Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20-06-2021 Uruchomiony przez moons (administrator) DESKTOP-V1FOO7R (Micro-Star International Co., Ltd MS-7C02) (21-06-2021 21:10:18) Uruchomiony z C:\Users\moons\Downloads Załadowane profile: moons Platform: Windows 10 Pro Wersja 21H1 19043.1052 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (EIZO Corporation -> ) C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe (EIZO Corporation -> ) C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12> (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\NVDisplay.Container.exe <2> ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-868864574-754023539-434053955-1003\...\MountPoints2: {5fc44fce-986c-11eb-ae50-806e6f6e6963} - "D:\DVDSetup.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-08] (Google LLC -> Google LLC) Startup: C:\Users\moons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ColorNavigator 6.lnk [2021-04-08] ShortcutTarget: ColorNavigator 6.lnk -> C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe (EIZO Corporation -> ) BootExecute: autocheck autochk * GroupPolicy: Ograniczenia - Chrome <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {438364ED-2149-4B14-9708-23D989585C51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {79651ECE-7699-4B60-A8F0-E0A2D6B6AF6F} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74736 2021-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) Task: {83B7AFCB-26C1-4167-97D0-F6ECC466CECD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9B7C42B1-7396-44D0-B62E-D7A5C36E79B5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CE520067-5C2E-4A76-81AB-626FD7C98024} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74736 2021-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) Task: {DC51B3E0-AC9C-4D84-94BD-69A4F342CEBA} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [10881784 2021-05-14] (Lespeed Technology Co., Ltd -> WiseCleaner.com) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{955e4c25-b473-40d6-ae47-d105a646fa5a}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\moons\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-21] Edge StartupUrls: Default -> "hxxp://google.com/" FireFox: ======== FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) Chrome: ======= CHR Profile: C:\Users\moons\AppData\Local\Google\Chrome\User Data\Default [2021-06-21] CHR StartupUrls: Default -> "" CHR Extension: (Adblocker for Youtube™) - C:\Users\moons\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbminbckhdkcmlhbfppfbigmhnhcpkhf [2021-06-21] [UpdateUrl:hxxps://clients44.google.com/service/update2/crx] <==== UWAGA CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [279040 2021-02-09] (CleverFiles) [Brak podpisu cyfrowego] R2 GUBootService; C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe [865608 2021-04-09] (Glarysoft LTD -> Glarysoft Ltd) R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) S4 PuranDefrag; C:\Windows\SYSTEM32\PuranDefragS.exe [292736 2013-08-15] (Vishal Gupta -> Puran Software) [Brak podpisu cyfrowego] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-09] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 wuauserv; C:\Windows\system32\svchost.exe [57360 2020-11-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL) S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [47016 2020-11-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL) S2 AppServicea; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServiceb; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicec; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServiced; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicee; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicef; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServiceg; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServiceh; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicei; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicej; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicek; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicel; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicem; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicen; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServiceo; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicep; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServiceq; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicer; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServices; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicet; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServiceu; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicev; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicew; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicex; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 AppServicey; C:\Windows\system32\WS8UAK26M1.tmp [X] <==== UWAGA S2 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" [X] R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 colormunki; C:\Windows\System32\Drivers\colormunki_x64.sys [51600 2017-09-28] (USBIO Test -> Thesycon GmbH, Germany) R1 dokan1; C:\Windows\System32\DRIVERS\dokan1.sys [138760 2021-01-14] (ADAPP SASU -> Dokan Project) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [30720 2021-04-08] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd) R3 MAFW; C:\Windows\System32\drivers\mafw.sys [231944 2009-07-29] (M-Audio -> Avid Technology, Inc.) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2021-06-21] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-06-21] (Malwarebytes Inc -> Malwarebytes) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [425184 2021-06-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-13] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-06-21 20:59 - 2021-06-21 20:59 - 000877220 _____ C:\Windows\Minidump\062121-12656-01.dmp 2021-06-21 20:48 - 2021-06-21 21:59 - 014155776 ____N C:\Windows\system32\config\system 2021-06-21 20:46 - 2021-06-21 21:09 - 000023443 _____ C:\Users\moons\Downloads\Fixlog.txt 2021-06-21 19:20 - 2021-06-21 19:20 - 000048796 _____ C:\Users\moons\Downloads\Shortcut.txt 2021-06-21 19:20 - 2021-06-21 19:20 - 000039551 _____ C:\Users\moons\Downloads\Addition.txt 2021-06-21 19:18 - 2021-06-21 21:10 - 000012409 _____ C:\Users\moons\Downloads\FRST.txt 2021-06-21 19:17 - 2021-06-21 19:17 - 002300416 _____ (Farbar) C:\Users\moons\Downloads\FRST64 (1).exe 2021-06-21 19:09 - 2021-06-21 19:10 - 000000000 ____D C:\AdwCleaner 2021-06-21 19:09 - 2021-06-21 19:09 - 008534696 _____ (Malwarebytes) C:\Users\moons\Downloads\adwcleaner_8.2.exe 2021-06-21 18:19 - 2021-06-21 21:59 - 081526784 _____ C:\Windows\system32\config\software 2021-06-21 18:17 - 2021-06-21 18:19 - 000000000 ____D C:\Windows\Microsoft Antimalware 2021-06-21 18:00 - 2021-06-21 18:00 - 000054656 _____ C:\Users\moons\Documents\Recovery Session File # Mon, 21-Jun-2021[18 0 6].rrs4 2021-06-21 17:37 - 2021-06-21 17:59 - 000000000 ____D C:\Program Files\Remo Recover FREE Edition 2021-06-21 17:37 - 2021-06-21 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover FREE Edition 2021-06-21 17:37 - 2009-02-12 15:11 - 000026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys 2021-06-21 17:36 - 2021-06-21 17:37 - 018224840 _____ (Remo Software ) C:\Users\moons\Downloads\remo-recover-windows-free.exe 2021-06-21 17:29 - 2021-06-21 17:30 - 000000000 ____D C:\ProgramData\Wondershare 2021-06-21 17:29 - 2021-06-21 17:29 - 000001133 _____ C:\Users\Public\Desktop\Wondershare Recoverit.lnk 2021-06-21 17:29 - 2021-06-21 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2021-06-21 17:29 - 2021-06-21 17:29 - 000000000 ____D C:\Program Files\Wondershare 2021-06-21 17:29 - 2021-06-21 17:29 - 000000000 ____D C:\Program Files (x86)\Wondershare 2021-06-21 17:29 - 2017-09-27 17:29 - 000000232 _____ C:\Windows\SysWOW64\dllhost.exe.config 2021-06-21 17:28 - 2021-06-21 17:29 - 000000000 ____D C:\Users\Public\Documents\Wondershare 2021-06-21 17:28 - 2021-06-21 17:28 - 001389296 _____ C:\Users\moons\Downloads\recoverit_setup_full4231.exe 2021-06-21 16:33 - 2021-06-21 20:59 - 000318328 _____ C:\Windows\system32\FNTCACHE.DAT 2021-06-21 16:33 - 2021-06-21 20:59 - 000008192 ___SH C:\DumpStack.log.tmp 2021-06-21 16:33 - 2021-06-21 16:33 - 000021042 _____ C:\TDSSKiller.3.1.0.28_21.06.2021_16.33.17_log.txt 2021-06-21 16:31 - 2021-06-21 16:32 - 000030128 _____ C:\TDSSKiller.3.1.0.28_21.06.2021_16.31.03_log.txt 2021-06-21 16:30 - 2021-06-21 16:30 - 005054744 _____ (AO Kaspersky Lab) C:\Users\moons\Downloads\tdsskiller.exe 2021-06-21 15:59 - 2021-06-21 15:59 - 002094168 _____ (Malwarebytes) C:\Users\moons\Downloads\MBSetup (3).exe 2021-06-21 15:05 - 2021-06-21 15:05 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2021-06-21 15:05 - 2021-06-21 15:05 - 000220752 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2021-06-21 15:05 - 2021-06-21 15:05 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2021-06-21 15:05 - 2021-06-21 15:05 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2021-06-21 15:05 - 2021-06-21 15:05 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-06-21 15:05 - 2021-06-21 15:05 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-06-21 15:05 - 2021-06-21 15:05 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-06-21 15:03 - 2021-06-21 15:03 - 002094168 _____ (Malwarebytes) C:\Users\moons\Downloads\MBSetup (2).exe 2021-06-21 13:10 - 2021-06-21 13:11 - 000003090 _____ C:\Users\moons\Desktop\Rkill.txt 2021-06-21 13:09 - 2021-06-21 13:09 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\moons\Downloads\rkill.exe 2021-06-21 13:05 - 2021-06-21 13:09 - 002094168 _____ (Malwarebytes) C:\Users\moons\Downloads\MBSetup (1).exe 2021-06-21 03:39 - 2021-06-21 21:59 - 000000000 ____D C:\Windows\system32\Drivers\45076182.sys 2021-06-21 03:39 - 2021-06-21 03:39 - 002094168 _____ (Malwarebytes) C:\Users\moons\Downloads\MBSetup.exe 2021-06-21 03:37 - 2021-06-21 03:37 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-06-21 03:37 - 2021-06-21 03:37 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-06-21 03:36 - 2021-06-21 03:36 - 000003284 _____ C:\Windows\system32\Tasks\MSI Task Host - Detect_Monitor 2021-06-21 03:35 - 2021-06-21 20:59 - 014155776 _____ C:\Windows\system32\C_32770.NLS 2021-06-21 03:35 - 2021-06-21 03:35 - 000003268 _____ C:\Windows\system32\Tasks\MSI Task Host - DisplayID 2021-06-21 03:03 - 2021-06-21 03:03 - 000000000 ____D C:\Users\moons\AppData\Local\RCS_LT 2021-06-21 03:02 - 2021-06-21 03:02 - 003591568 _____ (RCS LT) C:\Users\moons\Downloads\CCSetup.exe 2021-06-21 02:55 - 2021-06-21 21:59 - 000000000 ____D C:\Users\moons\AppData\Local\AdvinstAnalytics 2021-06-21 02:55 - 2021-06-21 02:57 - 000002161 _____ C:\MyFile.txt 2021-06-21 02:55 - 2021-06-21 02:55 - 000000000 ____D C:\Program Files (x86)\AW Manager 2021-06-21 02:53 - 2021-06-21 02:54 - 000000000 ____D C:\Users\moons\Downloads\Disk Drill Professional v4.2.568.0 + Fix 2021-06-21 02:48 - 2021-06-21 21:59 - 000000000 ____D C:\Users\moons\AppData\Local\UT008 2021-06-21 02:35 - 2021-06-21 02:35 - 005659583 _____ (Swearware) C:\Users\moons\Downloads\ComboFix.exe 2021-06-21 02:35 - 2021-06-21 02:35 - 005659583 _____ (Swearware) C:\Users\moons\Downloads\ComboFix (1).exe 2021-06-21 02:28 - 2021-06-21 21:59 - 000000000 ____D C:\Users\moons\AppData\Roaming\nailedp 2021-06-21 02:28 - 2021-06-21 21:59 - 000000000 ____D C:\Program Files (x86)\WSPNEpLqQIE 2021-06-21 02:28 - 2021-06-21 21:59 - 000000000 ____D C:\Program Files (x86)\foler 2021-06-21 02:28 - 2021-06-21 21:59 - 000000000 ____D C:\Program Files (x86)\anjFGKdzU 2021-06-21 02:28 - 2021-06-21 02:28 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll 2021-06-21 02:28 - 2021-06-21 02:28 - 000000276 _____ C:\Users\moons\Documents\WQ75Y5Y8DjdyQAn0AEQrAjbV.exe 2021-06-21 02:28 - 2021-06-21 02:28 - 000000276 _____ C:\Users\moons\Documents\g2oQPlBcsjLFIr0lJGH2aMv0.exe 2021-06-21 02:28 - 2021-06-21 02:28 - 000000276 _____ C:\Users\moons\Documents\EfAUP2TvnXBIs3xkQEKNVFUW.exe 2021-06-21 02:27 - 2021-06-21 02:27 - 000000276 _____ C:\Users\moons\Documents\KvwpMFPqRAft9y9sSCwCH9Ii.exe 2021-06-21 02:26 - 2021-06-21 02:26 - 006727680 ____N C:\Windows\system32\Drivers\ng1g2SaEXYrm.sys 2021-06-21 02:26 - 2021-06-21 02:26 - 000000276 _____ C:\Users\moons\Documents\XrmS4NdEpS7JvDZgwiaBDSS5.exe 2021-06-21 02:26 - 2021-06-21 02:26 - 000000276 _____ C:\Users\moons\Documents\VFQYmefflW6M218EXGt1wGGt.exe 2021-06-21 02:26 - 2021-06-21 02:26 - 000000276 _____ C:\Users\moons\Documents\JVbtDl8da2XpSIQRnxdwBbBd.exe 2021-06-21 02:26 - 2021-06-21 02:26 - 000000276 _____ C:\Users\moons\Documents\55T1bv6QpJh38u8pIhwJ304z.exe 2021-06-21 02:05 - 2021-06-21 02:05 - 001266712 _____ C:\zip.7z 2021-06-21 02:04 - 2021-06-21 02:04 - 001438761 _____ C:\Users\moons\Documents\wyn.srs 2021-06-21 01:57 - 2021-06-21 01:57 - 004644384 _____ (Drobinski Maciej StrongRecovery ) C:\Users\moons\Downloads\StrongRecovery.exe 2021-06-21 01:57 - 2021-06-21 01:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StrongRecovery 2021-06-21 01:57 - 2021-06-21 01:57 - 000000000 ____D C:\Program Files (x86)\StrongRecovery 2021-06-21 01:57 - 2021-06-21 01:57 - 000000000 _____ C:\Users\moons\Documents\.Rhistory 2021-06-21 01:52 - 2021-06-21 01:52 - 000000000 ____D C:\Users\moons\Documents\R 2021-06-21 01:52 - 2021-06-21 01:52 - 000000000 ____D C:\Users\moons\AppData\Roaming\R 2021-06-21 01:51 - 2021-06-21 01:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R 2021-06-21 01:51 - 2021-06-21 01:51 - 000000000 ____D C:\Program Files\R 2021-06-21 01:49 - 2021-06-21 01:50 - 089503040 _____ (R Core Team ) C:\Users\moons\Downloads\R-4.1.0-win.exe 2021-06-21 01:46 - 2021-06-21 01:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio 2021-06-21 01:46 - 2021-06-21 01:46 - 000000000 ____D C:\Program Files\RStudio 2021-06-21 01:44 - 2021-06-21 01:57 - 000000000 ____D C:\Users\moons\AppData\Roaming\RStudio 2021-06-21 01:44 - 2021-06-21 01:57 - 000000000 ____D C:\Users\moons\AppData\Local\RStudio 2021-06-21 01:44 - 2021-06-21 01:44 - 000000000 ____D C:\Users\moons\AppData\Local\R 2021-06-21 01:42 - 2021-06-21 01:43 - 156183344 _____ (RStudio, PBC) C:\Users\moons\Downloads\RStudio-1.4.1717.exe 2021-06-21 01:41 - 2021-06-21 01:41 - 001830671 _____ C:\Users\moons\Downloads\dmde-3-8-0-790-win64-gui (2).zip 2021-06-21 01:40 - 2021-06-21 01:40 - 001740019 _____ C:\Users\moons\Downloads\dmde-3-6-1-775-beta-win64-gui.zip 2021-06-21 01:39 - 2021-06-21 01:39 - 001665071 _____ C:\Users\moons\Downloads\dmde-3-8-0-790-win32-gui.zip 2021-06-21 01:38 - 2021-06-21 01:38 - 001830671 _____ C:\Users\moons\Downloads\dmde-3-8-0-790-win64-gui (1).zip 2021-06-21 01:11 - 2021-06-21 01:11 - 000000000 ____D C:\Users\moons\AppData\Roaming\SysDev Laboratories 2021-06-21 01:11 - 2021-06-21 01:11 - 000000000 ____D C:\ProgramData\SysDev Laboratories 2021-06-21 01:11 - 2021-06-21 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UFS Explorer 2021-06-21 01:11 - 2021-06-21 01:11 - 000000000 ____D C:\Program Files\UFS Explorer 2021-06-21 01:10 - 2021-06-21 01:10 - 009195064 _____ (LLC "SysDev Laboratories" ) C:\Users\moons\Downloads\ufsxpci64.exe 2021-06-21 01:08 - 2021-06-21 01:08 - 001830671 _____ C:\Users\moons\Downloads\dmde-3-8-0-790-win64-gui.zip 2021-06-21 01:00 - 2021-06-21 01:00 - 000000937 _____ C:\Users\moons\Desktop\Puran Utilities.lnk 2021-06-21 01:00 - 2021-06-21 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Utilities 2021-06-21 01:00 - 2021-06-21 01:00 - 000000000 ____D C:\Program Files\Puran Utilities 2021-06-21 01:00 - 2013-08-15 16:39 - 001367424 _____ (Puran Software) C:\Windows\system32\PuranFD.exe 2021-06-21 01:00 - 2013-08-15 16:39 - 000292736 _____ (Puran Software) C:\Windows\system32\PuranDefragS.exe 2021-06-21 01:00 - 2013-08-15 16:39 - 000287616 _____ (Puran Software) C:\Windows\system32\PuranDC.exe 2021-06-21 01:00 - 2013-08-15 16:39 - 000256896 _____ (Puran Software) C:\Windows\system32\PuranDefrag.dll 2021-06-21 01:00 - 2013-08-15 16:39 - 000132480 _____ (Puran Software) C:\Windows\system32\PuranDefragBT.exe 2021-06-21 00:58 - 2021-06-21 00:59 - 010613025 _____ (Puran Software ) C:\Users\moons\Downloads\PuranUtilitiesSetup.exe 2021-06-21 00:56 - 2021-06-21 00:56 - 000000000 ____D C:\Users\moons\Downloads\testdisk-7.2-WIP.win64 2021-06-21 00:55 - 2021-06-21 00:55 - 026435311 _____ C:\Users\moons\Downloads\testdisk-7.2-WIP.win64.zip 2021-06-21 00:36 - 2021-06-21 00:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleverFiles Disk Drill (x64) 2021-06-21 00:32 - 2021-06-21 00:36 - 000002531 _____ C:\Users\Public\Desktop\Disk Drill.lnk 2021-06-21 00:32 - 2021-06-21 00:32 - 000000000 ____D C:\Program Files\CleverFiles 2021-06-21 00:31 - 2021-06-21 03:49 - 000000000 ____D C:\Program Files (x86)\Starth 2021-06-21 00:29 - 2021-06-21 00:29 - 031833104 _____ (diakov.net) C:\Users\moons\Downloads\Disk.Drill.Pro-4.0.520.0.exe 2021-06-21 00:18 - 2021-06-21 00:22 - 000000047 _____ C:\Windows\ddconfig.ini 2021-06-21 00:11 - 2021-06-21 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cleverfiles Disk Drill 2021-06-21 00:11 - 2021-06-21 00:11 - 000000000 ____D C:\Program Files (x86)\CleverFiles 2021-06-21 00:08 - 2021-06-21 00:08 - 000000000 ____D C:\Users\moons\Downloads\Disk_Drill_2.0.0.268_Professional_With_Crack 2021-06-21 00:07 - 2021-06-21 00:07 - 018159725 _____ C:\Users\moons\Downloads\Disk_Drill_2.0.0.268_Professional_With_Crack.rar 2021-06-20 23:36 - 2021-06-21 02:34 - 000000000 ____D C:\Users\moons\AppData\Local\DiskDrill 2021-06-20 23:36 - 2021-06-20 23:36 - 000000000 ____D C:\Users\moons\AppData\Local\CrashRpt 2021-06-20 23:36 - 2021-06-20 23:36 - 000000000 ____D C:\Program Files\Dokan 2021-06-20 23:36 - 2021-01-14 13:49 - 000138760 _____ (Dokan Project) C:\Windows\system32\Drivers\dokan1.sys 2021-06-20 23:35 - 2021-06-20 23:36 - 030089480 _____ (CleverFiles) C:\Users\moons\Downloads\disk-drill-win.exe 2021-06-20 23:31 - 2021-06-20 23:31 - 000001047 _____ C:\Users\moons\Desktop\Digital Image Recovery.lnk 2021-06-20 23:31 - 2021-06-20 23:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Image Recovery 2021-06-20 23:31 - 2021-06-20 23:31 - 000000000 ____D C:\Program Files (x86)\Digital Image Recovery 2021-06-20 23:30 - 2021-06-20 23:31 - 000592335 _____ C:\Users\moons\Downloads\dir(dobreprogramy.pl).zip 2021-06-20 23:28 - 2021-06-20 23:30 - 008388608 _____ C:\exFat 2021-06-20 23:27 - 2021-06-20 23:44 - 000000000 _RSHD C:\ProgramData\Key-Base 2021-06-20 23:27 - 2021-06-20 23:27 - 000000000 ____D C:\ProgramData\{E14C643A-AF96-02DC-7FDF-779C7E025CDF} 2021-06-20 23:26 - 2021-06-20 23:26 - 000001980 _____ C:\Users\Public\Desktop\Stellar Data Recovery.lnk 2021-06-20 23:26 - 2021-06-20 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Data Recovery 2021-06-20 23:26 - 2021-06-20 23:26 - 000000000 ____D C:\Program Files\Stellar Data Recovery 2021-06-20 23:25 - 2021-06-20 23:25 - 004969400 _____ (Stellar Information Technology Pvt Ltd. ) C:\Users\moons\Downloads\StellarDataRecoveryProfessional.exe 2021-06-20 23:14 - 2021-06-20 23:14 - 000000000 ____D C:\Users\moons\Desktop\recover 2021-06-20 23:08 - 2021-06-20 23:08 - 007638224 _____ (Piriform Software Ltd) C:\Users\moons\Downloads\rcsetup153.exe 2021-06-20 23:08 - 2021-06-20 23:08 - 000001699 _____ C:\Users\Public\Desktop\Recuva.lnk 2021-06-20 23:08 - 2021-06-20 23:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2021-06-20 23:08 - 2021-06-20 23:08 - 000000000 ____D C:\Program Files\Recuva 2021-06-20 13:20 - 2021-06-20 13:23 - 289184783 _____ C:\Users\moons\Desktop\Untitled.mov 2021-06-19 11:32 - 2021-06-19 11:40 - 000000000 ____D C:\Users\moons\Desktop\128a 2021-06-18 11:41 - 2021-06-18 11:41 - 044997569 _____ C:\Users\moons\Downloads\attachments (7).zip 2021-06-18 11:41 - 2021-06-18 11:40 - 006122056 ____N C:\Users\moons\Downloads\E2203FFB-C61F-41DD-A62C-15D50F3D1E0C.jpeg 2021-06-18 11:41 - 2021-06-18 11:40 - 005305683 ____N C:\Users\moons\Downloads\BBDB8077-CADC-4001-89CE-47E798ED4538.jpeg 2021-06-18 11:41 - 2021-06-18 11:40 - 004849048 ____N C:\Users\moons\Downloads\B9CCD6F2-BC86-41CD-AFD3-4E6C31446A96.jpeg 2021-06-18 11:41 - 2021-06-18 11:40 - 004701240 ____N C:\Users\moons\Downloads\D4E89E34-BFE7-4055-96E2-0CFFB228078E.jpeg 2021-06-18 11:41 - 2021-06-18 11:40 - 004568118 ____N C:\Users\moons\Downloads\3398BBD4-B073-4C7F-9ED7-98B83192E1B2.jpeg 2021-06-18 11:41 - 2021-06-18 11:40 - 004512082 ____N C:\Users\moons\Downloads\BAF7582B-5FF3-45B9-B821-3350E8E86D1B.jpeg 2021-06-18 11:41 - 2021-06-18 11:40 - 004284011 ____N C:\Users\moons\Downloads\357F597F-1232-4B98-AE4A-8B9EFF1AB325.jpeg 2021-06-18 11:41 - 2021-06-18 11:40 - 003675336 ____N C:\Users\moons\Downloads\EDC46132-27DB-43F1-8B78-2C238904C317.jpeg 2021-06-18 11:41 - 2021-06-18 11:40 - 003609001 ____N C:\Users\moons\Downloads\2330DB4E-F642-430E-9D52-DB007AF8A4E1.jpeg 2021-06-18 11:41 - 2021-06-18 11:40 - 003571131 ____N C:\Users\moons\Downloads\5FF9AD17-DC2A-448D-9A86-6A9F3C325D71.jpeg 2021-06-18 11:29 - 2021-06-18 11:29 - 023832295 _____ C:\Users\moons\Downloads\attachments (6).zip 2021-06-18 11:28 - 2021-06-18 11:28 - 056776048 _____ C:\Users\moons\Downloads\attachments.zip 2021-06-18 11:28 - 2021-06-18 11:28 - 023420896 _____ C:\Users\moons\Downloads\attachments (1).zip 2021-06-18 11:28 - 2021-06-18 11:28 - 019691793 _____ C:\Users\moons\Downloads\attachments (4).zip 2021-06-18 11:28 - 2021-06-18 11:28 - 015857095 _____ C:\Users\moons\Downloads\attachments (3).zip 2021-06-18 11:28 - 2021-06-18 11:28 - 015537435 _____ C:\Users\moons\Downloads\attachments (5).zip 2021-06-18 11:28 - 2021-06-18 11:28 - 015402917 _____ C:\Users\moons\Downloads\attachments (2).zip 2021-06-17 21:34 - 2021-06-17 21:35 - 000000000 ____D C:\Users\moons\Desktop\Nowy folder (4) 2021-06-16 23:20 - 2021-06-16 23:24 - 000000000 ____D C:\Users\moons\Desktop\Nowy folder (3) 2021-06-15 00:30 - 2021-06-15 17:11 - 000000000 ____D C:\Users\moons\Desktop\Woda 2021-06-13 17:52 - 2021-06-13 18:19 - 000000000 ____D C:\Users\moons\Desktop\13.06.2021 2021-06-13 14:00 - 2021-06-13 14:00 - 000000000 ____D C:\Users\moons\Desktop\Nowy folder (2) 2021-06-12 00:56 - 2021-06-09 05:58 - 000037664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll 2021-06-11 23:49 - 2021-06-09 16:18 - 001855184 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2021-06-11 23:49 - 2021-06-09 16:18 - 001855184 _____ C:\Windows\system32\vulkaninfo.exe 2021-06-11 23:49 - 2021-06-09 16:18 - 001453328 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2021-06-11 23:49 - 2021-06-09 16:18 - 001435856 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-06-11 23:49 - 2021-06-09 16:18 - 001435856 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2021-06-11 23:49 - 2021-06-09 16:18 - 001192720 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2021-06-11 23:49 - 2021-06-09 16:18 - 001094864 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2021-06-11 23:49 - 2021-06-09 16:18 - 001094864 _____ C:\Windows\system32\vulkan-1.dll 2021-06-11 23:49 - 2021-06-09 16:18 - 000948936 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2021-06-11 23:49 - 2021-06-09 16:18 - 000948936 _____ C:\Windows\SysWOW64\vulkan-1.dll 2021-06-11 23:49 - 2021-06-09 16:14 - 000715552 _____ C:\Windows\system32\nvofapi64.dll 2021-06-11 23:49 - 2021-06-09 16:14 - 000626976 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2021-06-11 23:49 - 2021-06-09 16:14 - 000575776 _____ C:\Windows\SysWOW64\nvofapi.dll 2021-06-11 23:49 - 2021-06-09 16:13 - 002106128 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2021-06-11 23:49 - 2021-06-09 16:13 - 001590544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2021-06-11 23:49 - 2021-06-09 16:13 - 001514768 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2021-06-11 23:49 - 2021-06-09 16:13 - 001166096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2021-06-11 23:49 - 2021-06-09 16:13 - 000811792 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2021-06-11 23:49 - 2021-06-09 16:13 - 000689936 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2021-06-11 23:49 - 2021-06-09 16:13 - 000675088 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2021-06-11 23:49 - 2021-06-09 16:13 - 000656160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2021-06-11 23:49 - 2021-06-09 16:13 - 000563984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2021-06-11 23:49 - 2021-06-09 16:12 - 008317232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2021-06-11 23:49 - 2021-06-09 16:12 - 007434016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2021-06-11 23:49 - 2021-06-09 16:12 - 004795184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2021-06-11 23:49 - 2021-06-09 16:12 - 002823472 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2021-06-11 23:49 - 2021-06-09 16:12 - 000445744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2021-06-11 23:49 - 2021-06-09 16:11 - 000848672 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2021-06-11 23:49 - 2021-06-09 16:10 - 006159144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2021-06-11 23:49 - 2021-06-09 05:58 - 000087164 _____ C:\Windows\system32\nvinfo.pb 2021-06-10 23:22 - 2021-06-10 23:38 - 4090577625 _____ C:\Users\moons\Downloads\DJI_0452.MP4 2021-06-09 20:52 - 2021-06-09 20:52 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2021-06-09 20:52 - 2021-06-09 20:52 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2021-06-09 20:52 - 2021-06-09 20:52 - 000451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2021-06-09 20:51 - 2021-06-09 20:51 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll 2021-06-09 20:51 - 2021-06-09 20:51 - 001864192 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll 2021-06-09 20:51 - 2021-06-09 20:51 - 001823792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-06-09 20:51 - 2021-06-09 20:51 - 001393496 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-06-09 20:51 - 2021-06-09 20:51 - 001314120 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-06-09 20:51 - 2021-06-09 20:51 - 000657464 _____ C:\Windows\system32\WindowManagementAPI.dll 2021-06-09 20:51 - 2021-06-09 20:51 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2021-06-09 20:51 - 2021-06-09 20:51 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2021-06-09 20:51 - 2021-06-09 20:51 - 000468440 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll 2021-06-09 20:51 - 2021-06-09 20:51 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2021-06-09 20:51 - 2021-06-09 20:51 - 000287232 _____ C:\Windows\system32\CoreMas.dll 2021-06-09 20:51 - 2021-06-09 20:51 - 000272384 _____ C:\Windows\system32\TpmTool.exe 2021-06-09 20:51 - 2021-06-09 20:51 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe 2021-06-09 20:51 - 2021-06-09 20:51 - 000097280 _____ C:\Windows\system32\Drivers\cimfs.sys 2021-06-09 20:51 - 2021-06-09 20:51 - 000011353 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-06-07 22:26 - 2021-06-07 22:38 - 000000000 ____D C:\Users\moons\Desktop\Józef 2021-06-04 23:31 - 2021-06-04 23:32 - 000000000 ____D C:\Users\moons\Desktop\128 2021-06-04 20:18 - 2021-06-04 20:21 - 000000000 ____D C:\Users\moons\Desktop\nowa samsung 2021-06-03 22:59 - 2021-06-03 22:59 - 000000000 ____D C:\Users\moons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design 2021-06-02 14:42 - 2021-06-03 00:05 - 000000000 ____D C:\Users\moons\Desktop\Kwieciński 2021-06-01 12:43 - 2021-06-01 12:43 - 000023544 _____ C:\Users\moons\Documents\Untitled12.veg 2021-06-01 11:53 - 2021-06-01 12:04 - 000000000 ____D C:\Users\moons\Desktop\Nowy folder 2021-05-28 21:21 - 2021-05-28 21:21 - 001185276 _____ C:\Users\moons\Downloads\mietanaW.2006.PasterskiPiesStrujacy.WWFPolska.pdf 2021-05-28 17:24 - 2021-05-28 17:28 - 000000000 ____D C:\Users\moons\Downloads\Luminar AI 1.3.0 Build 8059 - 64bit [ENG] [Crack & Reg File] 2021-05-28 17:05 - 2021-05-28 17:07 - 784466159 _____ C:\Users\moons\Downloads\Luminar AI 1.3.0 Build 8059 - 64bit [ENG] [Crack & Reg File].rar 2021-05-28 13:49 - 2021-05-28 13:49 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2021-05-28 13:49 - 2021-05-28 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2021-05-28 13:49 - 2021-05-28 13:49 - 000000000 ____D C:\Program Files\CPUID 2021-05-28 00:27 - 2021-05-28 00:27 - 000001756 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Story 3 for Windows.lnk 2021-05-28 00:27 - 2021-05-28 00:27 - 000000000 ____D C:\Program Files (x86)\Photo Story 3 for Windows 2021-05-27 15:25 - 2021-05-27 15:25 - 000034395 _____ C:\Users\moons\Downloads\92a1adec1e.jpeg 2021-05-27 15:24 - 2021-05-27 15:24 - 000066963 _____ C:\Users\moons\Downloads\0bf621da13.jpeg 2021-05-27 15:23 - 2021-05-27 15:23 - 000023524 _____ C:\Users\moons\Downloads\a056a3b4d8.jpeg 2021-05-27 15:22 - 2021-05-27 15:22 - 000076325 _____ C:\Users\moons\Downloads\af982f5162.jpeg 2021-05-27 15:22 - 2021-05-27 15:22 - 000037189 _____ C:\Users\moons\Downloads\344bf65c0d.jpeg 2021-05-27 15:22 - 2021-05-27 15:22 - 000033075 _____ C:\Users\moons\Downloads\32f76944db.jpeg 2021-05-27 15:22 - 2021-05-27 15:22 - 000032923 _____ C:\Users\moons\Downloads\a4c53ac739.jpeg 2021-05-27 15:21 - 2021-05-27 15:21 - 000063434 _____ C:\Users\moons\Downloads\d91218e3be.jpeg 2021-05-27 15:21 - 2021-05-27 15:21 - 000059646 _____ C:\Users\moons\Downloads\352f36dd07.jpeg 2021-05-26 12:41 - 2021-05-26 12:41 - 000000000 ____D C:\Users\moons\AppData\Local\GHISLER 2021-05-26 12:40 - 2021-05-26 12:40 - 000000683 _____ C:\Users\moons\Desktop\Total Commander 64 bit.lnk 2021-05-26 12:40 - 2021-05-26 12:40 - 000000000 ____D C:\Users\moons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander 2021-05-26 12:38 - 2021-05-26 12:48 - 000000000 ____D C:\Users\moons\AppData\Roaming\GHISLER 2021-05-26 12:38 - 2021-05-26 12:41 - 000000000 ____D C:\totalcmd 2021-05-25 22:55 - 2021-05-25 22:55 - 000000000 ____D C:\Users\moons\Downloads\wetransfer-3c97c4 (1) 2021-05-25 19:47 - 2021-06-16 12:25 - 000000000 ____D C:\Users\moons\Desktop\Iwona i Damian 2021-05-24 23:14 - 2021-05-24 23:14 - 000000787 _____ C:\Users\moons\Desktop\Zdjęcia nasze — skrót .lnk 2021-05-24 22:52 - 2021-05-24 22:53 - 000000000 ____D C:\Users\moons\Desktop\bogold 2021-05-23 23:40 - 2021-06-02 14:42 - 000000000 ____D C:\Users\moons\Desktop\Do zrobienia 2021-05-23 23:24 - 2021-05-23 23:24 - 000000000 ____D C:\Users\moons\Desktop\Kubki i wlepy 2021-05-23 15:59 - 2021-05-23 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JPEGCrops 2021-05-23 15:59 - 2021-05-23 15:59 - 000000000 ____D C:\Program Files (x86)\JPEGCrops 2021-05-23 15:58 - 2021-05-23 15:58 - 000814405 _____ ( ) C:\Users\moons\Downloads\JPEGCrops0.7.5b.exe ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-06-21 21:59 - 2021-04-08 15:18 - 000000000 ___HD C:\Program Files (x86)\Temp 2021-06-21 21:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2021-06-21 21:58 - 2021-04-08 19:33 - 000000000 ____D C:\ProgramData\Glarysoft 2021-06-21 21:58 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-06-21 21:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\registration 2021-06-21 21:10 - 2021-04-12 18:45 - 000000000 ____D C:\FRST 2021-06-21 21:04 - 2021-04-08 15:02 - 001678234 _____ C:\Windows\system32\PerfStringBackup.INI 2021-06-21 21:04 - 2019-12-07 17:09 - 000747596 _____ C:\Windows\system32\perfh015.dat 2021-06-21 21:04 - 2019-12-07 17:09 - 000144342 _____ C:\Windows\system32\perfc015.dat 2021-06-21 21:04 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2021-06-21 21:00 - 2021-04-08 15:54 - 000000000 ____D C:\ProgramData\NVIDIA 2021-06-21 21:00 - 2021-04-08 15:06 - 000000000 ____D C:\Users\moons 2021-06-21 21:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-06-21 20:59 - 2021-04-17 15:58 - 000000000 ____D C:\Windows\Minidump 2021-06-21 20:59 - 2020-11-19 01:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-06-21 20:43 - 2020-11-19 00:38 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-06-21 18:53 - 2021-04-10 22:04 - 000000000 ____D C:\Users\moons\AppData\Roaming\vlc 2021-06-21 17:51 - 2021-04-10 20:56 - 000000000 ____D C:\Users\moons\AppData\Roaming\MPC-HC 2021-06-21 17:16 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2021-06-21 15:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-06-21 13:54 - 2021-04-07 14:39 - 000000000 ____D C:\Users\moons\Downloads\pobrane 2021-06-21 13:13 - 2021-04-15 13:06 - 000000000 ____D C:\Users\moons\AppData\Local\D3DSCache 2021-06-21 13:12 - 2021-04-08 16:16 - 000000000 ____D C:\Users\moons\AppData\Local\CrashDumps 2021-06-21 03:56 - 2021-04-12 12:15 - 000000000 ____D C:\Users\moons\AppData\Roaming\Wise Disk Cleaner 2021-06-21 03:56 - 2021-04-12 12:11 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5 2021-06-21 03:55 - 2021-04-22 14:30 - 000000000 ____D C:\Users\moons\AppData\Roaming\PhotoScape 2021-06-21 03:50 - 2021-04-08 23:29 - 000000000 ____D C:\Program Files (x86)\Grass Valley 2021-06-21 03:48 - 2021-04-08 15:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2021-06-21 03:35 - 2021-04-12 20:58 - 000005384 __RSH C:\ProgramData\ntuser.pol 2021-06-21 03:35 - 2019-12-07 11:03 - 014680064 _____ C:\Windows\system32\config\BCD00000000 2021-06-21 02:57 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2021-06-21 02:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF 2021-06-21 02:51 - 2021-04-15 12:45 - 000000358 _____ C:\Users\moons\Desktop\Ethernet — skrót.lnk 2021-06-21 01:52 - 2021-04-08 16:09 - 000000000 ____D C:\Users\moons\AppData\Local\cache 2021-06-21 01:24 - 2021-04-14 21:39 - 000000000 ____D C:\vol0 2021-06-21 00:36 - 2021-04-08 15:16 - 000000000 ____D C:\ProgramData\Package Cache 2021-06-20 13:17 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports 2021-06-20 13:11 - 2020-11-19 01:41 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-06-20 13:11 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2021-06-19 11:30 - 2021-04-09 22:59 - 000000000 ____D C:\Users\moons\AppData\Roaming\AIMP 2021-06-17 22:46 - 2021-04-18 19:10 - 000000000 ____D C:\Users\moons\Desktop\Untitled Export 2021-06-17 21:37 - 2021-04-08 21:52 - 000000000 ____D C:\Users\moons\AppData\Local\CaptureOne 2021-06-17 15:59 - 2021-05-13 17:28 - 000000000 ____D C:\Users\moons\Desktop\ok 2021-06-14 23:06 - 2021-04-10 00:06 - 000000000 ____D C:\Program Files\Skylum 2021-06-14 12:19 - 2021-04-08 16:09 - 000000000 ____D C:\Users\moons\AppData\Local\NVIDIA 2021-06-13 14:03 - 2020-11-19 01:39 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-06-10 20:56 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-06-09 23:35 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-06-09 23:35 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2021-06-09 20:47 - 2021-04-08 15:25 - 000000000 ____D C:\Windows\system32\MRT 2021-06-09 20:46 - 2021-04-08 15:24 - 132447432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-06-09 16:10 - 2021-04-08 15:01 - 007212216 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2021-06-09 12:25 - 2021-04-08 16:12 - 000000000 ____D C:\Users\moons\AppData\Local\NVIDIA Corporation 2021-06-09 05:58 - 2021-04-08 15:01 - 000136472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2021-06-02 16:54 - 2021-04-08 15:24 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-05-29 13:33 - 2021-04-18 18:53 - 000000000 ____D C:\Users\moons\AppData\Local\Adobe 2021-05-25 20:55 - 2018-10-25 12:15 - 000000000 ____D C:\Users\moons\Desktop\Do vegasa 2021-05-25 11:38 - 2021-04-08 15:09 - 000000000 ____D C:\Users\moons\AppData\Local\Packages 2021-05-25 07:48 - 2021-04-08 15:24 - 000725304 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll 2021-05-25 07:48 - 2021-04-08 15:24 - 000470328 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll 2021-05-24 22:27 - 2021-04-20 22:51 - 000000000 ____D C:\Users\moons\AppData\Local\JDownloader 2.0 ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-06-21 02:28 - 2021-06-21 02:28 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll 2021-04-15 13:08 - 2021-04-15 13:08 - 000007605 _____ () C:\Users\moons\AppData\Local\Resmon.ResmonCfg ==================== FLock ============================== 2021-06-21 21:59 C:\Windows\system32\config\system 2021-06-21 02:26 C:\Windows\system32\Drivers\ng1g2SaEXYrm.sys ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================