FRST.txt

Prośba o sprawdzenie logów FRST - podejrzenia o keylogger

Witam, od jakiegoś czasu jacyś użytkownicy z Indyjskim IP próbują się logować na moje konta mimo zmiany haseł, mam podejrzenia o keyloggery albo inne "syfy" na komputerze, ADWCleaner i MBAM niestety wywalał błędy więc postanowiłam się poradzić tutaj, w załączniku wrzucam logi z FRSTa, z góry bardzo jestem za pomoc wdzięczna!



==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] = & gt; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel(R) Rapid Storage Technology - & gt; Intel Corporation)
HKLM\...\Run: [RtsFT] = & gt; C:\Windows\RTFTrack.exe [5158144 2018-04-10] (Realtek Semiconductor Corp - & gt; Realtek semiconductor)
HKLM\...\Run: [WindowsDefender] = & gt; " %ProgramFiles%\Windows Defender\MSASCuiL.exe "
HKLM-x32\...\Run: [CORSAIR iCUE Software] = & gt; C:\Program Files (x86)\Corsair\Corsair Utility Engine\iCUE Launcher.exe [405032 2019-07-12] (Corsair Memory, Inc. - & gt; Corsair Memory, Inc.)
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKU\S-1-5-21-731178853-744203071-123956093-1001\...\Run: [Gaijin.Net Agent] = & gt; C:\Users\Maja\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-07-25] (Gaijin Network LTD - & gt; Gaijin Entertainment)
HKU\S-1-5-21-731178853-744203071-123956093-1001\...\Run: [CCleaner Smart Cleaning] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd - & gt; Piriform Ltd)
HKU\S-1-5-21-731178853-744203071-123956093-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-731178853-744203071-123956093-1001\...\MountPoints2: {8514b287-c43e-11e9-83d0-34e6ade5fb1d} - " G:\Startme.exe "
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE - & gt;
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.87\Installer\chrmstp.exe [2019-11-01] (Google LLC - & gt; Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; " C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe " --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction & lt; ==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {124D9A50-66B6-4074-A898-878928FF0B28} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-22] (Google Inc - & gt; Google Inc.)
Task: {14AF3B59-4E04-4523-8786-F367BF37B261} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd - & gt; Piriform Ltd)
Task: {1625E954-B240-4B0E-BA8E-DC21A0994BDE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {16C7220E-E0AD-4656-BF1D-2E46731A0BC8} - System32\Tasks\Adobe Flash Player PPAPI Notifier = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-13] (Adobe Inc. - & gt; Adobe)
Task: {1B6B34BF-002B-4895-A868-EAEA08904D7C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification = & gt; C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {1C9B5F3F-D3E1-43AE-A9F3-FDFA61A29187} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {2493224F-CA42-4B2E-826E-F9E55D661E36} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {28FFF1C1-09B1-42EA-8C5F-610AA0805971} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup = & gt; C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {2A6FA989-036C-426E-9A0C-48956C2028FC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 = & gt; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager - & gt; Intel Corporation)
Task: {343817C0-72FD-4F3A-9121-A8BCE5825FC1} - System32\Tasks\Opera scheduled Autoupdate 1445488361 = & gt; C:\Program Files (x86)\Opera\launcher.exe [1357848 2019-11-05] (Opera Software AS - & gt; Opera Software)
Task: {361CBE42-839C-4365-BFE6-F11D75FEECA5} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 = & gt; C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17184 2014-09-02] (LENOVO - & gt; Lenovo)
Task: {3CAC3B1A-C85D-4DFE-A795-DBD5F6EE6509} - System32\Tasks\{46719867-2ABF-4BC2-9CEE-A28314D8313F} = & gt; C:\Windows\system32\pcalua.exe -a C:\Users\Maja\Desktop\skse_1_07_03_installer.exe -d C:\Users\Maja\Desktop
Task: {55AB69A8-DF01-44E9-9A6D-B2CFB78E3B36} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {5FF048BF-1846-4173-8192-C3607961FA72} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {663A4FB6-1E47-4CD3-AEE0-4AF3BB18ABA5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {835FF023-7D5A-4221-B060-49054C7C2AAD} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-22] (Google Inc - & gt; Google Inc.)
Task: {85341D5A-F5BD-4A43-8AAA-BDC0FC943DFD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan = & gt; C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {8ABA0B03-8615-410C-8E40-05EA6ABC6DB1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon = & gt; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager - & gt; Intel Corporation)
Task: {98E17AE0-4D10-4693-BA88-44A27EDF20E1} - System32\Tasks\{89FF7F0B-3A83-43D0-9CEE-C63C6575D747} = & gt; C:\Windows\system32\pcalua.exe -a " C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe " -c uplay://uninstall/569
Task: {A40CA71E-4AAE-446A-9309-6D9CD1E8A2CE} - System32\Tasks\CCleaner Update = & gt; C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd - & gt; Piriform Software Ltd)
Task: {B8CB6539-8D80-4C70-9F4C-1493B31FD8C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance = & gt; C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {C17D097A-F98E-481D-8869-EBAB3FCFA9D9} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task = & gt; {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C3722174-BC00-4CCC-AD52-D69DD8C507D6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {D45AA9AD-0ACA-432C-88CA-5E9AD7A00F77} - System32\Tasks\Adobe Flash Player Updater = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-13] (Adobe Inc. - & gt; Adobe)
Task: {E916AB46-588C-44AE-89E8-4298CF89F455} - System32\Tasks\{E368B261-87FC-4E5D-9BDF-677F79406A23} = & gt; C:\Windows\system32\pcalua.exe -a " C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe " -c uninstall=0
Task: {EE6613BA-C603-45AA-AC61-767F960605DA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{281783E7-E30E-4953-A499-727B43694D7E}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{57A968ED-8263-4C97-9328-35D281669385}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{92A9355D-25F3-49A7-B13C-FC8DBE62C004}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) - & gt; {0055C089-8582-441B-A0BF-17B458C2A3A8} - & gt; C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Tonec Inc. - & gt; Internet Download Manager, Tonec Inc.)
BHO: ExplorerBHO Class - & gt; {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - & gt; C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (Ivaylo Beltchev - & gt; IvoSoft) [File not signed]
BHO: ClassicIEBHO Class - & gt; {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - & gt; C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-08-09] (Ivaylo Beltchev - & gt; IvoSoft) [File not signed]
BHO-x32: IDM integration (IDMIEHlprObj Class) - & gt; {0055C089-8582-441B-A0BF-17B458C2A3A8} - & gt; C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Tonec Inc. - & gt; Internet Download Manager, Tonec Inc.)
BHO-x32: ExplorerBHO Class - & gt; {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - & gt; C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (Ivaylo Beltchev - & gt; IvoSoft) [File not signed]
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation - & gt; Microsoft Corporation)
BHO-x32: Bing Bar Helper - & gt; {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - & gt; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation - & gt; Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class - & gt; {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - & gt; C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-08-09] (Ivaylo Beltchev - & gt; IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (Ivaylo Beltchev - & gt; IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (Ivaylo Beltchev - & gt; IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation - & gt; Microsoft Corporation.)

FireFox:
========
FF DefaultProfile: 6ad7ogn3.default
FF ProfilePath: C:\Users\Maja\AppData\Roaming\Mozilla\Firefox\Profiles\6ad7ogn3.default [2019-11-04]
FF HKU\S-1-5-21-731178853-744203071-123956093-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Maja\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Maja\AppData\Roaming\IDM\idmmzcc5 [2019-04-15] [Legacy] [not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - & gt; C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc - & gt; Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - & gt; C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc - & gt; Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - & gt; C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-04-09] (NVIDIA Corporation - & gt; NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-04-09] (NVIDIA Corporation - & gt; NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc - & gt; Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc - & gt; Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN - & gt; VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN - & gt; VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN - & gt; VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN - & gt; VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN - & gt; VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN - & gt; VideoLAN)

Chrome:
=======
CHR StartupUrls: Default - & gt; " hxxp://www.google.com/intl/pl/ "
CHR Profile: C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default [2019-11-04]
CHR Extension: (Prezentacje) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-17]
CHR Extension: (Dokumenty) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-17]
CHR Extension: (Dysk Google) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (uBlock Origin) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-08-17]
CHR Extension: (Google Search) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Arkusze) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-17]
CHR Extension: (Avast Online Security) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-08-17]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-08-17]
CHR Extension: (Game of Thrones: Targaryen) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\onjgpcbclcdefijdpgjnkmiifmngkgeo [2016-01-26]
CHR Extension: (Gmail) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\Maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-17]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-20]

Opera:
=======
OPR Notifications: hxxps://poczta.onet.pl
OPR StartupUrls: " hxxp://google.pl/ "
OPR Extension: (uBlock Origin) - C:\Users\Maja\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-10-09]
OPR Extension: (Tampermonkey) - C:\Users\Maja\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2019-01-06]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 CorsairService; C:\Program Files (x86)\Corsair\Corsair Utility Engine\Corsair.Service.exe [50216 2019-07-12] (Corsair Memory, Inc. - & gt; Corsair Memory, Inc.)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy - & gt; EasyAntiCheat Ltd)
S4 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191512 2014-11-20] (New Horizon DataSys Inc. - & gt; Lenovo) [File not signed]
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-07-05] (GOG Sp. z o.o. - & gt; GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7170632 2019-07-05] (GOG Sp. z o.o. - & gt; GOG.com)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
S4 ibtsiva; C:\Windows\system32\ibtsiva.exe [183448 2018-04-10] (Intel(R) Wireless Connectivity Solutions - & gt; Intel Corporation)
S4 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX - & gt; Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Trusted Connect Service - & gt; Intel(R) Corporation)
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation - Intel(R) Management Engine Firmware - & gt; Intel Corporation)
S4 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager - & gt; Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation - Intel(R) Management Engine Firmware - & gt; Intel Corporation)
S4 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2544408 2014-11-18] (Lenovo (Beijing) Limited - & gt; Lenovo(beijing) Limited)
S4 LenovoSetSvr; C:\Program Files\Lenovo\LenovoUtility\LenovoSetSvr.exe [461640 2015-10-22] (Lenovo (Beijing) Limited - & gt; Lenovo(beijing) Limited)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation - & gt; Malwarebytes)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] (Intel Corporation-Wireless Connectivity Solutions - & gt; )
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)
S4 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944 2014-11-17] (Lenovo (Beijing) Limited - & gt; Lenovo(beijing) Limited)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [220840 2015-01-11] (Synaptics Incorporated - & gt; Synaptics Incorporated)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH - & gt; TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation - & gt; Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel Corporation-Wireless Connectivity Solutions - & gt; Intel(R) Corporation)
S4 NVDisplay.ContainerLocalSystem; " C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe " -s NVDisplay.ContainerLocalSystem -f " C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log " -l 3 -d " C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem " -r -p 30000
S4 NvTelemetryContainer; " C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe " -s NvTelemetryContainer -f " C:\ProgramData\NVIDIA\NvTelemetryContainer.log " -l 3 -d " C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins " -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation - & gt; Windows (R) Win 7 DDK provider)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45968 2019-06-06] (Microsoft Windows Hardware Compatibility Publisher - & gt; Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21904 2019-06-06] (Microsoft Windows Hardware Compatibility Publisher - & gt; Corsair)
S3 cpuz148; C:\Windows\temp\cpuz148\cpuz148_x64.sys [44648 2019-11-03] (CPUID S.A.R.L.U. - & gt; CPUID)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2019-10-28] (Malwarebytes Corporation - & gt; Malwarebytes)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2018-04-10] (ELAN MICROELECTRONICS CORPORATION - & gt; ELAN Microelectronic Corp.)
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70168 2014-11-20] (New Horizon DataSys Inc. - & gt; Windows (R) Win 7 DDK provider) [File not signed]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-04-10] (Martin Malik - REALiX - & gt; REALiX(tm))
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [231400 2018-04-10] (Intel(R) Wireless Connectivity Solutions - & gt; Intel Corporation)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-08-19] (Malwarebytes Corporation - & gt; Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-08-19] (Malwarebytes Corporation - & gt; Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116112 2019-08-19] (Malwarebytes Corporation - & gt; Malwarebytes)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3521032 2018-04-10] (Intel(R) Wireless Connectivity Solutions - & gt; Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-24] (NVIDIA Corporation - & gt; NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation - & gt; NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [66792 2019-04-09] (NVIDIA Corporation - & gt; NVIDIA Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [424384 2018-04-10] (Realtek Semiconductor Corp. - & gt; Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3127552 2018-04-10] (Realtek Semiconductor Corp - & gt; Realtek Semiconductor Corp.)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31400 2015-01-11] (Synaptics Incorporated - & gt; Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows - & gt; Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows - & gt; Microsoft Corporation)
R3 wovad_micarray; C:\Windows\system32\drivers\womic.sys [35328 2017-05-06] (Beijing Wolicheng Technology Co., Ltd. - & gt; Windows (R) Win 7 DDK provider)
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Windows - & gt; Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-15 18:04 - 2019-11-15 18:05 - 002260480 _____ (Farbar) C:\Users\Maja\Desktop\FRST64.exe
2019-11-14 23:38 - 2019-11-14 23:38 - 000051059 _____ C:\Users\Maja\Desktop\CV_Maja_Żurek (1).pdf
2019-11-12 20:34 - 2019-10-24 05:07 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-11-12 20:34 - 2019-10-24 04:43 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-11-12 20:34 - 2019-10-24 04:23 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-11-12 20:34 - 2019-10-24 04:04 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-11-12 20:34 - 2019-10-24 03:47 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-11-12 20:34 - 2019-10-24 03:39 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-11-12 20:34 - 2019-10-24 03:27 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-11-12 20:34 - 2019-10-24 03:13 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-11-12 20:34 - 2019-10-24 03:10 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-11-12 20:34 - 2019-10-15 07:15 - 007363536 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-11-12 20:34 - 2019-10-15 04:48 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-11-12 20:34 - 2019-10-15 03:56 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-12 20:34 - 2019-10-15 03:47 - 001384960 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-12 20:34 - 2019-10-15 03:28 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-12 20:34 - 2019-09-27 17:52 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-11-12 20:34 - 2019-09-27 17:07 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-11-12 20:34 - 2019-09-25 05:18 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-11-12 20:34 - 2019-09-19 07:21 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2019-11-12 20:34 - 2019-09-19 06:16 - 000712192 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2019-11-12 20:34 - 2019-09-07 16:18 - 015441408 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-11-12 20:34 - 2019-09-07 16:09 - 013321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-11-12 20:33 - 2019-10-28 04:20 - 000121040 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-11-12 20:33 - 2019-10-28 03:40 - 000098296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-11-12 20:33 - 2019-10-25 08:54 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-11-12 20:33 - 2019-10-24 04:41 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-11-12 20:33 - 2019-10-24 04:30 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-11-12 20:33 - 2019-10-24 04:29 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-11-12 20:33 - 2019-10-24 04:08 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-11-12 20:33 - 2019-10-24 04:01 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-11-12 20:33 - 2019-10-24 03:58 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-11-12 20:33 - 2019-10-24 03:55 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-11-12 20:33 - 2019-10-24 03:53 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-11-12 20:33 - 2019-10-24 03:53 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-11-12 20:33 - 2019-10-24 03:53 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-11-12 20:33 - 2019-10-24 03:51 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-11-12 20:33 - 2019-10-24 03:37 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-11-12 20:33 - 2019-10-24 03:35 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-11-12 20:33 - 2019-10-24 03:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-11-12 20:33 - 2019-10-24 03:32 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-11-12 20:33 - 2019-10-24 03:32 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-11-12 20:33 - 2019-10-24 03:32 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-11-12 20:33 - 2019-10-24 03:28 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-11-12 20:33 - 2019-10-24 03:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-11-12 20:33 - 2019-10-24 03:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-11-12 20:33 - 2019-10-22 05:29 - 001541352 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-11-12 20:33 - 2019-10-22 01:42 - 001376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-11-12 20:33 - 2019-10-17 03:43 - 001368800 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-11-12 20:33 - 2019-10-17 01:53 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-11-12 20:33 - 2019-10-15 10:03 - 001311768 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-11-12 20:33 - 2019-10-15 06:55 - 001308256 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-11-12 20:33 - 2019-10-15 06:54 - 000355576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-11-12 20:33 - 2019-10-15 04:24 - 000129024 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-11-12 20:33 - 2019-10-15 04:08 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-11-12 20:33 - 2019-10-15 03:27 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-11-12 20:33 - 2019-10-15 03:17 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-11-12 20:33 - 2019-10-11 17:29 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2019-11-12 20:33 - 2019-10-11 17:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2019-11-12 20:33 - 2019-10-11 16:45 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2019-11-12 20:33 - 2019-10-11 16:37 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2019-11-12 20:33 - 2019-10-11 16:17 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2019-11-12 20:33 - 2019-10-11 15:59 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2019-11-12 20:33 - 2019-10-11 05:53 - 000430840 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-11-12 20:33 - 2019-10-11 04:56 - 000320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-11-12 20:33 - 2019-10-11 03:36 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-11-12 20:33 - 2019-10-11 03:08 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-11-12 20:33 - 2019-10-11 03:02 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-11-12 20:33 - 2019-10-11 02:44 - 000697344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-11-12 20:33 - 2019-10-11 02:28 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-11-12 20:33 - 2019-10-11 02:23 - 000565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-11-12 20:33 - 2019-10-10 23:35 - 000374000 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-11-12 20:33 - 2019-10-10 23:32 - 000316144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-11-12 20:33 - 2019-10-10 17:20 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-11-12 20:33 - 2019-10-10 16:50 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-11-12 20:33 - 2019-10-09 20:38 - 000470256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-11-12 20:33 - 2019-10-09 14:35 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-11-12 20:33 - 2019-10-04 14:35 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-11-12 20:33 - 2019-10-04 14:18 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-11-12 20:33 - 2019-09-27 19:14 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2019-11-12 20:33 - 2019-09-27 18:53 - 003325440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-11-12 20:33 - 2019-09-27 17:50 - 003619328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-11-12 20:33 - 2019-09-25 13:34 - 000162392 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-11-12 20:33 - 2019-09-25 05:18 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-11-12 20:33 - 2019-09-25 05:18 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-11-12 20:33 - 2019-09-25 05:18 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-11-12 20:33 - 2019-09-25 05:18 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-11-12 20:33 - 2019-09-25 05:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-11-12 20:33 - 2019-09-25 05:18 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-11-12 20:33 - 2019-09-25 05:18 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-11-12 20:33 - 2019-09-25 05:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-11-12 20:33 - 2019-09-19 07:11 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2019-11-12 20:33 - 2019-09-19 07:10 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2019-11-12 20:33 - 2019-09-19 07:00 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2019-11-12 20:33 - 2019-09-19 06:59 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
2019-11-12 20:33 - 2019-09-19 06:48 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2019-11-12 20:33 - 2019-09-19 06:26 - 000848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-11-12 20:33 - 2019-09-19 06:20 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2019-11-12 20:33 - 2019-09-19 04:26 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2019-11-12 20:33 - 2019-09-19 04:26 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2019-11-12 20:33 - 2019-09-12 23:46 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2019-11-12 20:33 - 2019-09-12 23:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2019-11-12 20:33 - 2019-09-12 23:25 - 000380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2019-11-12 20:33 - 2019-09-10 22:34 - 000354544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-11-12 20:33 - 2019-09-06 14:17 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll
2019-11-04 15:17 - 2019-11-04 15:17 - 001873293 _____ C:\Users\Maja\Desktop\Logi LoL.zip
2019-11-04 14:26 - 2019-04-09 12:56 - 000141384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2019-11-04 14:22 - 2019-04-10 15:56 - 001006800 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-11-04 14:22 - 2019-04-10 15:56 - 001006800 _____ C:\Windows\system32\vulkan-1.dll
2019-11-04 14:22 - 2019-04-10 15:56 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-11-04 14:22 - 2019-04-10 15:56 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-11-04 14:22 - 2019-04-10 15:56 - 000551624 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-11-04 14:22 - 2019-04-10 15:56 - 000457096 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-11-04 14:22 - 2019-04-10 15:56 - 000286416 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-11-04 14:22 - 2019-04-10 15:56 - 000286416 _____ C:\Windows\system32\vulkaninfo.exe
2019-11-04 14:22 - 2019-04-10 15:56 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-11-04 14:22 - 2019-04-10 15:56 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-11-04 14:22 - 2019-04-10 15:55 - 020904024 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll
2019-11-04 14:22 - 2019-04-10 12:54 - 010320528 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-11-04 14:22 - 2019-04-09 14:30 - 000066792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2019-11-04 14:21 - 2019-04-10 15:55 - 071481864 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll
2019-11-04 14:21 - 2019-04-10 15:55 - 040338520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2019-11-04 14:21 - 2019-04-10 15:55 - 030017952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2019-11-04 14:21 - 2019-04-10 15:55 - 020449672 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2019-11-04 14:21 - 2019-04-10 15:55 - 001465224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-11-04 14:21 - 2019-04-10 15:55 - 001129920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-11-04 14:21 - 2019-04-10 15:55 - 000631504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-11-04 14:21 - 2019-04-10 15:55 - 000521936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-11-04 14:21 - 2019-04-10 15:55 - 000419624 _____ C:\Windows\system32\nvofapi64.dll
2019-11-04 14:21 - 2019-04-10 15:55 - 000368600 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-11-04 14:21 - 2019-04-10 15:54 - 040421064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-11-04 14:21 - 2019-04-10 15:54 - 035268304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-11-04 14:21 - 2019-04-10 15:54 - 004870344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-11-04 14:21 - 2019-04-10 15:54 - 004341128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-11-04 14:21 - 2019-04-10 15:54 - 002032336 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-11-04 14:21 - 2019-04-10 15:54 - 001734080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6442531.dll
2019-11-04 14:21 - 2019-04-10 15:54 - 001534912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-11-04 14:21 - 2019-04-10 15:54 - 001467648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6442531.dll
2019-11-04 14:21 - 2019-04-10 15:54 - 000524488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll
2019-11-04 14:21 - 2019-04-10 12:54 - 008785944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 035484224 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 029989352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 020689432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 020103952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 017429864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 017149992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 004319880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 001169120 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 000915088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 000169056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdlistx.dll
2019-11-04 14:21 - 2019-04-10 12:53 - 000147256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdlist.dll
2019-11-04 14:21 - 2019-04-09 14:30 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2019-11-04 14:21 - 2019-04-09 14:30 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2019-10-21 16:19 - 2019-10-21 16:20 - 068308144 _____ C:\Users\Maja\Downloads\Legends_Of_Runeterra_Installer.exe
2019-10-17 20:09 - 2019-10-17 20:09 - 000000000 ____D C:\Users\Maja\AppData\Local\Vortex

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-15 18:08 - 2017-09-01 11:28 - 000000000 ____D C:\FRST
2019-11-15 18:03 - 2017-07-31 16:28 - 000000000 ____D C:\Users\Maja\Desktop\takie tam
2019-11-15 17:58 - 2015-10-22 05:47 - 000000000 ____D C:\Users\Maja\AppData\Local\ClassicShell
2019-11-15 15:33 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-15 15:29 - 2015-10-22 05:23 - 000003984 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{4D5306CE-2929-4716-BEE0-80DA7B7AB06B}
2019-11-14 20:26 - 2017-01-13 19:06 - 000000000 ____D C:\Users\Maja\AppData\Roaming\discord
2019-11-14 12:59 - 2013-08-22 15:44 - 000477584 _____ C:\Windows\system32\FNTCACHE.DAT
2019-11-14 12:59 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2019-11-14 00:37 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-11-14 00:33 - 2015-10-28 17:39 - 000000000 ____D C:\Windows\system32\appraiser
2019-11-14 00:33 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-14 00:33 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-11-14 00:33 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe
2019-11-14 00:33 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\Dism
2019-11-13 22:06 - 2015-10-21 23:40 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-731178853-744203071-123956093-1001
2019-11-13 18:53 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2019-11-13 18:31 - 2019-08-12 13:22 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-13 00:59 - 2015-10-22 05:49 - 000000000 ____D C:\Windows\system32\MRT
2019-11-13 00:51 - 2015-10-22 05:49 - 128443096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-11-12 22:03 - 2015-10-25 15:09 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-11-11 15:04 - 2019-08-12 13:46 - 000000000 ____D C:\Users\Maja\AppData\Local\AVAST Software
2019-11-10 22:08 - 2019-09-26 16:07 - 000003140 _____ C:\Windows\system32\Tasks\{46719867-2ABF-4BC2-9CEE-A28314D8313F}
2019-11-10 22:08 - 2019-06-24 13:48 - 000003160 _____ C:\Windows\system32\Tasks\{E368B261-87FC-4E5D-9BDF-677F79406A23}
2019-11-10 22:08 - 2018-09-01 18:48 - 000003168 _____ C:\Windows\system32\Tasks\{89FF7F0B-3A83-43D0-9CEE-C63C6575D747}
2019-11-10 22:08 - 2018-05-04 20:01 - 000003890 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1445488361
2019-11-10 22:08 - 2018-04-10 19:24 - 000003738 _____ C:\Windows\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-10 22:08 - 2017-07-12 17:51 - 000002790 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-11-07 16:33 - 2017-06-30 20:33 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk
2019-11-07 16:33 - 2015-10-22 05:32 - 000000000 ____D C:\Program Files (x86)\Opera
2019-11-06 20:53 - 2016-09-21 16:18 - 000000000 ____D C:\Program Files (x86)\Steam
2019-11-06 13:13 - 2019-09-25 14:32 - 000000000 ____D C:\Users\Maja\AppData\Roaming\Vortex
2019-11-05 19:30 - 2015-10-23 07:29 - 000000000 ____D C:\Users\Maja\AppData\Local\Nvidia Corporation
2019-11-04 14:38 - 2015-10-21 23:43 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-11-04 14:31 - 2015-10-21 23:58 - 000802060 _____ C:\Windows\system32\perfh015.dat
2019-11-04 14:31 - 2015-10-21 23:58 - 000161264 _____ C:\Windows\system32\perfc015.dat
2019-11-04 14:31 - 2015-10-21 23:40 - 001820920 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-04 14:27 - 2015-10-21 23:43 - 000000000 ____D C:\ProgramData\NVIDIA
2019-11-04 14:26 - 2015-10-21 23:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-11-04 14:25 - 2018-05-24 16:07 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-11-04 14:25 - 2015-10-22 20:18 - 000000000 ____D C:\Users\Maja\AppData\Roaming\NVIDIA
2019-11-04 14:25 - 2015-10-21 23:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-11-04 13:50 - 2016-03-01 20:40 - 004024320 ___SH C:\Users\Maja\Desktop\Thumbs.db
2019-11-04 13:27 - 2018-03-29 16:57 - 000000000 ____D C:\Users\Maja\AppData\Local\CrashDumps
2019-11-04 13:05 - 2017-09-01 13:36 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-11-04 13:05 - 2015-10-21 23:47 - 000000000 __SHD C:\Users\Maja\IntelGraphicsProfiles
2019-11-01 01:08 - 2015-10-21 23:32 - 000000000 ____D C:\Users\Maja
2019-11-01 00:54 - 2015-10-22 05:24 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-31 21:42 - 2018-09-07 16:59 - 000003872 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-10-31 21:42 - 2018-04-10 19:24 - 000004148 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-10-31 21:42 - 2018-04-10 19:24 - 000003924 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-10-31 21:42 - 2018-04-10 19:24 - 000003816 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-10-31 21:42 - 2018-04-10 19:24 - 000003800 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-10-31 21:42 - 2018-04-10 19:24 - 000003740 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-10-31 21:42 - 2018-04-10 19:24 - 000003732 _____ C:\Windows\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-10-31 21:42 - 2018-04-10 19:24 - 000003496 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-10-31 21:42 - 2017-07-12 17:51 - 000000000 ____D C:\Program Files\CCleaner
2019-10-31 21:42 - 2016-01-31 20:55 - 000004528 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-10-31 21:42 - 2016-01-31 20:55 - 000004390 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-31 21:42 - 2015-10-22 05:23 - 000003486 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-31 21:42 - 2015-10-22 05:23 - 000003358 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-31 21:42 - 2015-10-21 23:40 - 000003720 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-10-31 21:42 - 2015-10-21 23:40 - 000003478 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2019-10-28 19:06 - 2018-02-13 16:17 - 000000000 ____D C:\Users\Maja\AppData\Local\ElevatedDiagnostics
2019-10-28 00:25 - 2019-08-12 12:56 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-10-21 16:20 - 2019-10-11 17:46 - 000000000 ____D C:\Users\Maja\AppData\Local\Riot Games
2019-10-17 20:15 - 2019-09-25 14:32 - 000002060 _____ C:\Users\Public\Desktop\Vortex.lnk
2019-10-17 20:15 - 2019-09-25 14:32 - 000002060 _____ C:\ProgramData\Desktop\Vortex.lnk

==================== Files in the root of some directories ========

2016-01-16 11:56 - 2016-07-13 19:19 - 000000159 _____ () C:\Users\Maja\AppData\Roaming\WB.CFG
2015-11-18 15:35 - 2015-11-18 15:35 - 000000000 _____ () C:\Users\Maja\AppData\Roaming\zdaszto_token
2016-03-20 22:21 - 2016-03-20 22:22 - 000005632 _____ () C:\Users\Maja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-04 16:13 - 2018-12-04 16:13 - 000002440 _____ () C:\Users\Maja\AppData\Local\recently-used.xbel
2017-02-12 21:22 - 2017-02-12 21:22 - 000007597 _____ () C:\Users\Maja\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-13 22:10
==================== End of FRST.txt ========================


Pobierz plik - link do postu