Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 07-09-2021 Uruchomiony przez kamil (administrator) DESKTOP-BEUUI71 (MSI MS-7996) (07-09-2021 22:43:03) Uruchomiony z C:\Users\kamil\Downloads Załadowane profile: kamil Platform: Windows 10 Pro Wersja 21H1 19043.1202 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (ARCAI -> ) C:\Program Files (x86)\arcai.com\netcut_windows.exe (ARCAI -> Arcai.com) C:\Program Files (x86)\arcai.com\aips.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) D:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) D:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) D:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) D:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (Discord Inc. -> Discord Inc.) C:\Users\kamil\AppData\Local\Discord\app-1.0.9002\Discord.exe <6> (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Epic Games Inc. -> Epic Games, Inc.) E:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2> (Epic Games Inc. -> Epic Games, Inc.) E:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23> (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2108.1001.8.0_x64__8wekyb3d8bbwe\XboxAppServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe <2> (QUALCOMM, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Urban Cyber Security Inc. -> ) C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve -> Valve Corporation) D:\Program Files (x86)\Steam\steam.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2017-01-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1684216 2020-05-13] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [UrbanVPN] => C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe [24197696 2020-07-22] (Urban Cyber Security Inc. -> ) HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-01-25] (Adobe Inc. -> ) HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4094672 2021-08-25] (Opera Software AS -> Opera Software) HKU\S-1-5-21-3776614771-340645959-2551341747-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation) HKU\S-1-5-21-3776614771-340645959-2551341747-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-3776614771-340645959-2551341747-1001\...\Run: [Discord] => C:\Users\kamil\AppData\Local\Discord\Update.exe [1512760 2020-12-04] (Discord Inc. -> GitHub) HKU\S-1-5-21-3776614771-340645959-2551341747-1001\...\Run: [EpicGamesLauncher] => E:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33310688 2021-08-31] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3776614771-340645959-2551341747-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3776614771-340645959-2551341747-1001\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart HKU\S-1-5-21-3776614771-340645959-2551341747-1001\...\Run: [MiPhoneManager] => C:\Users\kamil\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [146224 2021-05-05] (Xiaomi Technology Inc -> ) HKU\S-1-5-21-3776614771-340645959-2551341747-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKU\S-1-5-21-3776614771-340645959-2551341747-1001\...\MountPoints2: {bf8accae-d81b-11e6-9bca-4ccc6a687028} - "G:\setup.exe" HKU\S-1-5-21-3776614771-340645959-2551341747-1001\...\Winlogon: [Shell] explorer.exe, <==== UWAGA HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.) HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3 HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28] HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2018-12-04] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-19] (Google LLC -> Google LLC) Startup: C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iCUE.lnk [2019-02-25] ShortcutTarget: iCUE.lnk -> D:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) Startup: C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSI Afterburner.lnk [2019-12-08] ShortcutTarget: MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> ) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1A464C7A-5E2E-4DB7-A7A8-5210DC363626} - System32\Tasks\BlueStacksHelper => F:\bluestacks\BlueStacks\Client\Helper\BlueStacksHelper.exe [752136 2020-10-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {1D117BD0-82C8-4143-964F-EC6A12E2E995} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform) Task: {1D7D8334-C7F8-441E-BCA9-191BC9274B77} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-07-12] (NVIDIA Corporation -> NVIDIA Corporation) Task: {29975EEE-76BC-431C-9E79-5D824C0B8792} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-07-12] (NVIDIA Corporation -> NVIDIA Corporation) Task: {37BCA2AF-BF35-4DA3-85D3-168A8E158955} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-07-12] (NVIDIA Corporation -> NVIDIA Corporation) Task: {45CDA7B8-4D7F-40B9-823E-76115145CD87} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {4AC96811-2EE7-4BA4-9B2A-1C7075B2F0F2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-07-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {708B06C2-D3B7-4ABD-B1AF-99181DDFC1B5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-07-12] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7607C4CD-651D-4EA7-906F-17C660DD7604} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-07-12] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7D2CE865-7AE9-462D-AF97-A944B5ADDA7F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-07-12] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8A6F9988-8183-4B79-B1AD-72F0B6FD4135} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-03] (Google Inc -> Google Inc.) Task: {9A964398-1765-4E53-AB16-318C66EDA8BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A10CBDD6-13E4-48E3-88D6-6AC42865C3B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A4EF6BE0-DFAA-4392-87CF-EFB1015768FD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-07-12] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A7DA28CD-F250-4CE3-95B8-A7366BB84A69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {ACD0E6C4-553C-4F5C-98B5-D39678011117} - System32\Tasks\Firefox Default Browser Agent FFAB18DC01168CF4 => C:\Users\kamil\AppData\Roaming\bvvtrjf [65440 2021-06-19] (Microsoft Corporation -> Microsoft Corporation) <==== UWAGA Task: {C0B3A8DB-5BB5-4A79-85AC-058727CE9CF6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-07-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {C0E6A0B9-4745-433D-8665-E085F6154821} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) Task: {C95D84F4-CDA4-4840-9818-0B20C1954E2D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-07-12] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CA50CC4E-B3B2-4691-9E0C-AC9547DCD59C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {D570F1FC-A503-401C-8FD4-ED9760D206E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-03] (Google Inc -> Google Inc.) Task: {D6C86FA4-5DDA-4C51-99C2-9ED7076D014B} - System32\Tasks\GenesisGX44-TaskPlan => C:\Program Files\GenesisGX44\GenesisGX44.exe Task: {D7A6D04D-3E60-49DD-A479-DC2A79E0FAD5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe Task: {E8EAFBA3-ED34-4FB8-95C2-C27700BDAC05} - System32\Tasks\Opera scheduled assistant Autoupdate 1580201286 => C:\Program Files\Opera\launcher.exe [41907408 2021-08-25] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0) Task: {EB40F83B-5844-4834-9435-E049A88878EB} - System32\Tasks\EPSON L3150 Series Update {F5CEF4CE-D584-46F8-8CC1-96FB8D9290A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Task: {EC0E13F4-CF49-4648-96BB-5DC8F87D8877} - System32\Tasks\Opera scheduled Autoupdate 1497194179 => C:\Program Files\Opera\launcher.exe [41907408 2021-08-25] (Opera Software AS -> Opera Software) Task: {F3E0BC2B-23F0-4E61-A991-9F53C1955303} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F6FB819B-835A-4A9E-B627-4FA2C6558FB4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe Task: {FBEBDA9B-2BAC-488D-BB28-D36110BF5304} - System32\Tasks\ExclusiveTool => C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [19968 2016-10-04] (InputMapper) [Brak podpisu cyfrowego] Task: {FDC6DD55-29A3-45FB-B821-7760D162810F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FED39BFE-B5D1-4ED7-9004-C3E34F086738} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [667856 2020-11-11] (Mozilla Corporation -> Mozilla Foundation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\EPSON L3150 Series Update {F5CEF4CE-D584-46F8-8CC1-96FB8D9290A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{F5CEF4CE-D584-46F8-8CC1-96FB8D9290A0} /F:UpdateWORKGROUP\DESKTOP-BEUUI71$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{54f1cf01-648f-43ce-9f96-4966335d0f3e}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{773e1903-7624-4c78-85d9-e4e2a3b0ce50}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{b7e18180-3d54-493a-b8c4-b5b696ca5a0e}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b8c9e437-ef65-4ad3-a48c-843033222275}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{c4aab648-eadf-4c69-b31d-4f97f9cbdea8}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{eaf2eaff-895b-487d-8739-b2dcb7432781}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{efaef480-6627-4066-899d-bfcd29b1c98c}: [DhcpNameServer] 194.168.4.100 194.168.8.100 Tcpip\..\Interfaces\{f55b6f4a-6564-4473-a0a4-00dd83b42525}: [DhcpNameServer] 192.168.1.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\kamil\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-07] FireFox: ======== FF DefaultProfile: oumzxjba.default FF ProfilePath: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Profiles\oumzxjba.default [2021-05-06] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-15] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-15] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-02-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default [2021-09-07] CHR Extension: (Prezentacje) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Dokumenty) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Dysk Google) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22] CHR Extension: (YouTube) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-03] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-07] CHR Extension: (Steam Inventory Helper) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2021-06-15] CHR Extension: (Arkusze) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (EditThisCookie) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2020-11-26] CHR Extension: (Dokumenty Google offline) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-02] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-08-12] CHR Extension: (Steam Trader Helper) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhoahihokddepjlegpenefeaahdkojog [2018-12-28] CHR Extension: (Video DownloadHelper) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-07-02] CHR Extension: (SessionBox - Multi login to any website) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\megbklhjamjbcafknkgmokldgolkdfig [2021-05-29] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (ShadowPay Trademanager) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhadkdgdffnnbdfpigjklinjhbkinfh [2021-07-15] CHR Extension: (Simple Startup Password) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojoalkffommhmdmbohjphohoejjmgepc [2017-01-03] CHR Extension: (Gmail) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-22] CHR Profile: C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-07] CHR Profile: C:\Users\kamil\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-07] Opera: ======= OPR Profile: C:\Users\kamil\AppData\Roaming\Opera Software\Opera Stable [2021-09-07] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-08-29] OPR Extension: (Amazon Assistant Promotion) - C:\Users\kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-29] OPR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-07-27] OPR Extension: (Edit This Cookie) - C:\Users\kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\ppmhhincfabcahokokgpdcckmjghpian [2017-06-11] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AIPS; C:\Program Files (x86)\arcai.com\aips.exe [1846536 2020-07-06] (ARCAI -> Arcai.com) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-03-03] (BattlEye Innovations e.K. -> ) R2 CorsairService; D:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [47656 2019-01-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [782976 2020-01-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) S3 FacSvc_Infestation_TheNewZ; C:\Users\kamil\AppData\Roaming\FAC\Infestation_TheNewZ\FacSvc.exe [686552 2020-10-11] (Fredaikis AB -> ) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-04] (GOG Sp. z o.o. -> GOG.com) S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [631456 2021-09-06] (Gameforge 4D GmbH -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-19] (Malwarebytes Inc -> Malwarebytes) S3 npggsvc; C:\WINDOWS\system32\GameMon.des [7677008 2017-10-16] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7801944 2016-10-20] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-08-19] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475680 2021-08-19] (Electronic Arts, Inc. -> Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2018-11-14] (Even Balance, Inc. -> ) S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [99136 2020-10-06] (ProtonVPN AG -> ) S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-10-06] (ProtonVPN AG -> ) R2 qcmtusvc; C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe [129024 2019-01-02] (QUALCOMM, Inc.) [Brak podpisu cyfrowego] S3 Rockstar Service; E:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2074928 2021-08-26] (Rockstar Games, Inc. -> Rockstar Games) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-08-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [780328 2019-08-16] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13252624 2020-04-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 UrbanVPNServiceInteractive; C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe [217848 2019-11-21] (Urban Cyber Security Inc. -> ) S3 UrbanVPNUpdater; C:\Program Files\UrbanVPN\UrbanVPNUpdater.exe [1010752 2020-07-29] (Urban Cyber Security Inc. -> Urban Security) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2020-07-09] (Oracle Corporation -> Oracle Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-03-14] (Bluestack Systems, Inc. -> Bluestack System Inc.) R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2021-09-07] (CPUID S.A.R.L.U. -> CPUID) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-01-12] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-01-12] (Disc Soft Ltd -> Disc Soft Ltd) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210344 2021-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-08-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-08-19] (Malwarebytes Inc -> Malwarebytes) S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2021-06-23] (北京铠信神州科技有限责任公司 -> ) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> ) R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237376 2020-07-10] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [248248 2020-07-10] (Oracle Corporation -> Oracle Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [175040 2020-07-10] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2021-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [434424 2021-08-10] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-10] (Microsoft Windows -> Microsoft Corporation) R3 wovad_micarray; C:\Windows\system32\drivers\womic.sys [37944 2018-05-13] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-09-07 22:43 - 2021-09-07 22:43 - 000036130 _____ C:\Users\kamil\Downloads\FRST.txt 2021-09-07 22:42 - 2021-09-07 22:43 - 000000000 ____D C:\FRST 2021-09-07 22:42 - 2021-09-07 22:42 - 002302976 _____ (Farbar) C:\Users\kamil\Downloads\FRST64.exe 2021-09-07 22:42 - 2021-09-07 22:42 - 000000000 ____D C:\Users\kamil\Downloads\FRST-OlderVersion 2021-09-07 22:32 - 2021-09-07 22:32 - 000000000 ____D C:\Users\kamil\AppData\Local\WhyNotWin11 2021-09-07 22:31 - 2021-09-07 22:31 - 002341376 _____ C:\Users\kamil\Downloads\WhyNotWin11.exe 2021-09-07 22:26 - 2021-09-07 22:26 - 000210344 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2021-09-07 22:10 - 2021-09-07 22:10 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll 2021-09-07 22:10 - 2021-09-07 22:10 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2021-09-07 22:10 - 2021-09-07 22:10 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll 2021-09-07 22:10 - 2021-09-07 22:10 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-09-07 22:10 - 2021-09-07 22:10 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-09-07 22:10 - 2021-09-07 22:10 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2021-09-07 22:10 - 2021-09-07 22:10 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-09-07 22:10 - 2021-09-07 22:10 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE 2021-09-07 22:10 - 2021-09-07 22:10 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll 2021-09-07 22:10 - 2021-09-07 22:10 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2021-09-07 22:10 - 2021-09-07 22:10 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2021-09-07 22:10 - 2021-09-07 22:10 - 000272384 _____ C:\Windows\system32\TpmTool.exe 2021-09-07 22:10 - 2021-09-07 22:10 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe 2021-09-07 22:10 - 2021-09-07 22:10 - 000170496 _____ C:\Windows\system32\DeviceUpdateCenterCsp.dll 2021-09-07 22:10 - 2021-09-07 22:10 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-09-07 22:10 - 2021-09-07 22:10 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys 2021-09-07 22:10 - 2021-09-07 22:10 - 000011345 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-09-07 21:53 - 2021-09-07 21:53 - 000176424 _____ C:\Users\kamil\Downloads\Extras.Txt 2021-09-07 21:52 - 2021-09-07 21:52 - 000453898 _____ C:\Users\kamil\Downloads\OTL.Txt 2021-09-07 21:40 - 2021-09-07 21:40 - 000602112 _____ (OldTimer Tools) C:\Users\kamil\Downloads\OTL.exe 2021-09-07 21:38 - 2021-09-07 21:44 - 000000000 ____D C:\Users\kamil\Downloads\executedprogramslist 2021-09-07 21:38 - 2021-09-07 21:38 - 000053931 _____ C:\Users\kamil\Downloads\executedprogramslist.zip 2021-09-07 21:31 - 2021-09-07 21:31 - 000000000 ___HD C:\$WinREAgent 2021-08-31 20:20 - 2021-08-31 20:38 - 053024451 _____ C:\Users\kamil\Downloads\Ultimate Achievement World - 1.17.0.mcworld 2021-08-29 19:08 - 2021-08-29 19:08 - 000000000 ____D C:\Program Files\EpsonNet 2021-08-29 19:07 - 2021-08-29 19:07 - 000000000 ____D C:\Windows\twain_64 2021-08-29 19:07 - 2021-08-29 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2021-08-29 19:07 - 2021-08-29 19:07 - 000000000 ____D C:\Program Files\epson 2021-08-29 19:07 - 2021-08-29 19:07 - 000000000 ____D C:\Program Files (x86)\epson 2021-08-29 19:07 - 2020-10-02 17:55 - 000206304 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe 2021-08-29 19:07 - 2020-10-02 17:55 - 000165392 _____ (TWAIN Working Group) C:\Windows\system32\twaindsm.dll 2021-08-29 19:07 - 2020-10-02 17:55 - 000147472 _____ (TWAIN Working Group) C:\Windows\SysWOW64\twaindsm.dll 2021-08-29 18:59 - 2021-08-29 18:59 - 000002209 _____ C:\Users\Public\Desktop\Epson Printer Connection Checker.lnk 2021-08-29 18:59 - 2021-08-29 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2021-08-29 18:59 - 2021-08-29 18:59 - 000000000 ____D C:\Program Files (x86)\EPSON Software 2021-08-29 18:58 - 2021-08-31 20:12 - 000000951 _____ C:\Windows\Tasks\EPSON L3150 Series Update {F5CEF4CE-D584-46F8-8CC1-96FB8D9290A0}.job 2021-08-29 18:58 - 2021-08-29 18:58 - 000004146 _____ C:\Windows\system32\Tasks\EPSON L3150 Series Update {F5CEF4CE-D584-46F8-8CC1-96FB8D9290A0} 2021-08-29 18:58 - 2021-08-29 18:58 - 000000000 ____D C:\Program Files\Common Files\EPSON 2021-08-29 18:54 - 2021-08-29 19:07 - 000000000 ____D C:\ProgramData\EPSON 2021-08-29 18:54 - 2017-07-14 04:13 - 000184832 _____ (Seiko Epson Corporation) C:\Windows\system32\E_YLMBUNE.DLL 2021-08-29 18:54 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BUNE.DLL 2021-08-29 18:53 - 2021-08-29 18:54 - 032951456 _____ C:\Users\kamil\Downloads\epson630713eu.exe 2021-08-19 22:55 - 2021-08-19 22:55 - 000000583 _____ C:\DelFix.txt 2021-08-19 22:54 - 2021-08-19 22:54 - 000000000 ____D C:\Users\kamil\AppData\Local\mbam 2021-08-19 22:53 - 2021-08-19 22:53 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2021-08-19 22:53 - 2021-08-19 22:53 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2021-08-19 22:53 - 2021-08-19 22:53 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2021-08-19 22:53 - 2021-08-19 22:53 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-08-19 22:53 - 2021-08-19 22:53 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-08-19 22:53 - 2021-08-19 22:53 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-08-19 22:52 - 2021-08-19 22:52 - 002120496 _____ (Malwarebytes) C:\Users\kamil\Downloads\MBSetup.exe 2021-08-19 22:52 - 2021-08-19 22:52 - 000000000 ____D C:\Program Files\Malwarebytes 2021-08-17 19:15 - 2021-08-17 19:22 - 000000000 ____D C:\Users\kamil\Downloads\libmp3lame-win-3.99.3 2021-08-17 19:15 - 2021-08-17 19:15 - 000202295 _____ C:\Users\kamil\Downloads\libmp3lame-win-3.99.3.zip 2021-08-17 19:05 - 2021-08-17 19:05 - 000001088 ____C C:\Users\kamil\Desktop\Mp3 Knife.lnk 2021-08-17 19:05 - 2021-08-17 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3 Knife 2021-08-17 19:05 - 2021-08-17 19:05 - 000000000 ____D C:\Program Files (x86)\Mp3 Knife 2021-08-17 19:05 - 2004-04-12 17:27 - 001081616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx 2021-08-17 19:05 - 2004-04-12 17:27 - 000609584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx 2021-08-17 19:05 - 2004-04-12 17:27 - 000152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx 2021-08-13 08:41 - 2021-08-13 08:41 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2021-08-13 08:41 - 2021-08-13 08:41 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2021-08-13 08:40 - 2021-08-13 08:40 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-09-07 22:41 - 2017-01-23 20:36 - 000000000 ____D C:\Program Files\CCleaner 2021-09-07 22:37 - 2017-01-04 15:33 - 000000000 ___DC C:\Users\kamil\AppData\Local\Origin 2021-09-07 22:37 - 2017-01-04 15:33 - 000000000 ____D C:\ProgramData\Origin 2021-09-07 22:33 - 2020-06-14 05:04 - 001768984 _____ C:\Windows\system32\PerfStringBackup.INI 2021-09-07 22:33 - 2019-12-07 17:09 - 000784578 _____ C:\Windows\system32\perfh015.dat 2021-09-07 22:33 - 2019-12-07 17:09 - 000152474 _____ C:\Windows\system32\perfc015.dat 2021-09-07 22:33 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2021-09-07 22:32 - 2018-05-20 22:01 - 000000000 ___DC C:\Users\kamil\AppData\Local\D3DSCache 2021-09-07 22:32 - 2017-01-03 21:11 - 000000000 ____D C:\Program Files (x86)\Google 2021-09-07 22:28 - 2018-12-08 01:25 - 000000000 ___DC C:\Users\kamil\AppData\Roaming\discord 2021-09-07 22:28 - 2017-01-04 01:17 - 000000000 ____D C:\ProgramData\NVIDIA 2021-09-07 22:27 - 2020-06-14 05:04 - 000003142 _____ C:\Windows\system32\Tasks\MSIAfterburner 2021-09-07 22:27 - 2018-12-08 01:24 - 000000000 ___DC C:\Users\kamil\AppData\Local\Discord 2021-09-07 22:26 - 2020-06-14 05:04 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-09-07 22:26 - 2020-06-14 04:55 - 005116880 _____ C:\Windows\system32\FNTCACHE.DAT 2021-09-07 22:26 - 2020-06-14 04:55 - 000008192 ___SH C:\DumpStack.log.tmp 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState 2021-09-07 22:26 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-09-07 22:26 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2021-09-07 22:26 - 2017-06-15 20:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-09-07 22:26 - 2017-06-11 17:15 - 000000000 ____D C:\Program Files\Opera 2021-09-07 22:25 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-09-07 22:25 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-09-07 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents 2021-09-07 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2021-09-07 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-09-07 22:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2021-09-07 22:25 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2021-09-07 22:13 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2021-09-07 17:38 - 2020-06-14 04:55 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-09-07 16:58 - 2017-01-04 16:05 - 000000000 ____D C:\Program Files (x86)\Origin 2021-09-07 16:56 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-09-07 16:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2021-09-07 15:56 - 2020-08-23 10:36 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-09-07 15:56 - 2020-08-23 10:36 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-09-07 15:55 - 2021-06-23 14:21 - 000004224 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{181460F9-C327-4DF8-A437-E0300B0AE3F3} 2021-09-07 15:55 - 2020-06-14 05:04 - 000004000 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1497194179 2021-09-07 15:55 - 2017-06-29 21:59 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2021-09-07 15:52 - 2020-01-28 11:06 - 000000037 _____ C:\Users\Public\Desktop\Gameforge Client.url 2021-09-07 15:52 - 2019-09-22 01:56 - 000000037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Gameforge Client.url 2021-09-07 15:52 - 2019-09-22 01:56 - 000000000 ____D C:\Program Files (x86)\GameforgeClient 2021-09-07 15:52 - 2017-01-03 21:50 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2021-08-31 21:53 - 2020-06-14 04:57 - 000000000 ____D C:\Users\kamil 2021-08-31 20:22 - 2017-01-04 06:43 - 000000000 ___DC C:\Users\kamil\AppData\Local\ConnectedDevicesPlatform 2021-08-31 20:22 - 2017-01-03 21:08 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-08-29 14:48 - 2020-04-25 11:55 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2021-08-29 14:48 - 2019-11-27 02:30 - 002163152 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll 2021-08-29 14:47 - 2019-12-12 22:31 - 000307648 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll 2021-08-29 14:47 - 2019-11-27 02:30 - 000213456 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll 2021-08-29 14:47 - 2019-11-27 02:30 - 000188856 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll 2021-08-29 14:47 - 2019-11-27 02:30 - 000061904 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe 2021-08-27 08:46 - 2017-01-03 23:10 - 000000000 ____D C:\Program Files\Rockstar Games 2021-08-27 08:46 - 2017-01-03 23:10 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2021-08-26 20:03 - 2017-10-26 23:38 - 000000568 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2021-08-26 18:54 - 2020-06-14 05:04 - 000004170 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1580201286 2021-08-22 20:02 - 2020-06-14 05:04 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3776614771-340645959-2551341747-1001 2021-08-22 20:02 - 2020-06-14 04:57 - 000002468 ____C C:\Users\kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-08-19 22:58 - 2021-08-07 12:21 - 000000000 ____D C:\Users\kamil\AppData\Local\license 2021-08-19 22:58 - 2021-08-07 12:20 - 000000000 ____D C:\Users\kamil\AppData\Roaming\Cached files 2021-08-19 22:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-08-19 08:07 - 2017-01-03 21:13 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-17 19:22 - 2017-10-20 13:03 - 000000000 ___DC C:\Users\kamil\AppData\Roaming\audacity 2021-08-17 08:26 - 2018-01-19 00:09 - 000000000 ___DC C:\Users\kamil\AppData\Local\Packages 2021-08-16 13:23 - 2020-08-23 10:36 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-16 13:23 - 2020-08-23 10:36 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-08-13 08:56 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP 2021-08-13 08:34 - 2017-01-08 15:41 - 000000000 ___DC C:\Users\kamil\AppData\Local\CrashDumps 2021-08-13 08:34 - 2017-01-03 21:50 - 000000000 ____D C:\Windows\system32\MRT 2021-08-13 08:30 - 2017-01-03 21:50 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-08-13 08:28 - 2020-06-14 05:04 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update 2021-08-10 08:24 - 2018-02-09 22:26 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-08-09 13:39 - 2018-01-18 21:57 - 000000000 ___DC C:\Users\kamil\AppData\Roaming\foobar2000 2021-08-09 08:18 - 2017-01-03 21:10 - 000000000 ___RD C:\Users\kamil\OneDrive 2021-08-09 08:15 - 2020-11-21 23:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-06-19 15:18 - 2021-06-19 15:18 - 000065440 ___SH (Microsoft Corporation) C:\Users\kamil\AppData\Roaming\bvvtrjf 2020-09-25 10:18 - 2020-09-25 10:18 - 000000132 _____ () C:\Users\kamil\AppData\Roaming\Preferencje formatu OpenEXR CS6 firmy Adobe 2020-09-06 19:35 - 2020-09-06 19:35 - 000000132 _____ () C:\Users\kamil\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2017-12-06 19:34 - 2017-12-06 19:37 - 000000600 ____C () C:\Users\kamil\AppData\Roaming\winscp.rnd 2021-06-19 15:18 - 2021-06-19 15:18 - 000248375 ___SH () C:\Users\kamil\AppData\Roaming\wwrsbiu 2021-04-23 12:42 - 2021-04-23 12:42 - 000000024 _____ () C:\Users\kamil\AppData\Roaming\Microsoft\{8ADA9B80-E373-E18E-DB02-F11B969F143C} 2019-12-04 21:08 - 2019-12-12 21:25 - 001065984 _____ () C:\Users\kamil\AppData\Local\file__0.localstorage 2017-11-07 21:24 - 2017-12-06 21:09 - 000000600 ____C () C:\Users\kamil\AppData\Local\PUTTY.RND 2019-06-06 22:38 - 2019-07-05 14:05 - 000007601 ____C () C:\Users\kamil\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================