Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 23-05-2021 Uruchomiony przez keramti (administrator) KERAMTI73 (Gigabyte Technology Co., Ltd. Z87-DS3H) (23-05-2021 20:50:33) Uruchomiony z C:\Users\keramti\Downloads Załadowane profile: keramti & adamt Platform: Windows 10 Pro Wersja 20H2 19042.985 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\REDRAGON GRIFFIN Gaming Mouse\hid.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0361901.inf_amd64_e0351ea22e7ad253\B361909\atieclxx.exe <2> (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0361901.inf_amd64_e0351ea22e7ad253\B361909\atiesrxx.exe (Binary Fortress Software Ltd -> Binary Fortress Software) I:\DisplayFusiopn\DisplayFusion\DisplayFusion.exe (Binary Fortress Software Ltd -> Binary Fortress Software) I:\DisplayFusiopn\DisplayFusion\DisplayFusionHookApp32.exe (Binary Fortress Software Ltd -> Binary Fortress Software) I:\DisplayFusiopn\DisplayFusion\DisplayFusionHookApp64.exe (Binary Fortress Software Ltd -> Binary Fortress Software) I:\DisplayFusiopn\DisplayFusion\DisplayFusionService.exe (Electronic Arts, Inc. -> Electronic Arts) F:\Origin\OriginWebHelperService.exe (Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe <2> (LogMeIn, Inc. -> LogMeIn Inc.) I:\Hamaci\x64\hamachi-2.exe (LogMeIn, Inc. -> LogMeIn, Inc.) I:\Hamaci\x64\LMIGuardianSvc.exe (Malwarebytes Inc -> Malwarebytes) D:\Malware\mbam.exe (Malwarebytes Inc -> Malwarebytes) D:\Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) D:\Malware\mbamtray.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SpatialAudioLicenseSrv.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WpcMon.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe <2> (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Microsoft) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe (Microsoft) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe (Mozilla Corporation -> Mozilla Corporation) D:\Mozilla Firefox\firefox.exe <12> (Piriform Software Ltd -> Piriform Software Ltd) D:\CClaner\CCleaner64.exe (Shanghai Microvirt Software Technology Co., Ltd. -> ) D:\Program Files\Microvirt\MEmu\MemuService.exe (Wargaming.net Limited -> Wargaming.net) E:\Word od Warsh\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3> (Wargaming.net Limited -> Wargaming.net) E:\Word od Warsh\Wargaming.net\GameCenter\wargamingerrormonitor.exe (Wargaming.net Limited -> Wargaming.net) E:\Word od Warsh\Wargaming.net\GameCenter\wgc.exe Brak dostępu do procesu -> ApplicationFrameHost.exe Brak dostępu do procesu -> csrss.exe Brak dostępu do procesu -> csrss.exe Brak dostępu do procesu -> csrss.exe Brak dostępu do procesu -> dasHost.exe Brak dostępu do procesu -> dasHost.exe Brak dostępu do procesu -> dllhost.exe Brak dostępu do procesu -> dwm.exe Brak dostępu do procesu -> dwm.exe Brak dostępu do procesu -> fontdrvhost.exe Brak dostępu do procesu -> fontdrvhost.exe Brak dostępu do procesu -> fontdrvhost.exe Brak dostępu do procesu -> GoogleCrashHandler.exe Brak dostępu do procesu -> GoogleCrashHandler64.exe Brak dostępu do procesu -> RuntimeBroker.exe Brak dostępu do procesu -> RuntimeBroker.exe Brak dostępu do procesu -> RuntimeBroker.exe Brak dostępu do procesu -> RuntimeBroker.exe Brak dostępu do procesu -> RuntimeBroker.exe Brak dostępu do procesu -> RuntimeBroker.exe Brak dostępu do procesu -> SettingSyncHost.exe Brak dostępu do procesu -> unsecapp.exe Brak dostępu do procesu -> UserOOBEBroker.exe Brak dostępu do procesu -> WmiPrvSE.exe Brak dostępu do procesu -> WUDFHost.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => I:\Hamaci\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) HKLM-x32\...\Run: [REDRAGON GRIFFIN Gaming Mouse] => C:\Program Files (x86)\REDRAGON GRIFFIN Gaming Mouse\hid.exe [955392 2017-11-13] () [Brak podpisu cyfrowego] HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Policies\Explorer: [NoPublishingWizard] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\Run: [Gaijin.Net Updater] => C:\Users\keramti\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-09] (Gaijin Network LTD -> Gaijin) HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\Run: [Wargaming.net Game Center] => E:\Word od Warsh\Wargaming.net\GameCenter\wgc.exe [2142544 2021-05-09] (Wargaming.net Limited -> Wargaming.net) HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\Run: [CCleaner Smart Cleaning] => D:\CClaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\MountPoints2: {06d83a2e-3c67-11ea-a769-74d435142b41} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\MountPoints2: {5094cd91-fa40-11ea-a878-74d435142b41} - "Q:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\MountPoints2: {87189ac0-9d3e-11eb-a93c-74d435142b41} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\MountPoints2: {b186003b-e5d5-11ea-a86e-74d435142b41} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\MountPoints2: {e0e5d257-1213-11e7-bea4-74d435142b41} - "H:\AutoRun.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\Run: [SIMDashboardServer] => I:\SIMDashboardServer.exe HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\Run: [Spotify] => C:\Users\adamt\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\Run: [Discord] => C:\Users\adamt\AppData\Local\Discord\Update.exe [1512040 2021-03-18] (Discord Inc. -> GitHub) HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\Run: [DisplayFusion] => I:\DisplayFusiopn\DisplayFusion\DisplayFusion.exe [12684224 2020-12-28] (Binary Fortress Software Ltd -> Binary Fortress Software) HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\Run: [Opera GX Browser Assistant] => I:\OperaGX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\Run: [CCleaner Smart Cleaning] => D:\CClaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\MountPoints2: {06d83a2e-3c67-11ea-a769-74d435142b41} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\MountPoints2: {5094cd91-fa40-11ea-a878-74d435142b41} - "Q:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\MountPoints2: {7e941bf9-1da2-11eb-a88b-74d435142b41} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\MountPoints2: {87189ac0-9d3e-11eb-a93c-74d435142b41} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\MountPoints2: {b186003b-e5d5-11ea-a86e-74d435142b41} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1016\...\MountPoints2: {e0e5d257-1213-11e7-bea4-74d435142b41} - "H:\AutoRun.exe" HKU\S-1-5-21-3675876383-3003633198-259424462-1016\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-10] (Google LLC -> Google LLC) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0ED8B2D7-D072-45EA-AD5D-79FA8A0257BC} - System32\Tasks\SmartGameBooster SkipUAC (adamt) => I:\Smart Game Booster\4.6.0\SgbMain.exe Task: {13327D7B-4404-41BC-8D6D-69BC46CB9643} - System32\Tasks\SmartGameBooster Update => I:\Smart Game Booster\4.6.0\SgbUpdater.exe Task: {1466FA41-E690-47F8-A572-C02DF105198E} - System32\Tasks\BlueStacksHelper => F:\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {30D3D6F9-7742-4D33-92B6-0BC47D0B65E4} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {315A0783-F04C-4035-820E-76D0F3E18369} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {3209488F-FEAA-44B8-A270-44972FF0E870} - System32\Tasks\SmartGameBooster Startup => I:\Smart Game Booster\4.6.0\SgbTray.exe Task: {3A26BA04-B9C4-4F62-AACD-C0209E5A5B4E} - System32\Tasks\CCleanerSkipUAC => D:\CClaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {64A6A40A-5613-4960-869A-3A1BCB902802} - System32\Tasks\Opera GX scheduled Autoupdate 1598642203 => C:\Users\adamt\AppData\Local\Programs\Opera GX\launcher.exe Task: {6C523677-13EB-493E-B594-F105239C3BD6} - System32\Tasks\Opera GX scheduled Autoupdate 1613479418 => I:\OperaGX\launcher.exe [1870488 2021-05-18] (Opera Software AS -> Opera Software) Task: {6E1F1EE5-B154-4A8C-8BD2-B0FD34BB21F9} - System32\Tasks\Opera GX scheduled Autoupdate 1602694336 => C:\Users\adamt\AppData\Local\Programs\Opera GX\launcher.exe Task: {B21694A9-54FD-4BE4-8FA8-6F77DF28F722} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615886244 => I:\OperaGX\launcher.exe [1870488 2021-05-18] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="I:\OperaGX\assistant" $(Arg0) Task: {D35A5272-8F98-4810-9B8A-6C79F9884BA3} - System32\Tasks\CCleaner Update => D:\CClaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform) Task: {DF47C6B9-2F34-4FDA-BC72-1DEFA99FAB5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-26] (Google Inc -> Google Inc.) Task: {F2951072-5C8D-4F2B-9F9F-EBB5DB4B11D8} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {FA238AAC-641D-464E-ABDE-6917A4B7C41C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-26] (Google Inc -> Google Inc.) Task: {FD74BC93-70D2-4A95-AA32-E777760B1921} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64944 2021-03-03] (Microsoft Corporation -> Microsoft) Task: {FE889E86-010B-4A3E-ADB5-B62B428F33BE} - System32\Tasks\Opera GX scheduled Autoupdate 1605096523 => I:\OperaGX\launcher.exe [1870488 2021-05-18] (Opera Software AS -> Opera Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\PrxerNsp.dll [87024 2018-08-15] (Initeks, OOO -> ) Winsock: Catalog5-x64 01 C:\Windows\system32\PrxerNsp.dll [101872 2018-08-15] (Initeks, OOO -> ) Tcpip\Parameters: [DhcpNameServer] 89.228.4.126 31.11.173.2 Tcpip\..\Interfaces\{b0d97abc-b7f2-4e7d-9db6-bc90dd1bc5f1}: [DhcpNameServer] 89.228.4.126 31.11.173.2 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\keramti\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-23] FireFox: ======== FF DefaultProfile: hgdengw4.default-1621723591995 FF ProfilePath: C:\Users\keramti\AppData\Roaming\Mozilla\Firefox\Profiles\hgdengw4.default-1621723591995 [2021-05-23] FF Homepage: Mozilla\Firefox\Profiles\hgdengw4.default-1621723591995 -> www.interia.pl FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [Brak pliku] FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [Brak pliku] StartMenuInternet: Firefox-E020BA2ACACF116C - D:\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default [2021-05-23] CHR Notifications: Default -> hxxps://www.tipli.pl CHR Extension: (Prezentacje) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-11] CHR Extension: (Safe Torrent Scanner) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-03-11] CHR Extension: (Dokumenty) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-11] CHR Extension: (Dysk Google) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-11] CHR Extension: (YouTube) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-11] CHR Extension: (Wtyczka Tipli) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejocgomhimjbhmpbjphkikodfplbemjb [2021-05-02] CHR Extension: (Arkusze) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-11] CHR Extension: (Dokumenty Google offline) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-20] CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-03-11] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-11] CHR Extension: (e-pity - dodatek) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2021-04-22] CHR Extension: (Gmail) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-11] CHR Extension: (Chrome Media Router) - C:\Users\keramti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24] CHR HKU\S-1-5-21-3675876383-3003633198-259424462-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\keramti\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx CHR HKU\S-1-5-21-3675876383-3003633198-259424462-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] Opera: ======= OPR Profile: C:\Users\keramti\AppData\Roaming\Opera Software\Opera Stable [2021-05-23] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} StartMenuInternet: (HKLM) OperaStable - D:\Opera\Launcher.exe StartMenuInternet: (HKU\S-1-5-21-3675876383-3003633198-259424462-1016) Opera GXStable - "I:\OperaGX\Launcher.exe" ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-11-13] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6212880 2018-06-26] (BattlEye Innovations e.K. -> ) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 DisplayFusionService; I:\DisplayFusiopn\DisplayFusion\DisplayFusionService.exe [10570704 2020-12-28] (Binary Fortress Software Ltd -> Binary Fortress Software) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 Hamachi2Svc; I:\Hamaci\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> ) R2 MBAMService; D:\Malware\MBAMService.exe [7456464 2020-12-15] (Malwarebytes Inc -> Malwarebytes) R2 MEmuSVC; D:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> ) S3 Origin Client Service; F:\Origin\OriginClientService.exe [2547288 2021-05-10] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; F:\Origin\OriginWebHelperService.exe [3487320 2021-05-10] (Electronic Arts, Inc. -> Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2020-12-18] (Microsoft) [Brak podpisu cyfrowego] S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10069120 2020-11-24] (Riot Games, Inc. -> Riot Games, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2020-12-18] (Microsoft) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-12-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-03-21] (AVAST Software s.r.o. -> The OpenVPN Project) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Power Technology -> Windows (R) Win 7 DDK provider) S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power Technology -> Windows (R) Win 7 DDK provider) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-08] (Malwarebytes Inc -> Malwarebytes) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [104512 2021-05-23] (Hans Roes -> Multi Theft Auto) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2019-08-09] (Glarysoft LTD -> Glarysoft Ltd) R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2019-02-16] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk]) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-20] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-20] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-20] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-14] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-21] (Malwarebytes Inc -> Malwarebytes) R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) R1 MEmuNetLwf; C:\WINDOWS\system32\DRIVERS\MEmuNetLwf.sys [220560 2020-09-29] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit) R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174968 2021-01-07] (Oracle Corporation -> Oracle Corporation) S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5811160 2020-11-24] (Riot Games, Inc. -> Riot Games, Inc.) R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2020-06-05] (VMware, Inc. -> VMware, Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66368 2020-06-05] (VMware, Inc. -> VMware, Inc.) R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49216 2020-06-05] (VMware, Inc. -> VMware, Inc.) S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-11-22] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2019-03-22] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation) U4 HomeGroupProvider; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-05-23 20:50 - 2021-05-23 20:51 - 000028392 ____C C:\Users\keramti\Downloads\FRST.txt 2021-05-23 20:49 - 2021-05-23 20:50 - 000000000 ___DC C:\FRST 2021-05-23 20:48 - 2021-05-23 20:48 - 002299904 _____ (Farbar) C:\Users\keramti\Downloads\FRST64.exe 2021-05-23 20:46 - 2021-05-23 20:47 - 057527448 _____ (Mozilla) C:\Users\keramti\Downloads\Firefox Setup 88.0.1(1).exe 2021-05-23 20:45 - 2021-05-23 20:46 - 057527448 _____ (Mozilla) C:\Users\keramti\Downloads\Firefox Setup 88.0.1.exe 2021-05-23 17:25 - 2021-05-23 17:25 - 000000000 ___DC C:\Users\adamt\AppData\LocalLow\IGDump 2021-05-23 14:45 - 2021-05-23 14:45 - 000025458 _____ C:\Users\adamt\AppData\Local\recently-used.xbel 2021-05-23 00:46 - 2021-05-23 00:46 - 000000000 ___DC C:\Users\keramti\Desktop\Stare dane programu Firefox 2021-05-23 00:34 - 2021-05-23 00:34 - 000000000 ____D C:\Users\adamt\AppData\Roaming\Mozilla 2021-05-23 00:34 - 2021-05-23 00:34 - 000000000 ____D C:\Users\adamt\AppData\Local\Mozilla 2021-05-22 13:54 - 2021-05-22 13:54 - 000000000 __HDC C:\Users\adamt\Desktop\scp54888 2021-05-22 13:54 - 2021-05-22 13:54 - 000000000 __HDC C:\Users\adamt\Desktop\scp54636 2021-05-22 11:08 - 2021-05-22 11:08 - 000000474 ____C C:\Users\Public\Desktop\WinSCP.lnk 2021-05-22 11:08 - 2021-05-22 11:08 - 000000474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk 2021-05-22 11:06 - 2021-05-22 11:06 - 011155568 ____C (Martin Prikryl ) C:\Users\adamt\Desktop\WinSCP-5.17.10-Setup.exe 2021-05-21 23:00 - 2021-05-21 23:00 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-05-21 15:57 - 2021-05-21 15:57 - 000000000 ___DC C:\Users\adamt\Documents\Navicat 2021-05-21 15:56 - 2021-05-21 15:56 - 000000471 ____C C:\Users\Public\Desktop\Navicat 15 for MySQL.lnk 2021-05-21 15:56 - 2021-05-21 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremiumSoft 2021-05-21 15:54 - 2021-05-21 15:55 - 036569216 ____C (PremiumSoft CyberTech Ltd. ) C:\Users\adamt\Desktop\navicat150_mysql_pl_x64.exe 2021-05-21 15:50 - 2021-05-21 15:51 - 163430304 ____C (Bitnami) C:\Users\adamt\Desktop\xampp-windows-x64-7.3.28-1-VC15-installer.exe 2021-05-21 13:05 - 2021-05-21 13:05 - 000002173 ____C C:\Users\adamt\Desktop\YOUR SPACE.lnk 2021-05-21 10:51 - 2021-05-21 11:14 - 000240456 ____C C:\Users\adamt\Desktop\hotrina.txd 2021-05-21 10:37 - 2021-05-21 10:37 - 000000770 ____C C:\Users\adamt\Desktop\SKIN.lnk 2021-05-21 09:37 - 2021-05-21 09:37 - 000000128 _____ C:\Users\adamt\AppData\Local\PUTTY.RND 2021-05-20 11:50 - 2021-03-24 08:52 - 005071312 ____C C:\Users\adamt\Desktop\admiral.txd 2021-05-20 11:26 - 2021-05-20 11:40 - 002892840 ____C C:\Users\adamt\Desktop\7.txd 2021-05-20 10:45 - 2021-05-21 10:54 - 000000000 ___DC C:\Users\adamt\Desktop\SKIN 2021-05-20 10:44 - 2021-05-20 11:04 - 002204968 ____C C:\Users\adamt\Desktop\1.txd 2021-05-20 10:44 - 2021-05-15 11:28 - 002426467 ____C C:\Users\adamt\Desktop\1.dff 2021-05-20 10:43 - 2020-04-05 10:56 - 005005256 ____C C:\Users\adamt\Desktop\2.txd 2021-05-20 08:05 - 2021-05-23 14:20 - 000000000 ____D C:\Users\adamt\AppData\Local\Discord 2021-05-20 08:05 - 2021-05-20 08:05 - 070939752 ____C (Discord Inc.) C:\Users\adamt\Desktop\DiscordSetup.exe 2021-05-20 08:05 - 2021-05-20 08:05 - 000002242 ____C C:\Users\adamt\Desktop\Discord.lnk 2021-05-20 08:00 - 2021-05-20 08:00 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-05-20 07:59 - 2021-05-20 07:59 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-05-20 07:59 - 2021-05-20 07:59 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-05-20 07:59 - 2021-05-20 07:59 - 000000000 ____D C:\WINDOWS\Panther 2021-05-19 15:47 - 2021-05-19 15:47 - 000004156 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1613479418 2021-05-19 15:47 - 2021-05-19 15:47 - 000000777 _____ C:\Users\adamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera GX.lnk 2021-05-18 22:30 - 2019-03-04 11:37 - 000090151 ____C C:\Users\adamt\Desktop\db_41527.sql 2021-05-18 18:11 - 2021-05-18 18:12 - 000077824 ____C (Tiime2Act) C:\Users\adamt\Desktop\Spam Bot.exe 2021-05-18 15:17 - 2020-10-23 15:41 - 000171266 ____C C:\Users\adamt\Desktop\xyzzyrp.sql 2021-05-18 12:21 - 2021-05-18 12:21 - 000000764 ____C C:\Users\adamt\Desktop\Skrypsz.lnk 2021-05-14 09:15 - 2021-05-14 09:15 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-05-14 09:15 - 2021-05-14 09:15 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-05-14 09:15 - 2021-05-14 09:15 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-05-14 09:15 - 2021-05-14 09:15 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-05-14 09:15 - 2021-05-14 09:15 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-05-14 09:14 - 2021-05-14 09:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-05-14 09:14 - 2021-05-14 09:14 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-05-14 09:14 - 2021-05-14 09:14 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-05-14 09:14 - 2021-05-14 09:14 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-05-14 09:14 - 2021-05-14 09:14 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-05-14 09:14 - 2021-05-14 09:14 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-05-14 09:14 - 2021-05-14 09:14 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-05-14 09:14 - 2021-05-14 09:14 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-05-14 09:14 - 2021-05-14 09:14 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-05-14 08:46 - 2021-05-14 08:46 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-05-12 21:52 - 2021-05-12 21:52 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3675876383-3003633198-259424462-1000 2021-05-12 21:52 - 2021-05-12 21:52 - 000002426 ____C C:\Users\keramti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-05-10 08:33 - 2021-05-10 08:33 - 000000000 ____C C:\Users\adamt\Desktop\JakubHotAnimeBoy.txt 2021-05-10 07:48 - 2021-05-10 07:48 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3675876383-3003633198-259424462-1016 2021-05-10 07:43 - 2021-05-10 07:43 - 000000000 __HDC C:\$SysReset 2021-05-07 16:18 - 2021-05-18 10:25 - 000001070 ____C C:\Users\adamt\Desktop\STEREŁO.txt 2021-05-06 10:57 - 2021-05-06 10:57 - 000001020 ____C C:\Users\adamt\Desktop\Multi Theft Auto.exe.lnk 2021-05-05 20:24 - 2021-04-17 12:07 - 000302600 ____C (Multi Theft Auto) C:\Users\adamt\Desktop\Multi Theft Auto.exe 2021-05-04 22:03 - 2021-05-04 22:03 - 001706334 ____C (Jitbit Software ) C:\Users\adamt\Desktop\MacroRecorderLiteSetup.exe 2021-04-29 22:28 - 2021-04-29 22:28 - 000003906 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-04-29 11:22 - 2021-04-29 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX 2021-04-29 11:22 - 2009-10-24 21:15 - 001332224 _____ (AD © 2009) C:\WINDOWS\SysWOW64\SYNSOEMU.DLL 2021-04-28 22:26 - 2021-04-28 22:26 - 000000000 ___DC C:\Users\adamt\Desktop\resources 2021-04-28 12:13 - 2021-04-28 13:26 - 000000000 ___DC C:\Users\adamt\Documents\Image-Line 2021-04-28 12:13 - 2021-04-28 12:13 - 000000730 ____C C:\Users\adamt\Desktop\FL Studio 20.lnk 2021-04-28 12:13 - 2021-04-28 12:13 - 000000000 ____D C:\Users\adamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2021-04-28 11:58 - 2021-04-28 11:58 - 000000000 ___DC C:\Users\adamt\Documents\REAPER Media 2021-04-27 21:13 - 2021-04-27 21:13 - 000000870 ____C C:\Users\adamt\Desktop\Crystal Launcher.lnk 2021-04-27 13:28 - 2021-04-27 13:28 - 000420594 ____C C:\Users\adamt\Desktop\wokal.mp3.reapeaks 2021-04-27 13:27 - 2021-04-27 13:27 - 000420594 ____C C:\Users\adamt\Desktop\bit.mp3.reapeaks 2021-04-27 11:58 - 2021-04-27 11:58 - 001531339 ____C C:\Users\adamt\Desktop\GleamingMadeupCrayfish-mobile.mp4 2021-04-26 15:24 - 2021-04-26 15:24 - 000068721 _____ C:\Users\keramti\Downloads\Potwierdzenie_zgloszenia_w_Loterii.pdf 2021-04-26 13:51 - 2021-05-21 12:59 - 000000000 ____D C:\Users\adamt\AppData\Roaming\obs-studio 2021-04-26 13:51 - 2021-04-26 13:51 - 000000000 ____D C:\ProgramData\obs-studio-hook 2021-04-23 21:28 - 2021-04-23 21:28 - 000000797 ____C C:\Downloads.lnk ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2051-04-10 18:47 - 2021-03-06 14:58 - 000000000 __HDC C:\Users\Public\Documents\AdobeGCData 2021-05-23 20:50 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-23 20:39 - 2019-02-04 22:36 - 000000000 ___DC C:\ProgramData\Mozilla 2021-05-23 20:39 - 2018-12-26 09:53 - 000000000 ___DC C:\Users\keramti\AppData\LocalLow\Mozilla 2021-05-23 20:26 - 2019-01-16 19:32 - 000000000 ___DC C:\Users\keramti\AppData\Local\D3DSCache 2021-05-23 20:25 - 2018-12-26 21:53 - 000000000 ___DC C:\Users\keramti\AppData\Roaming\Origin 2021-05-23 20:25 - 2018-12-26 21:53 - 000000000 ___DC C:\ProgramData\Origin 2021-05-23 19:14 - 2016-01-01 16:39 - 000000000 ___DC C:\Users\keramti\Documents\FIFA 12 2021-05-23 18:31 - 2018-12-26 21:53 - 000000000 ___DC C:\Users\keramti\AppData\Local\Origin 2021-05-23 16:59 - 2020-07-18 18:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-05-23 16:59 - 2018-12-26 09:42 - 000000000 __HDC C:\Users\keramti\MicrosoftEdgeBackups 2021-05-23 16:58 - 2021-03-21 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js 2021-05-23 16:58 - 2021-03-07 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock 2021-05-23 16:58 - 2021-01-27 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2018.4.30f1 (64-bit) 2021-05-23 16:58 - 2020-12-02 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIM Dashboard Server 2021-05-23 16:58 - 2019-04-20 10:18 - 000000000 ___DC C:\Users\keramti\AppData\Local\CrashDumps 2021-05-23 16:58 - 2019-04-07 00:09 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multimedialny Kurs Microsoft Excel 2003 2021-05-23 14:53 - 2021-03-13 23:10 - 000000000 ____D C:\Users\adamt\AppData\Roaming\discord 2021-05-23 14:53 - 2019-01-01 14:43 - 000000000 ___DC C:\Users\adamt\.gimp-2.8 2021-05-23 14:07 - 2020-07-18 19:04 - 001772132 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-05-23 14:07 - 2019-12-07 17:09 - 000784340 _____ C:\WINDOWS\system32\perfh015.dat 2021-05-23 14:07 - 2019-12-07 17:09 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat 2021-05-23 14:07 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-05-23 14:02 - 2018-12-26 14:06 - 000000128 ____C C:\Users\adamt\AppData\Roaming\winscp.rnd 2021-05-23 10:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-23 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-05-23 09:58 - 2017-04-05 19:16 - 000000000 _SHDC C:\Users\keramti\IntelGraphicsProfiles 2021-05-23 01:02 - 2018-12-26 09:53 - 000000854 ____C C:\Users\keramti\Desktop\Firefox.lnk 2021-05-23 00:35 - 2019-06-25 21:51 - 000000000 ___DC C:\Users\adamt\AppData\LocalLow\Mozilla 2021-05-23 00:34 - 2018-12-26 13:20 - 000000000 ___DC C:\Users\adamt\AppData\Local\D3DSCache 2021-05-22 23:22 - 2021-03-11 15:10 - 000000000 ____D C:\Users\adamt\AppData\Local\CrashDumps 2021-05-22 22:29 - 2020-08-16 23:11 - 000000000 ____D C:\Users\adamt\AppData\Local\LogMeIn Hamachi 2021-05-22 20:24 - 2021-04-16 09:24 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-22 11:30 - 2019-01-01 15:09 - 000000000 ___DC C:\Users\adamt\AppData\Local\gtk-2.0 2021-05-22 11:05 - 2019-01-09 13:15 - 000000000 ___DC C:\Program Files (x86)\WinSCP 2021-05-21 23:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-05-21 23:06 - 2020-04-30 16:30 - 000008049 ____C C:\WINDOWS\BRRBCOM.INI 2021-05-21 19:45 - 2020-07-18 18:56 - 000000000 ____D C:\Users\keramti 2021-05-21 18:44 - 2018-12-26 09:46 - 000000000 ___DC C:\Users\keramti\AppData\Roaming\Anvsoft 2021-05-21 13:46 - 2019-04-20 11:15 - 000001986 ____C C:\WINDOWS\Cm108.ini.imi 2021-05-21 12:48 - 2020-12-14 13:34 - 000000014 _____ C:\Users\adamt\AppData\Roaming\obs-virtualcam.txt 2021-05-21 12:42 - 2018-12-25 14:02 - 000000000 _SHDC C:\Users\adamt\IntelGraphicsProfiles 2021-05-21 12:20 - 2020-07-18 18:56 - 000000000 ____D C:\Users\adamt 2021-05-21 09:24 - 2020-07-18 19:02 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT 2021-05-20 08:05 - 2021-03-13 23:10 - 000000000 ____D C:\Users\adamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2021-05-20 08:05 - 2019-01-21 10:11 - 000000000 ___DC C:\Users\adamt\AppData\Local\SquirrelTemp 2021-05-19 14:17 - 2021-02-05 12:08 - 000000000 ____D C:\ProgramData\Package Cache 2021-05-18 11:09 - 2020-10-26 16:10 - 000000000 ____D C:\Users\adamt\AppData\Roaming\Leppsoft 2021-05-15 06:40 - 2019-08-30 19:26 - 000000000 ___DC C:\Users\keramti\AppData\Roaming\audacity 2021-05-14 20:56 - 2018-12-26 09:38 - 000000000 ___DC C:\Users\adamt\AppData\Local\Packages 2021-05-14 20:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-05-14 13:13 - 2020-07-18 18:46 - 000307712 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-05-14 13:12 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-05-14 13:12 - 2019-12-07 17:10 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-05-14 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-05-14 13:12 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2021-05-14 13:12 - 2018-12-26 09:39 - 000065536 ____C C:\WINDOWS\system32\spu_storage.bin 2021-05-14 09:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-05-14 09:02 - 2018-12-26 10:04 - 000000000 ___DC C:\WINDOWS\system32\MRT 2021-05-14 08:57 - 2018-12-26 10:04 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-05-14 08:56 - 2021-03-03 09:49 - 000000000 ____D C:\Program Files (x86)\dotnet 2021-05-14 08:54 - 2021-02-05 12:08 - 000000000 ____D C:\Users\Default\.dotnet 2021-05-14 08:53 - 2021-03-12 12:24 - 000000000 ____D C:\Program Files\dotnet 2021-05-12 21:52 - 2018-12-26 09:43 - 000000000 __RDC C:\Users\keramti\OneDrive 2021-05-10 07:47 - 2018-12-26 09:38 - 000000000 _RHDC C:\Users\Public\AccountPictures 2021-05-10 07:20 - 2020-09-07 19:00 - 000000000 __HDC C:\OneDriveTemp 2021-05-10 07:14 - 2019-06-18 22:27 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service 2021-05-06 22:57 - 2018-12-26 09:53 - 000000854 ____C C:\Users\keramti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-05-03 21:51 - 2020-10-22 15:07 - 000000000 ____D C:\Users\adamt\.MemuHyperv 2021-04-30 14:00 - 2018-12-26 09:41 - 000000000 ___DC C:\Users\keramti\AppData\Local\Packages 2021-04-29 22:28 - 2020-09-21 16:09 - 000002850 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-04-29 11:29 - 2020-10-22 20:24 - 000000000 ____D C:\Program Files\Image-Line 2021-04-29 11:03 - 2021-04-21 12:38 - 000000000 ____D C:\Users\adamt\AppData\Local\AcTools Content Manager 2021-04-28 12:13 - 2020-10-22 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line 2021-04-28 12:09 - 2019-03-15 16:22 - 000000000 ___DC C:\Program Files (x86)\Image-Line 2021-04-27 21:19 - 2019-03-26 21:21 - 000000000 ___DC C:\Users\adamt\.junique 2021-04-27 21:13 - 2020-02-10 18:12 - 000000000 ___DC C:\Users\adamt\AppData\Local\CrystalLauncherInstaller 2021-04-26 19:41 - 2016-01-08 01:49 - 000000000 ___DC C:\Users\keramti\Desktop\GRY 2021-04-26 13:51 - 2020-12-14 13:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2021-04-26 08:56 - 2021-04-16 09:24 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-26 08:56 - 2021-04-16 09:24 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-24 13:37 - 2021-02-08 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2018.1.1f1 (64-bit) 2021-04-24 13:37 - 2021-01-22 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.4.18f1 (64-bit) 2021-04-24 13:37 - 2020-08-17 20:57 - 000000000 ____D C:\Users\keramti\AppData\Local\LogMeIn Hamachi 2021-04-24 13:37 - 2020-08-01 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.8 2021-04-23 13:40 - 2021-03-11 23:38 - 000000000 ___DC C:\Users\adamt\Documents\Assetto Corsa 2021-04-23 11:32 - 2021-02-22 16:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-03-18 13:12 - 2021-03-18 13:12 - 000015360 _____ () C:\ProgramData\deltaShell.dll 2020-01-07 20:44 - 2020-12-23 17:13 - 000004608 ____C () C:\Users\keramti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2020-11-13 15:55 - 2020-11-13 15:55 - 000000000 _____ () C:\Users\keramti\AppData\Local\oobelibMkey.log 2019-01-16 19:33 - 2019-01-16 19:33 - 000007626 ____C () C:\Users\keramti\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================