Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 24-06-2022 01 Uruchomiony przez Kamil (administrator) KOMPUTER (Gigabyte Technology Co., Ltd. B85M-D3H) (24-06-2022 23:06:24) Uruchomiony z C:\Users\Kamil\Downloads Załadowane profile: Kamil Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Users\Kamil\AppData\Local\cc45d350-13c4-444c-9572-09210b9fad72\9FQwbgb051ULLdKsOdWAGV6p.exe (explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\Run: [SysHelper] => C:\Users\Kamil\AppData\Local\cc45d350-13c4-444c-9572-09210b9fad72\9FQwbgb051ULLdKsOdWAGV6p.exe [858112 2022-06-24] () [Brak podpisu cyfrowego] <==== UWAGA HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {20700eb7-5c43-11ea-8fdd-408d5cb4bdad} - F:\setup.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {2c737e93-e239-11ea-afc8-408d5cb4bdad} - G:\setup.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {41aec5d0-7548-11eb-a927-408d5cb4bdad} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {556b71fa-8327-11eb-ac51-408d5cb4bdad} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {73617d41-6b95-11eb-bfbe-408d5cb4bdad} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {90e076ac-4789-11e6-94b8-806e6f6e6963} - D:\Run.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {a7cef0f5-6f4e-11e9-b503-408d5cb4bdad} - E:\Lenovo_Suite.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {cbedadb4-c6d2-11ea-824e-408d5cb4bdad} - F:\setup.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {e1b53b0f-d797-11ea-a7ca-408d5cb4bdad} - H:\setup.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {ec3a3d49-5297-11ea-80b8-408d5cb4bdad} - F:\setup.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-01] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0EE790A5-9DCA-433A-B44F-69ED960EECDD} - System32\Tasks\Microsoft\Windows\microsoft-windows-system-utildget => C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe /u C:\ProgramData\ServicesConf\AutienthpShare\Izspovpr_eell.dll Task: {12ABF29C-115B-4D07-8754-DC93CE04A616} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-25] (Google Inc -> Google Inc.) Task: {1B2115AF-41DE-4247-83DE-F074EFD439BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {318E2A33-0503-45B5-8603-F7A9607D0C3C} - System32\Tasks\PowerControl HR => C:\Program [Argument = Files (x86)\PowerControl\PowerControl_Svc.exe] Task: {61BB5F89-B03F-471D-9EAA-89A11AAE8CC8} - System32\Tasks\Opera scheduled Autoupdate 1587761263 => C:\Users\Kamil\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software) Task: {63516765-0490-43B7-9156-09A07F1A85A4} - System32\Tasks\Opera scheduled assistant Autoupdate 1587761263 => C:\Users\Kamil\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kamil\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {719F1399-9CFA-442E-8BC0-96BD00F4262E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation) Task: {868BE7A2-C897-433B-82AB-552C037BE7AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-25] (Google Inc -> Google Inc.) Task: {B20A8F17-2ECF-4137-B164-9327650931C3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {DDDAA756-7B77-4EEF-B93B-272059D0D280} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4182285792-3264255131-334601476-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {DF4428E4-B25C-41F3-B939-66C538270EE0} - System32\Tasks\PowerControl LG => C:\Program [Argument = Files (x86)\PowerControl\PowerControl_Svc.exe] Task: {E25318E6-CD6E-48A7-8B5F-D3F7A223BE28} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) AutoConfigURL: [S-1-5-21-4182285792-3264255131-334601476-1000] => hxxp://35.236.159.79/win.pac <==== UWAGA Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1DAD4D73-4A90-4FF4-BF6D-51312306C341}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B25CF1D0-CACA-4A03-8539-9381F924933E}: [DhcpNameServer] 194.204.152.34 194.204.159.1 Tcpip\..\Interfaces\{B490AF5A-BBDC-44AB-84F8-EBC919BC80C7}: [DhcpNameServer] 192.168.42.129 FireFox: ======== FF DefaultProfile: x06atlq5.default-1629573619549 FF DefaultProfile: qsguo7v9.default FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\x06atlq5.default-1629573619549 [2022-06-24] FF Notifications: Mozilla\Firefox\Profiles\x06atlq5.default-1629573619549 -> hxxps://panel.marketagent.com; hxxps://sport.radiozet.pl; hxxps://ekspert.streetcom.pl; hxxps://www.mediaexpert.pl; hxxps://portal.tgmpanel.com FF Extension: (AdBlocker Ultimate) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\x06atlq5.default-1629573619549\Extensions\adblockultimate@adblockultimate.net.xpi [2022-06-24] FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Light\Light\Profiles\qsguo7v9.default [2022-06-24] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-06-05] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default [2022-06-24] CHR Notifications: Default -> hxxps://ekspert.streetcom.pl; hxxps://panel.marketagent.com; hxxps://pl.aliexpress.com; hxxps://poczta.wp.pl; hxxps://www.youtube.com CHR NewTab: Default -> Not-active:"chrome-extension://kadfogmkkijgifjbphojhdkojbdammnk/newtab.html" CHR Extension: (uBlock Origin) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-06-20] CHR Extension: (Sunflowers) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dongaamiklnflgpdldminnnbbjnmjdal [2021-04-29] CHR Extension: (Dokumenty Google offline) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-15] CHR Extension: (Online MS Paint - Image Editor & Paint Tool) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadfogmkkijgifjbphojhdkojbdammnk [2021-02-27] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] Opera: ======= OPR Profile: C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable [2022-06-24] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-06-24] OPR Extension: (Opera Crypto Wallet) - C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-06-24] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-06-24] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) S2 AppServiced; C:\Windows\system32\VPUK7KTTEJ.tmp [6144 2022-06-24] (Microsoft Corporation) [Brak podpisu cyfrowego] <==== UWAGA S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2022-06-05] (Even Balance, Inc. -> ) R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2022-06-05] (Even Balance, Inc. -> ) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1930240 2013-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R1 BdfNdisf; C:\Windows\System32\DRIVERS\BdfNdisf6.sys [87048 2009-10-19] (BITDEFENDER LLC -> BitDefender LLC) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2020-02-18] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2020-02-18] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 gdrv; C:\Windows\gdrv.sys [26192 2016-10-15] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider) S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider) S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated) [Brak podpisu cyfrowego] U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [10848 2000-01-07] () [Brak podpisu cyfrowego] R0 sptd; C:\Windows\System32\Drivers\sptd.sys [393880 2022-06-22] (Disc Soft Ltd -> Duplex Secure Ltd.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-24 23:06 - 2022-06-24 23:06 - 002369024 _____ (Farbar) C:\Users\Kamil\Downloads\FRST64.exe 2022-06-24 23:06 - 2022-06-24 23:06 - 000013907 _____ C:\Users\Kamil\Downloads\FRST.txt 2022-06-24 23:06 - 2022-06-24 23:06 - 000000000 ____D C:\Users\Kamil\Downloads\FRST-OlderVersion 2022-06-24 23:00 - 2022-06-24 23:00 - 000000000 ____D C:\Users\Kamil\AppData\Local\cc45d350-13c4-444c-9572-09210b9fad72 2022-06-24 22:54 - 2022-06-24 23:00 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\VPUK7KTTEJ.tmp 2022-06-24 22:54 - 2022-06-24 22:54 - 000000000 ____D C:\Users\Kamil\AppData\Local\22d2c589-3776-4a7b-ac10-5dbc344d8970 2022-06-24 21:17 - 2022-06-24 21:17 - 000001111 _____ C:\Users\Kamil\_readme.txt 2022-06-24 17:10 - 2022-06-24 23:06 - 000000000 ____D C:\FRST 2022-06-24 16:26 - 2022-06-24 16:26 - 002103296 ____H C:\Windows\windefender.exe 2022-06-24 16:21 - 2022-06-24 16:21 - 000023272 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\WinmonFS.sys 2022-06-24 16:21 - 2022-06-24 16:21 - 000013312 _____ C:\Windows\system32\Drivers\WinmonProcessMonitor.sys 2022-06-24 16:21 - 2022-06-24 16:21 - 000009352 _____ C:\Windows\system32\Drivers\Winmon.sys 2022-06-24 16:21 - 2022-06-24 16:21 - 000000000 ____D C:\SystemID 2022-06-24 16:10 - 2022-06-24 16:12 - 000000000 ____D C:\Users\Kamil\AppData\Local\c2d746e8-a411-4ebb-a52a-db36c90cf0c6 2022-06-24 16:06 - 2022-06-24 16:21 - 000000401 _____ C:\Users\Kamil\hasla.txt.eijy 2022-06-24 16:06 - 2022-06-24 16:06 - 000000000 ____D C:\Users\Kamil\AppData\Local\mbam 2022-06-24 16:06 - 2022-06-24 16:06 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-06-24 15:50 - 2022-06-24 18:32 - 000000000 ____D C:\Users\Kamil\AppData\Local\CrashDumps 2022-06-24 15:38 - 2022-06-24 16:06 - 000000000 ____D C:\Program Files\Malwarebytes 2022-06-24 07:02 - 2022-06-24 16:19 - 000000000 ____D C:\ProgramData\AVG 2022-06-24 07:01 - 2022-06-24 16:19 - 000000000 ____D C:\Program Files\Common Files\AVG 2022-06-24 07:01 - 2022-06-24 16:19 - 000000000 ____D C:\Program Files\AVG 2022-06-24 07:01 - 2022-06-24 07:01 - 000857600 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw6b5ff6819ac4cbf9.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000662288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw6b7765252be5106f.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000549112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw52f3535669967a0d.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000382680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw0e2c68ed2484ea4f.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000322064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswb37bb3ccc15113a3.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000271744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw3af0b1a3c8067c5c.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000269168 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2022-06-24 07:01 - 2022-06-24 07:01 - 000255208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswbab4acd0a3bc16f5.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000232800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw197c1050ca37b6d7.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000218736 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw2b7ed1d7cd50f652.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000111192 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw4636bc715ba7395e.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000102624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw556c84fa7cf1b310.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000086256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw0503289efa857de7.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000045224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw9230f493a9f288b2.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000039064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswe652fd3050f7f4f8.tmp 2022-06-24 07:01 - 2022-06-24 07:01 - 000029944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw73ff7f2143b28e5e.tmp 2022-06-24 07:00 - 2022-06-24 07:00 - 000000000 _____ C:\Windows\system32\userDns.conf 2022-06-24 06:53 - 2022-06-24 16:19 - 000000000 ___HD C:\Windows\rss 2022-06-24 06:53 - 2022-06-24 06:53 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe 2022-06-24 06:53 - 2022-06-24 06:53 - 000684984 _____ (Mozilla Foundation) C:\Users\Kamil\AppData\LocalLow\freebl3.dll 2022-06-24 06:53 - 2022-06-24 06:53 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe 2022-06-24 06:53 - 2022-06-24 06:53 - 000627128 _____ (Mozilla Foundation) C:\Users\Kamil\AppData\LocalLow\mozglue.dll 2022-06-24 06:53 - 2022-06-24 06:53 - 000254392 _____ (Mozilla Foundation) C:\Users\Kamil\AppData\LocalLow\softokn3.dll 2022-06-24 06:53 - 2022-06-24 06:53 - 000003540 _____ C:\Windows\system32\Tasks\PowerControl HR 2022-06-24 06:53 - 2022-06-24 06:53 - 000003284 _____ C:\Windows\system32\Tasks\PowerControl LG 2022-06-24 06:53 - 2022-06-24 06:53 - 000000162 _____ C:\Users\Kamil\AppData\LocalLow\nssdbm3.dll 2022-06-24 06:53 - 2022-06-24 06:53 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\shftool 2022-06-24 06:53 - 2022-06-24 06:53 - 000000000 ____D C:\Users\Kamil\AppData\Local\Yandex 2022-06-24 06:53 - 2022-06-24 06:53 - 000000000 ____D C:\Program Files (x86)\PowerControl 2022-06-22 22:40 - 2022-06-23 06:52 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Sekiro 2022-06-22 21:10 - 2022-06-22 21:10 - 000393880 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2022-06-22 13:48 - 2022-06-22 13:49 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Shadwen 2022-06-22 11:57 - 2022-06-22 13:42 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Game Labs 2022-06-19 23:35 - 2022-06-19 23:35 - 000000000 ____D C:\Users\Kamil\AppData\Local\The Witcher 2 2022-06-19 19:21 - 2022-06-19 19:21 - 000000000 ____D C:\Users\Kamil\.ms-ad 2022-06-19 01:53 - 2022-06-19 01:53 - 084287488 _____ C:\Windows\system32\config\SOFTWARE.blues 2022-06-19 01:53 - 2022-06-19 01:53 - 024133632 _____ C:\Windows\system32\config\SYSTEM.blues 2022-06-19 01:53 - 2022-06-19 01:53 - 001314816 _____ C:\Windows\system32\config\DEFAULT.blues 2022-06-19 01:53 - 2022-06-19 01:53 - 000065536 _____ C:\Windows\system32\config\SAM.blues 2022-06-19 01:53 - 2022-06-19 01:53 - 000028672 _____ C:\Windows\system32\config\SECURITY.blues 2022-06-19 01:49 - 2022-06-24 16:19 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\BlueSprig 2022-06-17 17:30 - 2022-06-17 17:30 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Ivanovich Games 2022-06-17 17:22 - 2022-06-24 16:19 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Summer Games 2022-06-15 16:48 - 2022-06-15 16:48 - 000000000 ____D C:\Users\Kamil\AppData\Local\CDWLauncher 2022-06-15 11:19 - 2022-06-15 11:19 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Krillbite Studio 2022-06-15 08:49 - 2022-06-15 08:49 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Great Boolean 2022-06-15 07:37 - 2022-06-15 07:37 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\VTree LLC 2022-06-14 11:43 - 2022-06-14 11:43 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Klei 2022-06-14 11:43 - 2022-06-14 11:43 - 000000000 ____D C:\Users\Kamil\AppData\Local\Klei 2022-06-12 04:41 - 2022-06-12 04:41 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Simula Games 2022-06-11 14:22 - 2022-06-11 15:04 - 000000000 ____D C:\ProgramData\BitDefender 2022-06-11 14:22 - 2022-06-11 14:22 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\BitDefender 2022-06-11 14:20 - 2022-06-11 14:23 - 000004096 _____ C:\Users\Public\Documents\000016A1.LCS 2022-06-11 08:19 - 2022-06-11 08:19 - 000000000 ____D C:\ProgramData\Ubisoft 2022-06-10 22:17 - 2022-06-11 08:49 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Microids 2022-06-10 20:55 - 2022-06-10 23:01 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-06-10 10:34 - 2022-06-10 10:34 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\RageSquid 2022-06-10 00:46 - 2022-06-10 07:16 - 000000000 ____D C:\Users\Kamil\AppData\Local\_ 2022-06-09 23:11 - 2022-06-09 23:11 - 000000000 ____D C:\Users\Kamil\.QtWebEngineProcess 2022-06-09 03:59 - 2022-06-09 03:59 - 000000000 ____D C:\Users\Kamil\AppData\Local\SniperElite4 2022-06-09 00:47 - 2022-06-09 00:47 - 000004096 _____ C:\Users\Public\Documents\00002DCE.LCS 2022-06-09 00:46 - 2022-06-09 00:46 - 000000000 ____D C:\Windows\SysWOW64\AGEIA 2022-06-09 00:46 - 2022-06-09 00:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2022-06-09 00:46 - 2022-06-09 00:46 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies 2022-06-08 05:41 - 2022-06-08 05:41 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\D-BOX 2022-06-08 05:18 - 2022-06-08 05:18 - 000000000 ____D C:\Users\Public\Documents\Catch! 2022-06-07 20:10 - 2022-06-07 20:10 - 000000000 ____D C:\Users\Kamil\Dokuments 2022-06-07 20:06 - 2022-06-08 05:19 - 000000000 ____D C:\Users\Public\Documents\Steam 2022-06-07 14:19 - 2022-06-07 14:19 - 000000000 ____D C:\Users\Kamil\AppData\Local\StrikeForce 2022-06-07 13:40 - 2022-06-07 13:40 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\DefaultCompany 2022-06-07 02:02 - 2022-06-24 21:13 - 000000000 ____D C:\Windows\system32\Tasks\Service 2022-06-07 02:02 - 2022-06-16 06:06 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\ServiceGet 2022-06-07 01:56 - 2022-06-24 16:19 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\iTop Data Recovery 2022-06-07 01:56 - 2022-06-07 01:56 - 000000000 ____D C:\ProgramData\iTop 2022-06-07 01:55 - 2022-06-07 02:25 - 000000000 ____D C:\ProgramData\{150F4013-6884-4350-8DDC-6BFCB4C5DC15} 2022-06-07 01:55 - 2022-06-07 02:16 - 000000000 ____D C:\ProgramData\ProductData 2022-06-07 01:43 - 2022-06-07 01:43 - 000000000 ____D C:\Users\Kamil\AppData\Local\RM 2022-06-05 22:33 - 2022-06-05 22:33 - 000000000 ____D C:\ProgramData\EA Core 2022-06-05 21:29 - 2022-06-05 22:33 - 000000000 ____D C:\Program Files\VS Revo Group 2022-06-05 21:29 - 2022-06-05 21:29 - 000001037 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2022-06-05 21:29 - 2022-06-05 21:29 - 000000000 ____D C:\Users\Kamil\AppData\Local\VS Revo Group 2022-06-05 21:29 - 2022-06-05 21:29 - 000000000 ____D C:\ProgramData\VS Revo Group 2022-06-05 21:29 - 2022-06-05 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2022-06-05 21:29 - 2020-09-29 08:54 - 000047280 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys 2022-06-05 20:35 - 2022-06-05 20:35 - 000189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2022-06-05 20:35 - 2022-06-05 20:35 - 000189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2022-06-05 20:35 - 2022-06-05 20:35 - 000075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2022-06-05 19:53 - 2011-10-10 16:42 - 002580552 ____R C:\Windows\SysWOW64\pbsvc.exe 2022-06-05 18:29 - 2022-06-05 18:29 - 000000000 ____D C:\Users\Kamil\AppData\Local\Battlefield 4 Launcher 2022-06-04 14:19 - 2022-06-24 21:57 - 000000000 ____D C:\ProgramData\Piriform 2022-06-03 20:12 - 2022-06-03 20:18 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Render System 2022-06-03 20:12 - 2022-06-03 20:12 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\DOGE 2022-06-03 20:04 - 2022-06-03 20:04 - 000000000 ____D C:\Users\Kamil\AppData\Local\GameAnalytics 2022-06-03 14:07 - 2022-06-04 06:35 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Spiral Circus 2022-06-03 09:26 - 2022-06-03 09:26 - 000000000 ___HD C:\Users\Kamil\AppData\Roaming\twt2.nacon.anzu 2022-06-02 22:42 - 2022-06-02 22:42 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\WinRAR 2022-06-02 22:41 - 2022-06-24 16:19 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-06-02 22:41 - 2022-06-02 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-06-02 22:41 - 2022-06-02 22:41 - 000000000 ____D C:\Program Files\WinRAR 2022-06-01 18:19 - 2022-06-01 18:19 - 000000000 ____D C:\Users\Kamil\AppData\Local\NVIDIA Corporation 2022-06-01 16:21 - 2022-06-01 16:21 - 000000000 ____D C:\Users\Kamil\AppData\Local\SuperToyCarsOffroad 2022-06-01 16:20 - 2022-06-01 16:20 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Eclipse Games S_C_ 2022-06-01 16:20 - 2022-06-01 16:20 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Eclipse Games S.C_ 2022-06-01 16:20 - 2022-06-01 16:20 - 000000000 ____D C:\Users\Kamil\AppData\Local\Super Toy Cars Offroad 2022-06-01 14:01 - 2022-06-01 16:28 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Lavasoft 2022-06-01 14:01 - 2022-06-01 16:28 - 000000000 ____D C:\ProgramData\Lavasoft 2022-06-01 14:01 - 2022-06-01 14:02 - 000000000 ____D C:\Users\Kamil\AppData\Local\Lavasoft 2022-06-01 14:01 - 2022-06-01 14:01 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys 2022-06-01 13:59 - 2022-06-01 13:59 - 000000000 ____D C:\Users\Kamil\AppData\Local\Adaware 2022-06-01 12:59 - 2022-06-03 01:01 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Goldberg SocialClub Emu Saves ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-24 23:05 - 2011-01-29 15:58 - 000741288 _____ C:\Windows\system32\perfh015.dat 2022-06-24 23:05 - 2011-01-29 15:58 - 000156336 _____ C:\Windows\system32\perfc015.dat 2022-06-24 23:05 - 2009-07-14 07:13 - 001673180 _____ C:\Windows\system32\PerfStringBackup.INI 2022-06-24 23:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2022-06-24 23:02 - 2017-01-05 00:28 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Mozilla 2022-06-24 23:01 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-06-24 23:00 - 2009-07-14 06:45 - 000037648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-06-24 23:00 - 2009-07-14 06:45 - 000037648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-06-24 22:56 - 2022-05-17 20:45 - 000000000 ____D C:\GRY 2022-06-24 22:56 - 2018-01-22 09:57 - 000000000 ____D C:\mejle 2022-06-24 22:54 - 2016-07-11 19:07 - 000000000 ____D C:\Users\Kamil 2022-06-24 21:13 - 2017-12-26 19:53 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Temp 2022-06-24 21:13 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2022-06-24 18:36 - 2016-07-11 19:25 - 000000000 __SHD C:\Users\Kamil\IntelGraphicsProfiles 2022-06-24 16:19 - 2022-05-20 11:19 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Milestone 2022-06-24 16:19 - 2022-05-19 08:44 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Windows Updates Files 2022-06-24 16:19 - 2022-05-18 07:46 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\ProtectDISC 2022-06-24 16:19 - 2021-12-29 14:52 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\ProductAuthenticationService 2022-06-24 16:19 - 2021-12-23 17:35 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Steam 2022-06-24 16:19 - 2021-03-16 07:50 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\2K Sports 2022-06-24 16:19 - 2020-05-18 00:40 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Light 2022-06-24 16:19 - 2020-03-01 14:58 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\UnrealEngine 2022-06-24 16:19 - 2020-03-01 14:58 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Arise 2022-06-24 16:19 - 2016-12-07 07:15 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Opera Software 2022-06-24 16:19 - 2016-10-24 09:31 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Reallusion 2022-06-24 16:19 - 2016-09-02 19:36 - 000000000 ____D C:\Windows\Minidump 2022-06-24 16:19 - 2016-08-22 05:28 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\SmartSteamEmu 2022-06-24 16:19 - 2016-07-11 14:35 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Canneverbe Limited 2022-06-24 16:19 - 2016-07-11 14:11 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Adobe 2022-06-24 16:19 - 2016-07-11 14:00 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Mozilla 2022-06-24 16:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration 2022-06-24 07:00 - 2016-07-11 19:07 - 000000000 ____D C:\Users\Kamil\AppData\Local\VirtualStore 2022-06-24 06:59 - 2020-03-16 07:26 - 000000000 ____D C:\Program Files (x86)\directx 2022-06-24 06:53 - 2020-08-13 21:18 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2022-06-23 08:44 - 2016-07-11 19:22 - 000000000 ____D C:\ProgramData\Package Cache 2022-06-23 08:43 - 2018-01-06 23:11 - 000000000 ___HD C:\Windows\msdownld.tmp 2022-06-23 08:43 - 2016-10-15 23:45 - 000000000 ____D C:\Windows\SysWOW64\directx 2022-06-23 07:08 - 2020-04-24 22:47 - 000004098 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1587761263 2022-06-22 13:40 - 2016-07-12 18:27 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Unity 2022-06-19 09:57 - 2020-12-21 16:50 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-06-19 09:56 - 2020-12-21 16:50 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2022-06-17 15:54 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2022-06-10 23:01 - 2021-10-07 07:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-06-10 23:01 - 2017-12-06 22:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-06-10 06:22 - 2009-07-14 07:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2022-06-10 00:09 - 2021-03-22 19:01 - 000000000 ____D C:\ProgramData\Electronic Arts 2022-06-07 14:19 - 2017-08-20 11:20 - 000000000 ____D C:\Users\Kamil\AppData\Local\UnrealEngine 2022-06-07 02:22 - 2020-02-17 16:19 - 000003486 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2022-06-07 02:22 - 2020-02-17 16:19 - 000003358 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-06-07 01:59 - 2018-01-06 23:14 - 000000000 ____D C:\ProgramData\Wargaming.net 2022-06-07 01:42 - 2017-04-19 19:22 - 000000000 ____D C:\Program Files (x86)\Google 2022-06-06 11:17 - 2016-07-11 14:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2022-06-05 17:50 - 2016-07-11 19:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-06-03 19:54 - 2021-02-26 10:12 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\HB Studios Multimedia Ltd_ 2022-06-01 22:06 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2022-06-01 16:41 - 2021-02-26 10:12 - 000000000 ____D C:\Users\Kamil\AppData\Local\SKIDROW 2022-06-01 13:37 - 2022-02-09 02:09 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-06-01 00:47 - 2022-03-09 11:05 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-06-01 00:47 - 2020-02-17 16:21 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-03-01 14:58 - 2022-02-12 21:00 - 000001536 _____ () C:\Users\Kamil\AppData\Local\GfxMetrics.cfg 2022-02-12 21:00 - 2022-02-12 21:00 - 000169472 _____ () C:\Users\Kamil\AppData\Local\GfxMetrics.dat 2019-08-23 01:25 - 2019-08-23 01:25 - 000029514 _____ () C:\Users\Kamil\AppData\Local\recently-used.xbel 2020-02-22 22:36 - 2020-02-22 22:36 - 000000000 _____ () C:\Users\Kamil\AppData\Local\{21CEDA1D-8355-4C81-8B68-2B7071B5E5BD} ==================== FLock ============================== 2022-06-24 16:26 C:\Windows\windefender.exe ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2022-06-21 04:02 ==================== Koniec FRST.txt ========================