - & gt; Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation - & gt; Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation - & gt; Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) pGFX - & gt; ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software Development Products - & gt; ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products - & gt; ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products - & gt; ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) Software Development Products - & gt; Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe & lt; 2 & gt;
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(National Instruments Corporation - & gt; National Instruments Corp.) C:\Windows\SysWOW64\nisvcloc.exe
(National Instruments Corporation - & gt; National Instruments, Inc.) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation - & gt; National Instruments, Inc.) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation - & gt; National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation - & gt; National Instruments, Inc.) C:\Windows\SysWOW64\lktsrv.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe & lt; 2 & gt;
(Piriform Software Ltd - & gt; Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [Malwarebytes TrayApp] = & gt; C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes Corporation - & gt; Malwarebytes)
HKLM-x32\...\Run: [ASUSPRP] = & gt; C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTeK Computer Inc. - & gt; ASUSTek Computer Inc.) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [WebStorage] = & gt; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] (ASUS Cloud Corporation - & gt; )
HKLM-x32\...\Run: [ASUS InstantKey] = & gt; C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [14448 2014-01-28] (ASUSTeK Computer Inc. - & gt; ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle America, Inc. - & gt; Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] = & gt; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [665384 2019-12-05] (Autodesk, Inc. - & gt; Autodesk, Inc.)
HKLM-x32\...\Run: [ControlCenter3] = & gt; C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [BrStsMon00] = & gt; C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [Intel Driver & Support Assistant] = & gt; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-07-26] (Intel Corporation - & gt; Intel)
HKLM\...\Policies\Explorer\Run: [BtvStack] = & gt; " C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe "
HKU\S-1-5-21-3476631365-3413602101-2308867797-1003\...\Run: [Steam] = & gt; C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-19] (Valve - & gt; Valve Corporation)
HKU\S-1-5-21-3476631365-3413602101-2308867797-1003\...\Run: [gtarcade] = & gt; C:\Users\rafal_000\AppData\Local\Gtarcade\app\gtarcade.exe [3948888 2019-09-03] (上海游族互娱网络科技有限公司 - & gt; )
HKU\S-1-5-21-3476631365-3413602101-2308867797-1003\...\Run: [GogGalaxy] = & gt; C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-04-05] (GOG Sp. z o.o. - & gt; GOG.com)
HKU\S-1-5-21-3476631365-3413602101-2308867797-1003\...\Run: [CCleaner Smart Cleaning] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd - & gt; Piriform Software Ltd)
HKU\S-1-5-21-3476631365-3413602101-2308867797-1003\...\Run: [GalaxyClient] = & gt; [X]
HKU\S-1-5-21-3476631365-3413602101-2308867797-1003\...\Run: [EpicGamesLauncher] = & gt; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32883768 2021-01-30] (Epic Games Inc. - & gt; Epic Games, Inc.)
HKU\S-1-5-21-3476631365-3413602101-2308867797-1003\...\Policies\Explorer: [] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.107\Installer\chrmstp.exe [2021-07-27] (Google LLC - & gt; Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] - & gt; C:\Windows\system32\AthCredentialProvider.dll [2014-01-02] (Qualcomm Atheros - & gt; Qualcomm®Atheros®) [Brak podpisu cyfrowego]
HKLM\Software\...\Authentication\Credential Providers: [{b84ca702-35a8-4e67-8d2a-6c2807b297d3}] - & gt;
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] - & gt; C:\Windows\system32\AthCredentialProvider.dll [2014-01-02] (Qualcomm Atheros - & gt; Qualcomm®Atheros®) [Brak podpisu cyfrowego]
Startup: C:\Users\rafal_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2020-01-26]
ShortcutTarget: GenuineService.lnk - & gt; C:\Users\rafal_000\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. - & gt; Autodesk)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia & lt; ==== UWAGA
HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {00879972-1262-4BFF-AE7D-BF4CA5F187C5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {01A0F9DC-BF76-4432-A61D-899650BCC20D} - System32\Tasks\P4GIntlCtrl = & gt; C:\Program Files\ASUS\P4G\IntlDPST.exe [74112 2014-02-11] (ASUSTeK Computer Inc. - & gt; )
Task: {06FBEAE0-132B-4D0C-9495-93BBF32390E3} - \WPD\SqmUpload_S-1-5-21-3476631365-3413602101-2308867797-1002 - & gt; Brak pliku & lt; ==== UWAGA
Task: {09301065-C328-48C5-9B76-B614B9F9566B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {12DFB581-1585-4609-B4BD-393693E213CB} - System32\Tasks\ASUS Smart Gesture Launcher = & gt; C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. - & gt; AsusTek)
Task: {1B0C3725-66A9-4B3E-B10E-23D570FD728D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess - & gt; Brak pliku & lt; ==== UWAGA
Task: {1ED44609-D6B6-4C38-B2F0-83D902FD1D45} - System32\Tasks\Adobe Flash Player NPAPI Notifier = & gt; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [1456128 2019-01-09] (Adobe Systems Incorporated - & gt; Adobe Systems Incorporated)
Task: {1EE62989-ACAF-41AF-B23A-C108501744E5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d - & gt; Brak pliku & lt; ==== UWAGA
Task: {236BD85A-0754-4528-8FBC-CA83523883C1} - System32\Tasks\AsusVibeSchedule = & gt; C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [1957040 2013-11-04] (ASUSTeK Computer Inc. - & gt; ) [Brak podpisu cyfrowego]
Task: {248C155E-D206-45C4-99C1-5BED4C8C1AAD} - System32\Tasks\{2A59C019-504F-4CD6-84CA-6C8B90EABF7E} = & gt; C:\Windows\system32\pcalua.exe -a E:\start.exe -d E:\
Task: {2E334EB6-C33D-4F23-A054-BE0037E056FC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d - & gt; Brak pliku & lt; ==== UWAGA
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join = & gt; C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3C9EDA7C-0DA1-47AE-88ED-B11C0CFFC271} - System32\Tasks\RtHDVBg = & gt; C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-11-13] (Realtek Semiconductor Corp - & gt; Realtek Semiconductor)
Task: {3D24D625-CFD5-4EBD-AC59-BB58DBAEBE9A} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated)
Task: {3F8E62F7-D58D-4355-BC1F-087CEE47C209} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - & gt; Brak pliku & lt; ==== UWAGA
Task: {49EB4CB5-B538-44F4-ACB4-BF770537990D} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd - & gt; Piriform Software Ltd)
Task: {4A54CFA3-FE55-42DF-8570-AE641A8B75C7} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend - & gt; Brak pliku & lt; ==== UWAGA
Task: {4D780E2E-54D4-48AF-8CCB-7B5BB6364551} - System32\Tasks\{66209CE5-859E-4A2F-918B-6D4BCE0FEEA0} = & gt; C:\Windows\system32\pcalua.exe -a " C:\Program Files (x86)\Atari\Dragonshard\Dragonshard.exe " -d C:\Users\rafal_000\Desktop
Task: {5097E7C1-6AE4-4C31-9D4C-CEF47DC98E08} - \Microsoft\Windows\UNP\RunCampaignManager - & gt; Brak pliku & lt; ==== UWAGA
Task: {53199C00-B26B-4985-AECB-5601CE3307B6} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK = & gt; " C:\WINDOWS\System32\Wscript.exe " //B //NoLogo " C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs "
Task: {563C4C84-1F78-48EF-97D1-EB8545D5117E} - System32\Tasks\ASUS Live Update1 = & gt; C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-06-03] () [Brak podpisu cyfrowego]
Task: {56CD2C33-7FFC-4913-84BC-55D987BCF874} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon = & gt; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products - & gt; Intel Corporation)
Task: {5ADB1161-5280-4BA8-8190-B795FC05C063} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - & gt; Brak pliku & lt; ==== UWAGA
Task: {5B69B963-B100-467E-A08C-0B5AEC1DF3AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {5FA6A87C-03D5-4E47-9EF8-016126F45443} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Task: {62747D19-D4C7-4528-9691-7A3513757831} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-03] (Google Inc - & gt; Google Inc.)
Task: {634DE86F-118E-4B95-9A65-D52405C261E6} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B = & gt; C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-23] (Mozilla Corporation - & gt; Mozilla Foundation)
Task: {6B697278-6547-4E1C-9A79-B0B5EC851A66} - System32\Tasks\ASUS P4G = & gt; C:\Program Files\ASUS\P4G\BatteryLife.exe [1038648 2014-02-11] (ASUSTeK Computer Inc. - & gt; ASUS)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task = & gt; {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70517D8A-E04F-41FF-B1C5-4D32DA99FA54} - System32\Tasks\ExclusiveTool = & gt; C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [19968 2016-10-04] (InputMapper) [Brak podpisu cyfrowego]
Task: {70A32EF5-2BD4-4CBA-965E-C1AF1AF67E80} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d - & gt; Brak pliku & lt; ==== UWAGA
Task: {7109D3BF-E28F-47B7-A43F-A26B44AC38B3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent - & gt; Brak pliku & lt; ==== UWAGA
Task: {72C53955-A12A-42A8-8B4D-944C84A592F1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig - & gt; Brak pliku & lt; ==== UWAGA
Task: {7764BF0F-A668-4A1B-B134-DA48922D9E52} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload = & gt; {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {79D030EC-F202-4664-B63F-7F731B6D1158} - System32\Tasks\ASUS Console = & gt; C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2278168 2014-02-06] (ASUSTeK Computer Inc. - & gt; ASUSTek Computer Inc.)
Task: {7AF8A8A7-61EE-4748-9633-173822AD7268} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - & gt; Brak pliku & lt; ==== UWAGA
Task: {7B157B08-448D-4AC0-94AC-4455752F2501} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task: {86DEEB55-676C-4870-9C65-51C8BACF1E07} - System32\Tasks\ASUS Splendid ColorU = & gt; C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [183408 2013-08-16] (ASUSTeK Computer Inc. - & gt; ASUSTeK Computer Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task = & gt; {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8FCA19C8-6D26-45A2-8A92-5B0C9B782CAE} - \WPD\SqmUpload_S-1-5-21-3476631365-3413602101-2308867797-1003 - & gt; Brak pliku & lt; ==== UWAGA
Task: {91851DA2-5407-4817-8E3B-EE6E4510CDD2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - & gt; Brak pliku & lt; ==== UWAGA
Task: {92F80902-2ADE-4CD5-8E11-81AD6E5B6C54} - System32\Tasks\Adobe Flash Player Updater = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-09] (Adobe Systems Incorporated - & gt; Adobe Systems Incorporated)
Task: {9BB3534A-93FC-49C3-8F99-941FC0454679} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d - & gt; Brak pliku & lt; ==== UWAGA
Task: {9BF27269-5B72-4322-B7AC-FF25AEDA7260} - System32\Tasks\CreateChoiceProcessTask = & gt; C:\Windows\BrowserChoice\browserchoice.exe
Task: {A4C118A5-493C-4533-B64E-8666FB9E6AE5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task: {B6D2275B-D05A-45F3-87E9-6E7FA35AC71F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {BA403C58-6F28-4923-9CD0-E4E3C30FE6F5} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d - & gt; Brak pliku & lt; ==== UWAGA
Task: {BCBCB536-2A05-4D68-B7FB-22965205BFFC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d - & gt; Brak pliku & lt; ==== UWAGA
Task: {C67E903A-7AD4-4D54-BE7F-A43A50D1A024} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-03] (Google Inc - & gt; Google Inc.)
Task: {C7767938-C56B-4A06-9F38-5782F2FB2FFD} - \Microsoft\Windows\Setup\gwx\rundetector - & gt; Brak pliku & lt; ==== UWAGA
Task: {C8D92A4E-868F-4D4A-B2A6-C963CB507583} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Task: {CB39FEAE-0AF7-42BC-B1B9-EE56EA1DC439} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 = & gt; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor = & gt; {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CE2F86AF-97AC-42C8-A46B-9E671891F42D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Task: {CF3C605C-718A-435D-9505-82EE242DC0DC} - System32\Tasks\ASUS USB Charger Plus = & gt; C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. - & gt; ASUSTek Computer Inc.)
Task: {CF7FDDC7-8A2A-4182-911A-FC7822C058E5} - System32\Tasks\Update Checker = & gt; C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-06-03] () [Brak podpisu cyfrowego]
Task: {D3C19DB1-D5B3-4746-9089-93EF732C9BD8} - System32\Tasks\ASUS Live Update2 = & gt; C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-06-03] () [Brak podpisu cyfrowego]
Task: {E54E405A-EAA8-4C62-AB7E-CD10C83EB025} - System32\Tasks\ASUS Splendid ACMON = & gt; C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55368 2013-08-19] (ASUSTeK Computer Inc. - & gt; ASUS)
Task: {E5546177-6EFA-4111-B2C6-2002526E215E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 = & gt; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products - & gt; Intel Corporation)
Task: {E81F127D-ECA4-4FAC-B1D8-313838210C57} - System32\Tasks\CCleaner Update = & gt; C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd - & gt; Piriform)
Task: {F7B99F32-6372-4705-B9E2-BC07646A2B6B} - System32\Tasks\RTKCPL = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-20] (Realtek Semiconductor Corp - & gt; Realtek Semiconductor)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6cfd153d-6f31-4294-9977-184427357308}: [NameServer] 212.2.96.51 212.2.96.52
Tcpip\..\Interfaces\{72d45b7b-cb55-4e19-b766-42c11a4f18c5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{79b8d27a-123c-4568-bbc6-a6ebae89a392}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Edge:
=======
Edge Extension: (Brak nazwy) - & gt; AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; BookReader_B171F20233094AC88D05A8EF7B9763E8 = & gt; C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 = & gt; C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono]
Edge DefaultProfile: Default
Edge Profile: C:\Users\rafal_000\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-21]
Edge DownloadDir: Default - & gt; C:\Users\rafal_000\Downloads
Edge Profile: C:\Users\rafal_000\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-01-28]

FireFox:
========
FF DefaultProfile: 07jaeda0.default-1439724012141-1613623386359
FF ProfilePath: C:\Users\rafal_000\AppData\Roaming\Mozilla\Firefox\Profiles\07jaeda0.default-1439724012141-1613623386359 [2021-07-30]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-02-09]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] (Adobe Systems Incorporated - & gt; )
FF Plugin: @esn/npbattlelog,version=2.6.2 - & gt; C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Brak pliku]
FF Plugin: @esn/npbattlelog,version=2.7.1 - & gt; C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (Electronic Arts - & gt; EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] (Adobe Systems Incorporated - & gt; )
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - & gt; C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB - & gt; ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - & gt; C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Brak podpisu cyfrowego]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 - & gt; C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Brak pliku]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 - & gt; C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (Electronic Arts - & gt; EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel® Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel® Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-18] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-18] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. - & gt; Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3476631365-3413602101-2308867797-1003: @unity3d.com/UnityPlayer,version=1.0 - & gt; C:\Users\rafal_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-02] (Unity Technologies SF - & gt; Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\rafal_000\AppData\Local\Google\Chrome\User Data\Default [2021-06-18]
CHR Extension: (Dokumenty) - C:\Users\rafal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-29]
CHR Extension: (Dysk Google) - C:\Users\rafal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-05-29]
CHR Extension: (YouTube) - C:\Users\rafal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-26]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\rafal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-07-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\rafal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-29]
CHR Extension: (Skype) - C:\Users\rafal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-08-21]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\rafal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-29]
CHR Extension: (Gmail) - C:\Users\rafal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-05-29]
CHR Extension: (Chrome Media Router) - C:\Users\rafal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Usługi (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S4 AbAdminService; C:\Program Files (x86)\ToolbarTerminator\AbAdminService.exe [30984 2014-11-14] (Ascora GmbH - & gt; Ascora GmbH) [Brak podpisu cyfrowego]
R4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1047416 2019-12-05] (Autodesk, Inc. - & gt; Autodesk Inc.)
R4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-09] (Adobe Systems Incorporated - & gt; Adobe Systems Incorporated)
R4 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. - & gt; Autodesk)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Brak podpisu cyfrowego]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-18] (BattlEye Innovations e.K. - & gt; )
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-07-26] (Intel Corporation - & gt; Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-07-26] (Intel Corporation - & gt; Intel)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-06-13] (EasyAntiCheat Oy - & gt; EasyAntiCheat Ltd)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. - & gt; Epic Games, Inc.)
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-04-05] (GOG Sp. z o.o. - & gt; GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-04-05] (GOG Sp. z o.o. - & gt; GOG.com)
S4 HiPatchService; D:\Gry\HiPatchService.exe [9728 2018-03-28] (Hi-Rez Studios) [Brak podpisu cyfrowego]
R4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] (HUAWEI Technologies Co., Ltd. - & gt; )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Brak podpisu cyfrowego]
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2007-01-22] (National Instruments Corporation - & gt; National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [56096 2007-02-14] (National Instruments Corporation - & gt; National Instruments, Inc.)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [64288 2007-02-14] (National Instruments Corporation - & gt; National Instruments, Inc.)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes Corporation - & gt; Malwarebytes)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-09] (McAfee, Inc. - & gt; McAfee, Inc.)
S4 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655744 2012-06-28] (HUAWEI Technologies Co., Ltd. - & gt; )
S4 NGS; C:\WINDOWS\NGService.exe [2994248 2018-11-20] (NEXON Korea Corporation. - & gt; NEXON Korea Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [207648 2007-02-14] (National Instruments Corporation - & gt; National Instruments, Inc.)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2007-01-29] (Macrovision Corporation) [Brak podpisu cyfrowego]
R2 niSvcLoc; C:\WINDOWS\SysWOW64\nisvcloc.exe [56096 2007-02-21] (National Instruments Corporation - & gt; National Instruments Corp.)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2329392 2019-07-05] (Electronic Arts, Inc. - & gt; Electronic Arts)
R4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3203888 2019-07-05] (Electronic Arts, Inc. - & gt; Electronic Arts)
R4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-09-29] (Even Balance, Inc. - & gt; )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2016-12-24] (Even Balance, Inc. - & gt; )
R4 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139712 2017-04-24] (Filseclab Corporation - & gt; Filseclab Corporation Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-01-02] (Atheros) [Brak podpisu cyfrowego]

===================== Sterowniki (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. - & gt; ASUS Corporation)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [314016 2018-01-01] (Tages SA - & gt; )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2017-05-22] (Microsoft Windows Hardware Compatibility Publisher - & gt; LogMeIn Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. - & gt; ASUS)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [90112 2012-08-20] (Microsoft Windows Hardware Compatibility Publisher - & gt; Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. - & gt; )
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43680 2018-01-01] (Tages SA - & gt; )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2019-02-09] (Malwarebytes Corporation - & gt; Malwarebytes)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (ASUSTeK Computer Inc. - & gt; Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James - & gt; Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows - & gt; Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows - & gt; Microsoft Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc (utworzone) (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-07-30 18:05 - 2021-07-30 18:09 - 000099893 _____ C:\Users\rafal_000\Downloads\Addition.txt
2021-07-30 18:01 - 2021-07-30 18:11 - 000036434 _____ C:\Users\rafal_000\Downloads\FRST.txt
2021-07-30 18:00 - 2021-07-30 18:10 - 000000000 ____D C:\FRST
2021-07-30 18:00 - 2021-07-30 18:00 - 002300416 _____ (Farbar) C:\Users\rafal_000\Downloads\FRST64.exe
2021-07-30 17:20 - 2021-07-30 17:20 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000022-000000.txt
2021-07-29 07:06 - 2021-07-29 07:06 - 000001472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-07-25 17:22 - 2021-07-25 17:26 - 000000000 ____D C:\Users\rafal_000\Desktop\PAŁAC PIORUNÓW
2021-07-25 09:54 - 2021-07-25 10:33 - 000000000 ____D C:\Users\rafal_000\Desktop\a
2021-07-23 06:39 - 2021-07-23 06:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-21 07:03 - 2021-07-21 07:03 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000021-000000.txt
2021-07-20 07:38 - 2021-07-20 07:39 - 026058748 _____ C:\Users\rafal_000\Downloads\HeniaFoks.pdf
2021-07-19 17:34 - 2021-07-19 17:35 - 000000000 ____D C:\Users\rafal_000\Desktop\KALISZ
2021-07-19 17:24 - 2021-07-19 17:33 - 000000000 ____D C:\Users\rafal_000\Desktop\OSTRÓW WIELKOPOLSKI
2021-07-19 09:25 - 2021-07-19 09:26 - 000047946 _____ C:\Users\rafal_000\Downloads\Ankieta osobowa.pdf
2021-07-18 19:41 - 2021-07-19 17:35 - 000000000 ____D C:\Users\rafal_000\Desktop\JAROCIN
2021-07-16 07:38 - 2021-07-16 07:38 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-16 07:38 - 2021-07-16 07:38 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-16 07:38 - 2021-07-16 07:38 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-16 07:38 - 2021-07-16 07:38 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-16 07:37 - 2021-07-16 07:37 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-16 07:37 - 2021-07-16 07:37 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 19:53 - 2021-07-14 19:53 - 000003584 _____ C:\Users\rafal_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-07-14 19:10 - 2021-07-25 09:59 - 000000000 ____D C:\Users\rafal_000\Desktop\moje imieniny
2021-07-13 20:25 - 2021-07-13 20:25 - 002324816 _____ C:\Users\rafal_000\Downloads\regulamin-allegro.pdf
2021-07-13 06:27 - 2021-07-13 06:34 - 733999428 _____ C:\Users\rafal_000\Downloads\A.Discovery.of.Witches.SO2E06.PL.480p.HBO.WEBRip.XviD-H3Q.avi
2021-07-13 06:27 - 2021-07-13 06:34 - 733909632 _____ C:\Users\rafal_000\Downloads\A.Discovery.of.Witches.SO2E07.PL.480p.HBO.WEBRip.XviD-H3Q.avi
2021-07-09 09:27 - 2021-07-09 09:27 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000020-000000.txt
2021-07-09 09:03 - 2021-07-09 09:03 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-09 09:03 - 2021-07-09 09:03 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-09 09:03 - 2021-07-09 09:03 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-09 09:03 - 2021-07-09 09:03 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-09 09:03 - 2021-07-09 09:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-09 09:03 - 2021-07-09 09:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-09 09:02 - 2021-07-09 09:02 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-09 09:02 - 2021-07-09 09:02 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-09 09:02 - 2021-07-09 09:02 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-09 09:02 - 2021-07-09 09:02 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-09 07:31 - 2021-07-09 07:48 - 734440890 _____ C:\Users\rafal_000\Downloads\A.Discovery.of.Witches.SO2E03.PL.480p.HBO.WEBRip.XviD-H3Q.avi
2021-07-09 07:31 - 2021-07-09 07:46 - 735135990 _____ C:\Users\rafal_000\Downloads\A.Discovery.of.Witches.SO2E05.PL.480p.HBO.WEBRip.XviD-H3Q.avi
2021-07-09 07:31 - 2021-07-09 07:45 - 733361478 _____ C:\Users\rafal_000\Downloads\A.Discovery.of.Witches.SO2E02.PL.480p.HBO.WEBRip.XviD-H3Q.avi
2021-07-09 07:31 - 2021-07-09 07:43 - 733091644 _____ C:\Users\rafal_000\Downloads\A.Discovery.of.Witches.SO2E04.PL.480p.HBO.WEBRip.XviD-H3Q.avi
2021-07-02 07:50 - 2021-07-02 07:50 - 043388965 _____ C:\Users\rafal_000\Downloads\Fooder-Twoje-przepisy.zip

==================== Jeden miesiąc (zmodyfikowane) ==================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-07-30 18:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-30 18:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-30 18:10 - 2014-12-25 02:36 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-30 18:09 - 2016-11-21 17:21 - 000000000 ____D C:\Users\rafal_000\AppData\LocalLow\Mozilla
2021-07-30 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-30 18:00 - 2018-08-03 17:51 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-30 17:55 - 2018-08-03 17:52 - 000000000 ____D C:\Program Files\CCleaner
2021-07-30 17:52 - 2017-07-10 17:56 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-07-30 17:51 - 2020-08-13 18:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-30 17:51 - 2020-08-13 18:22 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-30 17:51 - 2017-07-10 17:57 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-30 17:26 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-07-30 17:21 - 2020-08-13 18:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-30 17:21 - 2016-11-20 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-07-30 17:21 - 2014-12-25 02:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-29 07:06 - 2014-08-26 10:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-29 07:06 - 2014-08-26 09:52 - 000000000 ____D C:\Program Files (x86)\Intel
2021-07-28 06:42 - 2015-01-06 19:30 - 000000000 ____D C:\Users\rafal_000\AppData\Local\CrashDumps
2021-07-27 06:57 - 2018-08-03 17:52 - 000002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-25 10:02 - 2021-06-01 06:47 - 000000000 ____D C:\Users\rafal_000\Desktop\EWELINKA
2021-07-25 09:28 - 2020-08-14 20:00 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-23 06:39 - 2014-12-25 02:36 - 000001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-21 18:30 - 2020-08-13 13:56 - 000000000 ____D C:\Users\rafal_000
2021-07-21 16:34 - 2021-02-27 19:52 - 000000000 ____D C:\Users\rafal_000\AppData\Local\ChomikBox
2021-07-21 16:30 - 2021-02-27 19:53 - 000000000 ____D C:\Users\rafal_000\.gstreamer-0.10
2021-07-21 06:42 - 2020-08-13 18:53 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-20 16:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-18 19:58 - 2020-08-13 05:58 - 000000000 ___HD C:\$WinREAgent
2021-07-18 19:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-07-18 19:43 - 2020-08-13 18:53 - 000003568 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-18 19:43 - 2020-08-13 18:53 - 000003444 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-18 19:39 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-16 07:52 - 2020-08-13 18:38 - 001768048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-16 07:52 - 2019-12-07 17:08 - 000785594 _____ C:\WINDOWS\system32\perfh015.dat
2021-07-16 07:52 - 2019-12-07 17:08 - 000152454 _____ C:\WINDOWS\system32\perfc015.dat
2021-07-16 07:47 - 2020-08-13 18:22 - 000579080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-16 07:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-16 07:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-16 07:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-16 07:44 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 07:04 - 2014-12-17 22:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-16 06:58 - 2014-12-17 22:34 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-11 20:17 - 2021-03-27 09:33 - 000000000 ____D C:\Users\rafal_000\Desktop\POBRANE Z CHOMIKBOX
2021-07-10 07:12 - 2018-05-21 16:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-09 09:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-09 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-09 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-09 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-09 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-09 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-09 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-09 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-02 07:07 - 2020-08-14 20:00 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-02 07:07 - 2020-08-14 20:00 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Pliki w katalogu głównym wybranych folderów ========

2014-12-25 03:09 - 2019-05-14 09:48 - 000000074 _____ () C:\Users\rafal_000\AppData\Roaming\sp_data.sys
2021-07-14 19:53 - 2021-07-14 19:53 - 000003584 _____ () C:\Users\rafal_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-26 15:48 - 2016-06-26 15:48 - 000000017 _____ () C:\Users\rafal_000\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)