Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 31-05-2022 01 Uruchomiony przez Andrzej (administrator) ADMIN (Acer Aspire 5749Z) (01-06-2022 21:55:55) Uruchomiony z C:\Users\Andrzej\Downloads Załadowane profile: Andrzej Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 8\UI8Guard.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 8\UI8Log.exe (C:\Program Files (x86)\Launch Manager\dsiwmis.exe ->) (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (C:\Program Files (x86)\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\86.0.4363.58\opera_crashreporter.exe (C:\Program Files (x86)\Opera\opera.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6> (C:\Program Files\Microsoft IntelliType Pro\itype.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe (C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (explorer.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 8\UI8Guard.exe (explorer.exe ->) (Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe (explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe (explorer.exe ->) (NetWork Scanner) [Brak podpisu cyfrowego] C:\Windows\twain_32\L6U16U2\SrvMod.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (explorer.exe ->) (Surfshark B.V. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.exe (explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\opera.exe <22> (services.exe ->) (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe (services.exe ->) (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe (services.exe ->) (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe (services.exe ->) (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe (services.exe ->) (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (services.exe ->) (Intel Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (NTI Corporation -> NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (services.exe ->) (Surfshark B.V. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.Service.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [2306448 2010-07-21] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [Ashampoo Uninstaller Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 8\UI8Guard.exe [4388248 2019-01-17] (Ashampoo GmbH & Co. KG -> ) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-03-15] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 18\LiveTuner2.exe [4500648 2021-04-29] (Ashampoo GmbH & Co. KG -> ) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2022-05-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Policies\Explorer: [NoThumbnailCache] 1 HKLM\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1 HKU\S-1-5-21-2770710654-563048816-2845096244-1000\...\Run: [RadioSure] => C:\Users\Andrzej\AppData\Local\RadioSure\RadioSure.exe [2876416 2016-01-28] (TheBestWare Studio) [Brak podpisu cyfrowego] HKU\S-1-5-21-2770710654-563048816-2845096244-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116060024 2022-05-17] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-2770710654-563048816-2845096244-1000\...\Run: [Surfshark] => C:\Program Files (x86)\Surfshark\Surfshark.exe [10235464 2022-05-27] (Surfshark B.V. -> Surfshark) HKU\S-1-5-21-2770710654-563048816-2845096244-1000\...\Policies\Explorer: [nolowdiskspacechecks] 1 HKU\S-1-5-21-2770710654-563048816-2845096244-1000\...\Policies\Explorer: [GreyMSIAds] 1 HKU\S-1-5-21-2770710654-563048816-2845096244-501\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [456224 2010-07-29] (Acer Incorporated -> ) HKLM\...\Windows x64\Print Processors\hpfpp70v: C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll [248320 2009-04-16] (Hewlett-Packard Corporation) [Brak podpisu cyfrowego] HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [218112 2016-08-29] (Bullzip) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\Windows\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\hpf3l70v.dll: C:\Windows\system32\hpf3l70v.dll [136704 2009-04-16] (Hewlett-Packard Company) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\Windows\system32\nitrolocalmon2.dll [29704 2013-03-05] (Nitro PDF Software -> Nitro PDF Software) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [117248 2018-10-17] (pdfforge GmbH) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [36176 2016-11-19] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-05-28] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2018-01-25] ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SrvMod.lnk [2017-01-20] ShortcutTarget: SrvMod.lnk -> C:\Windows\twain_32\L6U16U2\SrvMod.exe (NetWork Scanner) [Brak podpisu cyfrowego] BootExecute: autocheck autochk * Partizan ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {006192C6-1265-4DB4-B6EE-B9B09CA5E813} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.) Task: {04327DF1-6C90-4750-A853-5AF1950736EE} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2770710654-563048816-2845096244-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {1A7BF37B-0A7A-4D13-BA8D-33F1F14C3F90} - System32\Tasks\Opera scheduled assistant Autoupdate 1583117247 => C:\Program Files (x86)\Opera\launcher.exe [2433792 2022-05-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0) Task: {22F64E15-9168-42DE-9CAF-45579A3EBC0D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Andrzej\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-10-08] (ESET, spol. s r.o. -> ESET) Task: {28324135-16A3-4F60-ACD9-CF97617A73E9} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [20099688 2021-10-07] (Goversoft LLC -> Goversoft LLC) Task: {39DE855B-7FF4-4D81-BEAE-096A90DA4BF3} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Andrzej\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-10-08] (ESET, spol. s r.o. -> ESET) Task: {55DF47F6-8DF8-47B7-A529-4FE9D78DBA07} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [170784 2019-07-22] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) Task: {55F77B08-1A40-47EF-9241-30273A4CDDDA} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-07-08] (Overwolf Ltd -> Overwolf LTD) Task: {5B4E5733-E8E1-434F-90C8-21F5524FAE9F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {6E3D0A63-1C41-460F-81D6-FA51A871C84F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {7F5C4403-046C-434F-BDCB-B15F66803053} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-09-15] (Adobe Inc. -> Adobe) Task: {8E09A615-5C1A-41A0-AEEC-941F9A12C9B4} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [5271448 2022-06-01] (Greatis Software LLC -> Greatis Software) Task: {932D3722-DE2D-425F-A264-12EF8F5FD3A1} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Task: {967ACC6F-A1B0-49A7-92CC-EF5D7150533B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {BC23836A-5FD6-4BF5-8199-0B67DB0C0E96} - System32\Tasks\Opera scheduled Autoupdate 1417285790 => C:\Program Files (x86)\Opera\launcher.exe [2433792 2022-05-20] (Opera Software AS -> Opera Software) Task: {D0E93917-7857-4E2B-B39A-46DB9281678C} - System32\Tasks\{41A78C6D-6D94-41E9-B5FA-84598A81765A} => C:\Users\Andrzej\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-10-08] (ESET, spol. s r.o. -> ESET) Task: {E93C394F-8677-4831-A0F2-74909E2B777D} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2306448 2010-07-21] (Microsoft Corporation -> Microsoft Corporation) Task: {F244D9BC-6BB6-4809-9838-DE2DF7F67BA5} - System32\Tasks\Kerish Doctor => C:\Program Files (x86)\Kerish Doctor\KerishDoctor.exe [4390272 2022-05-20] (OOO AMA -> Kerish Products) Task: {F3F538CC-7DA9-4C7A-A3D4-21D5BA90823E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {F98A235E-F398-480F-8FCF-2598CA54AD02} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-22] (Adobe Inc. -> Adobe) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{4544B149-1FFE-4784-BC3E-B01D84A9BE1A}: [NameServer] 208.67.222.222,208.67.220.220 Tcpip\..\Interfaces\{8380B326-88B2-490A-8475-2ADF5B84A61B}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{97AA657E-1DCB-49F6-A730-DBDDBCBDCCFE}: [DhcpNameServer] 192.168.8.1 Edge: ======= Edge Profile: C:\Users\Andrzej\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-31] FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-17] (Adobe Systems Incorporated -> ) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-09-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-09-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-08] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-17] (Adobe Systems Incorporated -> ) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.) [Brak podpisu cyfrowego] FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2770710654-563048816-2845096244-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR Profile: C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default [2022-05-31] CHR Extension: (Prezentacje) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-11] CHR Extension: (Dokumenty) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-11] CHR Extension: (Dysk Google) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-11] CHR Extension: (YouTube) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-11] CHR Extension: (Arkusze) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-11] CHR Extension: (Dokumenty Google offline) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-18] CHR Extension: (Skype) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-04-16] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-11] CHR Extension: (Gmail) - C:\Users\Andrzej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-11] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Opera: ======= OPR Profile: C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable [2022-06-01] OPR Notifications: Opera Stable -> hxxps://odkrywamyzdrowie.pl; hxxps://sprzedajemy.pl OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Video Downloader Multiformat) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\beemgnphifpbdehfmohojkhlklfaddih [2021-09-06] OPR Extension: (Bloker reklam AdGuard) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2022-05-28] OPR Extension: (SaferVPN Proxy - Free & Fast Privacy App) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\cocfojppfigjeefejbpfmedgjbpchcng [2021-10-06] OPR Extension: (ExoSpecial) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\cpcpgkimfmmemlcikiikifflglnfbpeb [2021-10-06] OPR Extension: (Rich Hints Agent) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-05-10] OPR Extension: (Opera Crypto Wallet) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-05-10] OPR Extension: (HideMyAss - Free Web Proxy) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\hlpdbioabohahlmpghnfknhaihleineg [2021-10-06] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-05] OPR Extension: (Zainstaluj rozszerzenia Chrome) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2021-10-06] OPR Extension: (Force Download) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\klahcccondnnonafcbcdgbahphglbjjg [2021-09-06] OPR Extension: (Privacy Badger) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\ldfkcgjipgfchpnojicdgpgiocoeelik [2021-12-13] OPR Extension: (Tłumacz Google) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2022-05-13] OPR Extension: (Skyload - Pobieranie muzyki i wideo) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\nodcmkfbncnhlbbohoalamehlohaidjo [2022-04-16] OPR Extension: (SaveFrom.net helper) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2022-05-10] OPR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Andrzej\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2022-05-28] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-09-15] (Adobe Inc. -> Adobe) S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [74360 2016-04-05] (Autodesk, Inc -> Autodesk, Inc.) R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET) S3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET) R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-06-01] (Malwarebytes Inc. -> Malwarebytes) S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [178976 2019-07-22] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-05] (Nitro PDF Software -> Nitro PDF Software) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation -> NTI Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-07-08] (Overwolf Ltd -> Overwolf LTD) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH) S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14509608 2022-05-13] (ADLICE -> ) R2 Surfshark Service; C:\Program Files (x86)\Surfshark\Surfshark.Service.exe [3261000 2022-05-27] (Surfshark B.V. -> Surfshark) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S3 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.) S2 WO_LiveService2; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 18\LiveTunerService.exe [307880 2021-04-29] (Ashampoo GmbH & Co. KG -> ) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 adgnetworktdidrv; C:\Windows\System32\drivers\adgnetworktdidrv.sys [67360 2019-09-18] (Adguard Software Limited -> ) R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [118184 2018-05-14] (Alcorlink Corp. -> ) S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc) [Brak podpisu cyfrowego] S3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider) S3 DFX12; C:\Windows\System32\drivers\dfx12x64.sys [29688 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [183888 2022-03-15] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107944 2022-03-15] (ESET, spol. s r.o. -> ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [226264 2022-03-15] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [44968 2022-03-15] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [70776 2022-03-15] (ESET, spol. s r.o. -> ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [56880 2022-03-15] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [111624 2022-03-15] (ESET, spol. s r.o. -> ESET) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-18] (Martin Malik - REALiX -> REALiX(tm)) R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2022-05-31] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk]) S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2012-10-02] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [81584 2018-01-18] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2018-01-18] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) R2 LiveTuner2PM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 18\LiveTuner64.sys [24432 2021-04-29] (Ashampoo GmbH & Co. KG -> ) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239560 2022-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 Prot6Flt; Brak ImagePath R3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [190232 2018-01-18] (AlcorMicro, Corp. -> Windows (R) Win 7 DDK provider) S3 SurfsharkSplitTunnelDriver; C:\Program Files (x86)\Surfshark\Resources\x64\SurfsharkSplitTunnelCalloutDriver.sys [39648 2022-02-01] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [30720 2019-12-10] (OpenVPN Inc. -> The OpenVPN Project) R3 tapsurfshark; C:\Windows\System32\DRIVERS\tapsurfshark.sys [36544 2021-06-23] (Surfshark Ltd. -> The OpenVPN Project) R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 8\IFS64.sys [40520 2019-01-17] (Ashampoo GmbH & Co. KG -> ) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> ) S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-03-10] (NGO -> MBB) S3 wintunshark; C:\Windows\System32\DRIVERS\wintunshark.sys [28936 2021-06-23] (Surfshark Ltd. -> Surfshark Ltd) R3 WireGuard; C:\Windows\System32\DRIVERS\wireguard.sys [489368 2022-04-16] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-01 21:55 - 2022-06-01 21:56 - 000032564 _____ C:\Users\Andrzej\Downloads\FRST.txt 2022-06-01 21:55 - 2022-06-01 21:55 - 000025499 _____ C:\Users\Andrzej\Downloads\FRST logi 1.7z 2022-06-01 20:26 - 2022-06-01 20:26 - 000001278 _____ C:\Users\Public\Desktop\Skype.lnk 2022-06-01 20:20 - 2022-06-01 20:23 - 086797200 _____ (Skype Technologies S.A.) C:\Users\Andrzej\Downloads\Skype-8.83.0.409.exe 2022-06-01 19:03 - 2022-06-01 19:03 - 000001972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-06-01 19:03 - 2022-06-01 19:03 - 000001960 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-06-01 19:03 - 2022-06-01 19:03 - 000000000 ____D C:\Users\Andrzej\AppData\Local\mbam 2022-06-01 19:02 - 2022-06-01 19:41 - 000239560 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2022-06-01 19:02 - 2022-06-01 19:02 - 002546400 _____ (Malwarebytes) C:\Users\Andrzej\Downloads\MBSetup.exe 2022-06-01 19:02 - 2022-06-01 19:01 - 000103888 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2022-06-01 18:58 - 2022-06-01 18:58 - 000000000 ____D C:\Program Files\Malwarebytes 2022-06-01 18:39 - 2022-06-01 18:44 - 000000908 _____ C:\Users\Andrzej\Desktop\Workaround.vbs 2022-06-01 18:32 - 2022-06-01 18:33 - 000059150 _____ C:\Users\Andrzej\Downloads\Fixlog.txt 2022-06-01 16:34 - 2022-06-01 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Surfshark 2022-06-01 16:34 - 2022-06-01 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\New Folder 2022-06-01 15:45 - 2022-06-01 21:56 - 000000000 ____D C:\FRST 2022-06-01 15:45 - 2022-06-01 15:46 - 002367488 _____ (Farbar) C:\Users\Andrzej\Downloads\FRST64.exe 2022-06-01 02:04 - 2022-06-01 16:34 - 000000913 _____ C:\Users\Public\Desktop\Surfshark.lnk 2022-06-01 02:04 - 2022-06-01 16:34 - 000000000 ____D C:\ProgramData\Surfshark 2022-06-01 02:03 - 2022-06-01 16:36 - 000000000 ____D C:\Program Files (x86)\Surfshark 2022-06-01 02:02 - 2022-06-01 18:35 - 000000000 ____D C:\Users\Andrzej\AppData\Roaming\Surfshark 2022-06-01 00:46 - 2022-06-01 15:07 - 000698826 _____ C:\Users\Andrzej\Desktop\regrunlog.txt 2022-06-01 00:16 - 2022-06-01 14:45 - 000003322 _____ C:\Windows\system32\Tasks\UnHackMe Task Scheduler 2022-06-01 00:16 - 2022-06-01 14:45 - 000000971 _____ C:\Users\Andrzej\Desktop\UnHackMe.lnk 2022-06-01 00:16 - 2022-06-01 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe 2022-06-01 00:16 - 2022-05-04 14:01 - 000016520 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys 2022-06-01 00:16 - 2015-12-28 11:32 - 000049968 _____ (Greatis Software) C:\Windows\system32\partizan.exe 2022-06-01 00:15 - 2022-06-01 00:15 - 000000000 ____D C:\Users\Andrzej\Downloads\unhackme (1) 2022-06-01 00:13 - 2022-06-01 00:15 - 045397088 _____ C:\Users\Andrzej\Downloads\unhackme (1).zip 2022-05-31 23:53 - 2022-05-31 23:54 - 030474032 _____ (Adlice Software ) C:\Users\Andrzej\Downloads\setup.exe 2022-05-31 23:51 - 2022-05-31 23:52 - 028790392 _____ (Adlice Software ) C:\Users\Andrzej\Downloads\UCheck_setup (1).exe 2022-05-31 23:48 - 2022-05-31 23:48 - 043537760 _____ (Adlice Software ) C:\Users\Andrzej\Downloads\RogueKiller_setup (2).exe 2022-05-31 23:46 - 2022-05-31 23:49 - 000000868 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2022-05-31 23:46 - 2022-05-31 23:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2022-05-31 23:46 - 2022-05-31 23:49 - 000000000 ____D C:\Program Files\RogueKiller 2022-05-31 23:27 - 2022-06-01 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-05-31 23:27 - 2022-05-31 23:27 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\3561C311.sys 2022-05-31 23:26 - 2022-05-31 23:45 - 000000000 ____D C:\Users\Andrzej\Desktop\mbar 2022-05-31 23:26 - 2022-05-31 23:45 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2022-05-31 23:13 - 2022-05-31 23:13 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2022-05-31 23:13 - 2022-05-31 23:13 - 000000000 ____D C:\Windows\system32\DAX3 2022-05-31 23:13 - 2022-05-31 23:13 - 000000000 ____D C:\Windows\system32\DAX2 2022-05-31 23:13 - 2022-05-31 23:13 - 000000000 ____D C:\ProgramData\Audyssey Labs 2022-05-31 23:12 - 2022-05-31 23:12 - 072520680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2022-05-31 23:12 - 2022-05-31 23:12 - 018013667 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2022-05-31 23:12 - 2022-05-31 23:12 - 015218584 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 007178432 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 007101704 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 006270160 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 006197704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2022-05-31 23:12 - 2022-05-31 23:12 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat 2022-05-31 23:12 - 2022-05-31 23:12 - 005346960 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 003691368 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 003677128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2022-05-31 23:12 - 2022-05-31 23:12 - 003452120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 003417976 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 003306784 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 003252240 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 003215184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 003128768 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 002992152 _____ (Audyssey Labs) C:\Windows\system32\AudysseyEfx.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 002930632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 002444648 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 002197944 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001971336 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001965120 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001787920 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001598360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001544216 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001516232 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001448744 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOv251gm.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001435104 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001382200 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001372352 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001366904 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001353288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001337608 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001300664 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001259696 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001229088 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001164584 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOvlldpgm.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001159152 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001157216 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001045888 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 001007352 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000994648 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000964992 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000873424 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000852096 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000751264 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000734736 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000715616 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000714432 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000692128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000604760 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000541080 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000511608 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000467120 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000453240 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000452704 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000448568 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000447144 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000416472 _____ (Harman) C:\Windows\system32\HMUI.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000406416 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000392840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000381376 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000378344 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000367576 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000366088 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000360312 _____ (Harman) C:\Windows\system32\HMClariFi.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000341112 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000341112 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000332976 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000327240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000327232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000315944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000278240 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000266520 _____ (TODO: ) C:\Windows\system32\slprp64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000261200 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000261168 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000260176 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000231880 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000230672 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000220352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000218240 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000203808 _____ (Harman) C:\Windows\system32\HMHVS.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000190896 _____ (Harman) C:\Windows\system32\HMEQ.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000179560 _____ (Harman) C:\Windows\system32\HMLimiter.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000174904 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000158656 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000157312 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000154328 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000139720 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000122288 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000118552 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000116504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000105272 _____ C:\Windows\system32\audioLibVc.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000093872 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000090880 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000090136 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000088288 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000083592 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000075504 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2022-05-31 23:12 - 2022-05-31 23:12 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2022-05-31 22:50 - 2022-05-31 22:52 - 273269192 _____ C:\Users\Andrzej\Downloads\dt1sy0o6.exe 2022-05-31 22:45 - 2022-05-31 22:45 - 000003244 _____ C:\Windows\system32\Tasks\Kerish Doctor 2022-05-31 22:45 - 2022-05-31 22:45 - 000001136 _____ C:\Users\Public\Desktop\Kerish Doctor 2022.lnk 2022-05-31 22:45 - 2022-05-31 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kerish Doctor 2022-05-31 22:44 - 2022-05-19 08:29 - 000062864 _____ (Kerish Products) C:\Windows\SysWOW64\GPUTemp.dll 2022-05-31 22:27 - 2022-05-31 22:27 - 000000017 _____ C:\Users\Andrzej\AppData\Local\resmon.resmoncfg 2022-05-31 22:11 - 2022-05-21 01:17 - 008551608 _____ (Malwarebytes) C:\Users\Andrzej\Downloads\adwcleaner(1).exe 2022-05-31 22:04 - 2022-05-31 22:09 - 273266096 _____ C:\Users\Andrzej\Downloads\fqi4j9wz.exe 2022-05-31 22:00 - 2022-05-25 13:53 - 273009632 _____ C:\Users\Andrzej\Downloads\b8i2773m.exe 2022-05-31 21:58 - 2022-05-31 21:58 - 000000000 ____D C:\AVG_Remover 2022-05-31 21:57 - 2022-05-31 21:57 - 007986864 _____ ( ) C:\Users\Andrzej\Downloads\AVG_Remover.exe 2022-05-31 20:00 - 2022-05-31 20:00 - 000517240 _____ C:\Windows\system32\FNTCACHE.DAT 2022-05-31 18:41 - 2022-05-31 18:41 - 000000000 ____D C:\ProgramData\Adguard 2022-05-31 18:29 - 2022-05-31 18:29 - 000001426 _____ C:\Users\Public\Desktop\1-Click-Optimizer (WO18).lnk 2022-05-31 18:29 - 2022-05-31 18:29 - 000001206 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 18.lnk 2022-05-31 18:26 - 2022-05-31 18:26 - 000001951 _____ C:\Users\Public\Desktop\Ochrona bankowości internetowej ESET.lnk 2022-05-31 18:24 - 2022-05-31 18:24 - 000000000 ____D C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET 2022-05-31 18:24 - 2022-05-31 18:24 - 000000000 ____D C:\ProgramData\ESET 2022-05-31 18:24 - 2022-05-31 18:24 - 000000000 ____D C:\Program Files\ESET 2022-05-31 18:00 - 2022-05-31 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2022-05-31 18:00 - 2022-05-31 18:00 - 000001183 _____ C:\Users\Public\Desktop\Ashampoo UnInstaller 8.lnk 2022-05-31 18:00 - 2022-05-31 18:00 - 000000000 ____D C:\ProgramData\Ashampoo 2022-05-31 17:22 - 2022-05-31 17:22 - 000116488 _____ (Adguard Software Ltd) C:\Users\Andrzej\Downloads\adguardInstaller (1).exe 2022-05-31 17:04 - 2022-05-31 17:04 - 002415056 _____ C:\Users\Andrzej\Downloads\SharewareOnSale_Giveaway_Ashampoo_WinOptimizer_18_hub.exe 2022-05-31 16:44 - 2022-05-31 16:44 - 015140760 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Andrzej\Downloads\Ashampoo UnInstaller 8 kod UNI8AA-77F1D7-3A534A.exe 2022-05-31 16:44 - 2022-05-31 16:44 - 000000000 ____D C:\ProgramData\SharewareOnSale Notifier 2022-05-31 16:42 - 2022-05-31 16:42 - 002665088 _____ C:\Users\Andrzej\Downloads\SharewareOnSale_Giveaway_Ashampoo_UnInstaller_8_hub.exe 2022-05-29 00:15 - 2022-05-19 08:29 - 000245208 _____ (Kerish Products) C:\Windows\SysWOW64\LargeNumbers.dll 2022-05-29 00:15 - 2022-05-19 08:29 - 000245208 _____ (Kerish Products) C:\Windows\system32\LargeNumbers.dll 2022-05-28 14:43 - 2022-05-28 14:43 - 001414600 _____ (Google LLC) C:\Users\Andrzej\Downloads\ChromeSetup (1).exe 2022-05-28 14:39 - 2022-05-31 00:54 - 000015008 _____ (Highresolution Enterprises [www.highrez.co.uk]) C:\Windows\system32\Drivers\inpoutx64.sys 2022-05-28 14:39 - 2011-01-20 01:07 - 000098304 _____ (Highresolution Enterprises) C:\Windows\SysWOW64\inpout32.dll 2022-05-28 14:35 - 2022-05-28 14:38 - 050355640 _____ (Kerish Products ) C:\Users\Andrzej\Downloads\Kerish_Doctor_4.90.exe 2022-05-28 14:22 - 2022-05-28 14:22 - 000057449 _____ C:\Windows\system32\NOTICE_mod 2022-05-28 14:08 - 2022-05-26 00:12 - 070270488 _____ (ESET) C:\Users\Andrzej\Downloads\eis_nt64.exe 2022-05-09 20:06 - 2022-05-09 20:06 - 000000479 _____ C:\Users\Andrzej\Documents\installationtruck2017R3.xml 2022-05-09 20:05 - 2022-05-09 20:05 - 000000479 _____ C:\Users\Andrzej\Documents\installationcar2017R3.xml 2022-05-09 20:00 - 2022-05-09 20:05 - 000005842 _____ C:\Users\Andrzej\Documents\FileActivationTr.xml 2022-05-09 20:00 - 2022-05-09 20:04 - 000005810 _____ C:\Users\Andrzej\Documents\FileActivationCa.xml 2022-05-09 18:44 - 2022-05-09 18:44 - 000000479 _____ C:\Users\Andrzej\Downloads\ZaktywowanyTRUCK2017R3.xml 2022-05-09 18:43 - 2022-05-09 18:43 - 000000479 _____ C:\Users\Andrzej\Downloads\ZaktywowanyCAR2017R3.xml 2022-05-09 18:40 - 2022-05-09 18:43 - 000005814 _____ C:\Users\Andrzej\Downloads\FileActivationTRUCK2017R3.xml 2022-05-09 18:40 - 2022-05-09 18:42 - 000005810 _____ C:\Users\Andrzej\Downloads\FileActivationCAR2017R3.xml 2022-05-09 18:39 - 2022-05-31 17:46 - 000000000 ____D C:\Aktywator+2017+bez+limitu.rar 2022-05-03 18:26 - 2022-05-03 18:26 - 000000000 ____D C:\Users\Andrzej\AppData\Local\IsolatedStorage 2022-05-03 13:34 - 2022-05-03 13:34 - 000148896 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT 2022-05-03 13:32 - 2022-05-03 14:17 - 000000000 ____D C:\Users\Andrzej\Downloads\Stasia ABRAHAMKA ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-01 21:06 - 2012-10-19 17:11 - 000000000 ____D C:\Program Files (x86)\Google 2022-06-01 20:59 - 2009-07-14 06:45 - 000028144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-06-01 20:59 - 2009-07-14 06:45 - 000028144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-06-01 20:27 - 2013-12-11 17:05 - 000000000 ____D C:\Users\Andrzej\Tracing 2022-06-01 20:26 - 2016-04-05 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2022-06-01 19:46 - 2011-11-30 16:44 - 000840392 _____ C:\Windows\system32\perfh015.dat 2022-06-01 19:46 - 2011-11-30 16:44 - 000211568 _____ C:\Windows\system32\perfc015.dat 2022-06-01 19:46 - 2009-07-14 07:13 - 001831984 _____ C:\Windows\system32\PerfStringBackup.INI 2022-06-01 19:45 - 2021-10-07 15:54 - 000000000 ____D C:\Program Files (x86)\UnHackMe 2022-06-01 19:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2022-06-01 19:43 - 2021-10-07 15:55 - 000000000 ____D C:\Users\Public\Documents\RegRunInfo 2022-06-01 19:43 - 2021-10-07 15:55 - 000000000 ____D C:\Users\Andrzej\AppData\Local\UnHackMe 2022-06-01 19:40 - 2021-10-07 16:52 - 000001336 _____ C:\Windows\SysWOW64\PARTIZAN.TXT 2022-06-01 19:40 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-06-01 19:31 - 2021-10-07 16:49 - 000000000 ____D C:\@RestoreQuarantine 2022-06-01 19:31 - 2017-03-22 00:54 - 000000000 ____D C:\Users\Andrzej\AppData\Local\RadioSure 2022-06-01 19:31 - 2016-04-05 22:47 - 000000000 ____D C:\Users\Andrzej\AppData\Local\Screamer Radio 2022-06-01 18:32 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2022-06-01 00:39 - 2021-10-12 16:12 - 000000000 ____D C:\ProgramData\RogueKiller 2022-05-31 23:22 - 2021-10-12 13:37 - 000000000 ____D C:\ProgramData\SecTaskMan 2022-05-31 23:13 - 2011-11-30 15:56 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2022-05-31 22:45 - 2018-10-17 02:00 - 000000000 ____D C:\Program Files (x86)\Kerish Doctor 2022-05-31 22:22 - 2012-10-14 16:19 - 000000000 ____D C:\Users\Andrzej 2022-05-31 22:01 - 2017-02-18 14:47 - 000000000 ____D C:\Users\Andrzej\Doctor Web 2022-05-31 18:41 - 2016-04-05 01:06 - 000000000 ____D C:\ProgramData\Package Cache 2022-05-31 18:00 - 2021-10-07 03:35 - 000000000 ____D C:\Users\Public\Documents\Ashampoo 2022-05-31 17:46 - 2016-04-05 23:23 - 000000000 ____D C:\!!!PROJEKTY!!! 2022-05-31 17:16 - 2018-10-17 23:13 - 000000000 ____D C:\Program Files (x86)\Ashampoo 2022-05-31 01:03 - 2012-11-04 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2022-05-30 23:23 - 2021-10-09 16:07 - 000003764 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn 2022-05-30 23:23 - 2021-10-09 16:07 - 000003324 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime 2022-05-30 23:23 - 2020-03-02 04:47 - 000003878 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1417285790 2022-05-30 23:23 - 2013-01-06 23:59 - 000000000 ____D C:\Program Files (x86)\Opera 2022-05-28 22:25 - 2014-02-17 20:59 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-05-28 22:25 - 2012-10-19 17:11 - 000000000 ____D C:\Users\Andrzej\AppData\Local\Google 2022-05-28 22:15 - 2014-02-17 20:57 - 000003358 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-05-28 21:58 - 2015-09-18 21:24 - 000000000 ____D C:\ProgramData\Comodo 2022-05-28 14:22 - 2021-10-08 13:08 - 000000000 ____D C:\Users\Andrzej\AppData\Local\ESET 2022-05-28 14:14 - 2017-11-24 09:38 - 000000000 ____D C:\Users\Gość.ADMIN\AppData\Roaming\Comodo 2022-05-28 14:12 - 2021-10-08 13:08 - 000001409 _____ C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-05-28 13:47 - 2021-10-07 17:30 - 000880640 _____ C:\Users\Public\Documents\bootracer.his 2022-05-28 12:35 - 2022-04-16 00:12 - 000000000 ____D C:\Users\Andrzej\AppData\Local\Surfshark 2022-05-25 00:33 - 2021-10-07 04:27 - 343920768 _____ C:\Users\Andrzej\Downloads\EmsisoftEmergencyKit.exe 2022-05-10 21:18 - 2013-11-20 16:39 - 000000000 ____D C:\Windows\system32\MRT 2022-05-10 21:18 - 2012-11-18 23:11 - 145501456 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-07-23 12:00 - 2021-10-06 14:15 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat 2013-11-16 13:00 - 2013-11-16 13:00 - 000003584 _____ () C:\Users\Andrzej\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-01-19 18:11 - 2017-01-19 18:11 - 000000095 _____ () C:\Users\Andrzej\AppData\Local\fusioncache.dat 2016-08-24 14:28 - 2017-01-09 21:37 - 000033113 _____ () C:\Users\Andrzej\AppData\Local\HWVendorDetection.log 2017-07-25 23:24 - 2017-07-25 23:24 - 000004421 _____ () C:\Users\Andrzej\AppData\Local\recently-used.xbel 2022-05-31 22:27 - 2022-05-31 22:27 - 000000017 _____ () C:\Users\Andrzej\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2017-02-11 16:13 ==================== Koniec FRST.txt ========================