Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 24-06-2022 01 Uruchomiony przez Kamil (administrator) KOMPUTER (Gigabyte Technology Co., Ltd. B85M-D3H) (26-06-2022 22:55:05) Uruchomiony z C:\Users\Kamil\Downloads Załadowane profile: Kamil Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\Run: [SysHelper] => C:\Users\Kamil\AppData\Local\21c19807-da64-453b-ba64-8582fd23dbb1\9FQwbgb051ULLdKsOdWAGV6p.exe [858112 2022-06-24] () [Brak podpisu cyfrowego] <==== UWAGA HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [480712 2022-06-25] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {20700eb7-5c43-11ea-8fdd-408d5cb4bdad} - F:\setup.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {2c737e93-e239-11ea-afc8-408d5cb4bdad} - G:\setup.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {41aec5d0-7548-11eb-a927-408d5cb4bdad} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {556b71fa-8327-11eb-ac51-408d5cb4bdad} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {73617d41-6b95-11eb-bfbe-408d5cb4bdad} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {90e076ac-4789-11e6-94b8-806e6f6e6963} - D:\Run.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {a7cef0f5-6f4e-11e9-b503-408d5cb4bdad} - E:\Lenovo_Suite.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {cbedadb4-c6d2-11ea-824e-408d5cb4bdad} - F:\setup.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {e1b53b0f-d797-11ea-a7ca-408d5cb4bdad} - H:\setup.exe HKU\S-1-5-21-4182285792-3264255131-334601476-1000\...\MountPoints2: {ec3a3d49-5297-11ea-80b8-408d5cb4bdad} - F:\setup.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-01] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0EE790A5-9DCA-433A-B44F-69ED960EECDD} - System32\Tasks\Microsoft\Windows\microsoft-windows-system-utildget => C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe /u C:\ProgramData\ServicesConf\AutienthpShare\Izspovpr_eell.dll Task: {1130987A-356B-4F16-B321-7C9CC6C1A79A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {12ABF29C-115B-4D07-8754-DC93CE04A616} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-25] (Google Inc -> Google Inc.) Task: {1B2115AF-41DE-4247-83DE-F074EFD439BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {318E2A33-0503-45B5-8603-F7A9607D0C3C} - System32\Tasks\PowerControl HR => C:\Program [Argument = Files (x86)\PowerControl\PowerControl_Svc.exe] Task: {61BB5F89-B03F-471D-9EAA-89A11AAE8CC8} - System32\Tasks\Opera scheduled Autoupdate 1587761263 => C:\Users\Kamil\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software) Task: {63516765-0490-43B7-9156-09A07F1A85A4} - System32\Tasks\Opera scheduled assistant Autoupdate 1587761263 => C:\Users\Kamil\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kamil\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {719F1399-9CFA-442E-8BC0-96BD00F4262E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation) Task: {868BE7A2-C897-433B-82AB-552C037BE7AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-25] (Google Inc -> Google Inc.) Task: {A2CC583E-5C4C-4825-8EFF-FC247D1B4714} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {A74BA063-3828-4477-BF94-1EEC93EFC6BE} - System32\Tasks\Time Trigger Task => C:\Users\Kamil\AppData\Local\21c19807-da64-453b-ba64-8582fd23dbb1\9FQwbgb051ULLdKsOdWAGV6p.exe [858112 2022-06-24] () [Brak podpisu cyfrowego] <==== UWAGA Task: {DDDAA756-7B77-4EEF-B93B-272059D0D280} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4182285792-3264255131-334601476-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {DF4428E4-B25C-41F3-B939-66C538270EE0} - System32\Tasks\PowerControl LG => C:\Program [Argument = Files (x86)\PowerControl\PowerControl_Svc.exe] (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) AutoConfigURL: [S-1-5-21-4182285792-3264255131-334601476-1000] => hxxp://35.236.159.79/win.pac <==== UWAGA Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1DAD4D73-4A90-4FF4-BF6D-51312306C341}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B25CF1D0-CACA-4A03-8539-9381F924933E}: [DhcpNameServer] 194.204.152.34 194.204.159.1 Tcpip\..\Interfaces\{B490AF5A-BBDC-44AB-84F8-EBC919BC80C7}: [DhcpNameServer] 192.168.42.129 ManualProxies: 0hxxp://35.236.159.79/win.pac <==== UWAGA FireFox: ======== FF DefaultProfile: 0kfsegm4.default FF DefaultProfile: qsguo7v9.default FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\0kfsegm4.default [2022-06-26] FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ez21a8at.default-release [2022-06-26] FF Notifications: Mozilla\Firefox\Profiles\ez21a8at.default-release -> hxxps://www.instagram.com FF Extension: (AdBlocker Ultimate) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ez21a8at.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-06-26] FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Light\Light\Profiles\qsguo7v9.default [2022-06-24] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-06-05] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default [2022-06-26] CHR Notifications: Default -> hxxps://ekspert.streetcom.pl; hxxps://panel.marketagent.com; hxxps://pl.aliexpress.com; hxxps://poczta.wp.pl; hxxps://www.youtube.com CHR Extension: (Brak nazwy) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\dongaamiklnflgpdldminnnbbjnmjdal [2021-04-29] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-25] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] Opera: ======= OPR Profile: C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable [2022-06-26] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-06-24] OPR Extension: (Opera Crypto Wallet) - C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-06-26] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-06-24] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) S2 AppServicen; C:\Windows\system32\VPUK7KTTEJ.tmp [6144 2022-06-26] (Microsoft Corporation) [Brak podpisu cyfrowego] <==== UWAGA S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4959176 2022-06-25] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2022-06-05] (Even Balance, Inc. -> ) R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2022-06-05] (Even Balance, Inc. -> ) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1930240 2013-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R1 BdfNdisf; C:\Windows\System32\DRIVERS\BdfNdisf6.sys [87048 2009-10-19] (BITDEFENDER LLC -> BitDefender LLC) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2020-02-18] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [63696 2022-06-25] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 gdrv; C:\Windows\gdrv.sys [26192 2016-10-15] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider) S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider) S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated) [Brak podpisu cyfrowego] U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [10848 2000-01-07] () [Brak podpisu cyfrowego] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-26 22:55 - 2022-06-26 22:55 - 000013882 _____ C:\Users\Kamil\Downloads\FRST.txt 2022-06-26 22:54 - 2022-06-26 22:54 - 002369024 _____ (Farbar) C:\Users\Kamil\Downloads\FRST64.exe 2022-06-26 22:41 - 2022-06-26 22:54 - 000000000 ____D C:\Users\Kamil\Downloads\FRST-OlderVersion 2022-06-26 22:41 - 2022-06-26 22:49 - 002369358 _____ C:\Users\Kamil\Downloads\FRST64.exe.eijy 2022-06-26 22:41 - 2022-06-26 22:49 - 000033382 _____ C:\Users\Kamil\Downloads\FRST.txt.eijy 2022-06-26 22:41 - 2022-06-26 22:49 - 000026177 _____ C:\Users\Kamil\Downloads\Addition.txt.eijy 2022-06-26 19:28 - 2022-06-26 19:28 - 000001111 _____ C:\Users\Kamil\_readme.txt 2022-06-26 19:14 - 2022-06-26 19:14 - 000003714 _____ C:\Windows\system32\Tasks\Time Trigger Task 2022-06-26 19:14 - 2022-06-26 19:14 - 000000000 ____D C:\Users\Kamil\AppData\Local\281ea0e5-4725-462e-9778-96da56229b9d 2022-06-26 19:14 - 2022-06-26 19:14 - 000000000 ____D C:\Users\Kamil\AppData\Local\21c19807-da64-453b-ba64-8582fd23dbb1 2022-06-26 01:11 - 2022-06-26 01:11 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-06-26 01:11 - 2022-06-26 01:11 - 000000884 _____ C:\Users\Public\Desktop\Firefox.lnk 2022-06-26 01:11 - 2022-06-26 01:11 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-06-25 10:22 - 2022-06-25 23:53 - 000000000 ____D C:\Program Files (x86)\Ubisoft 2022-06-25 02:33 - 2022-06-25 22:10 - 000000000 ____D C:\Users\Kamil\Documents\FIFA 14 2022-06-25 02:32 - 2022-06-25 02:32 - 000000931 _____ C:\Users\Public\Desktop\FIFA 14 - Ultimate Edition.lnk 2022-06-25 02:32 - 2022-06-25 02:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14 - Ultimate Edition 2022-06-25 01:56 - 2022-06-25 01:56 - 000000000 ____D C:\ProgramData\Origin 2022-06-25 00:39 - 2022-06-25 00:39 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\DAEMON Tools Lite 2022-06-25 00:38 - 2022-06-25 00:38 - 000001633 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2022-06-25 00:38 - 2022-06-25 00:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite 2022-06-25 00:35 - 2022-06-25 00:35 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2022-06-24 23:21 - 2022-06-26 15:55 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\VPUK7KTTEJ.tmp 2022-06-24 23:21 - 2022-06-24 23:21 - 000000000 ____D C:\Users\Kamil\AppData\Local\1c636686-7cf4-4ab0-98b7-699518e6805d 2022-06-24 17:10 - 2022-06-26 22:55 - 000000000 ____D C:\FRST 2022-06-24 16:26 - 2022-06-24 16:26 - 002103296 ____H C:\Windows\windefender.exe 2022-06-24 16:21 - 2022-06-24 16:21 - 000023272 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\WinmonFS.sys 2022-06-24 16:21 - 2022-06-24 16:21 - 000013312 _____ C:\Windows\system32\Drivers\WinmonProcessMonitor.sys 2022-06-24 16:21 - 2022-06-24 16:21 - 000009352 _____ C:\Windows\system32\Drivers\Winmon.sys 2022-06-24 16:21 - 2022-06-24 16:21 - 000000000 ____D C:\SystemID 2022-06-24 16:10 - 2022-06-24 16:12 - 000000000 ____D C:\Users\Kamil\AppData\Local\c2d746e8-a411-4ebb-a52a-db36c90cf0c6 2022-06-24 16:06 - 2022-06-24 16:06 - 000000000 ____D C:\Users\Kamil\AppData\Local\mbam 2022-06-24 16:06 - 2022-06-24 16:06 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-06-24 15:50 - 2022-06-24 18:32 - 000000000 ____D C:\Users\Kamil\AppData\Local\CrashDumps 2022-06-24 07:02 - 2022-06-24 16:19 - 000000000 ____D C:\ProgramData\AVG 2022-06-24 07:01 - 2022-06-24 07:01 - 000269168 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2022-06-24 07:00 - 2022-06-24 07:00 - 000000000 _____ C:\Windows\system32\userDns.conf 2022-06-24 06:53 - 2022-06-24 16:19 - 000000000 ___HD C:\Windows\rss 2022-06-24 06:53 - 2022-06-24 06:53 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe 2022-06-24 06:53 - 2022-06-24 06:53 - 000684984 _____ (Mozilla Foundation) C:\Users\Kamil\AppData\LocalLow\freebl3.dll 2022-06-24 06:53 - 2022-06-24 06:53 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe 2022-06-24 06:53 - 2022-06-24 06:53 - 000627128 _____ (Mozilla Foundation) C:\Users\Kamil\AppData\LocalLow\mozglue.dll 2022-06-24 06:53 - 2022-06-24 06:53 - 000254392 _____ (Mozilla Foundation) C:\Users\Kamil\AppData\LocalLow\softokn3.dll 2022-06-24 06:53 - 2022-06-24 06:53 - 000003540 _____ C:\Windows\system32\Tasks\PowerControl HR 2022-06-24 06:53 - 2022-06-24 06:53 - 000003284 _____ C:\Windows\system32\Tasks\PowerControl LG 2022-06-24 06:53 - 2022-06-24 06:53 - 000000162 _____ C:\Users\Kamil\AppData\LocalLow\nssdbm3.dll 2022-06-24 06:53 - 2022-06-24 06:53 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\shftool 2022-06-24 06:53 - 2022-06-24 06:53 - 000000000 ____D C:\Users\Kamil\AppData\Local\Yandex 2022-06-24 06:53 - 2022-06-24 06:53 - 000000000 ____D C:\Program Files (x86)\PowerControl 2022-06-22 22:40 - 2022-06-23 06:52 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Sekiro 2022-06-22 13:48 - 2022-06-22 13:49 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Shadwen 2022-06-22 11:57 - 2022-06-22 13:42 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Game Labs 2022-06-19 23:35 - 2022-06-19 23:35 - 000000000 ____D C:\Users\Kamil\AppData\Local\The Witcher 2 2022-06-19 19:21 - 2022-06-19 19:21 - 000000000 ____D C:\Users\Kamil\.ms-ad 2022-06-19 01:53 - 2022-06-19 01:53 - 084287488 _____ C:\Windows\system32\config\SOFTWARE.blues 2022-06-19 01:53 - 2022-06-19 01:53 - 024133632 _____ C:\Windows\system32\config\SYSTEM.blues 2022-06-19 01:53 - 2022-06-19 01:53 - 001314816 _____ C:\Windows\system32\config\DEFAULT.blues 2022-06-19 01:53 - 2022-06-19 01:53 - 000065536 _____ C:\Windows\system32\config\SAM.blues 2022-06-19 01:53 - 2022-06-19 01:53 - 000028672 _____ C:\Windows\system32\config\SECURITY.blues 2022-06-19 01:49 - 2022-06-24 16:19 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\BlueSprig 2022-06-17 17:30 - 2022-06-17 17:30 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Ivanovich Games 2022-06-17 17:22 - 2022-06-24 16:19 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Summer Games 2022-06-15 16:48 - 2022-06-15 16:48 - 000000000 ____D C:\Users\Kamil\AppData\Local\CDWLauncher 2022-06-15 11:19 - 2022-06-15 11:19 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Krillbite Studio 2022-06-15 08:49 - 2022-06-15 08:49 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Great Boolean 2022-06-15 07:37 - 2022-06-15 07:37 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\VTree LLC 2022-06-14 11:43 - 2022-06-14 11:43 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Klei 2022-06-14 11:43 - 2022-06-14 11:43 - 000000000 ____D C:\Users\Kamil\AppData\Local\Klei 2022-06-12 04:41 - 2022-06-12 04:41 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Simula Games 2022-06-11 14:22 - 2022-06-11 15:04 - 000000000 ____D C:\ProgramData\BitDefender 2022-06-11 14:22 - 2022-06-11 14:22 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\BitDefender 2022-06-11 14:20 - 2022-06-11 14:23 - 000004096 _____ C:\Users\Public\Documents\000016A1.LCS 2022-06-10 22:17 - 2022-06-11 08:49 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Microids 2022-06-10 10:34 - 2022-06-10 10:34 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\RageSquid 2022-06-10 00:46 - 2022-06-10 07:16 - 000000000 ____D C:\Users\Kamil\AppData\Local\_ 2022-06-09 23:11 - 2022-06-09 23:11 - 000000000 ____D C:\Users\Kamil\.QtWebEngineProcess 2022-06-09 03:59 - 2022-06-09 03:59 - 000000000 ____D C:\Users\Kamil\AppData\Local\SniperElite4 2022-06-09 00:47 - 2022-06-09 00:47 - 000004096 _____ C:\Users\Public\Documents\00002DCE.LCS 2022-06-09 00:46 - 2022-06-09 00:46 - 000000000 ____D C:\Windows\SysWOW64\AGEIA 2022-06-09 00:46 - 2022-06-09 00:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2022-06-09 00:46 - 2022-06-09 00:46 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies 2022-06-08 05:41 - 2022-06-08 05:41 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\D-BOX 2022-06-08 05:18 - 2022-06-08 05:18 - 000000000 ____D C:\Users\Public\Documents\Catch! 2022-06-07 20:10 - 2022-06-26 19:16 - 000000000 ____D C:\Users\Kamil\Dokuments 2022-06-07 20:06 - 2022-06-08 05:19 - 000000000 ____D C:\Users\Public\Documents\Steam 2022-06-07 14:19 - 2022-06-07 14:19 - 000000000 ____D C:\Users\Kamil\AppData\Local\StrikeForce 2022-06-07 13:40 - 2022-06-07 13:40 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\DefaultCompany 2022-06-07 02:02 - 2022-06-24 21:13 - 000000000 ____D C:\Windows\system32\Tasks\Service 2022-06-07 02:02 - 2022-06-16 06:06 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\ServiceGet 2022-06-07 01:56 - 2022-06-24 16:19 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\iTop Data Recovery 2022-06-07 01:56 - 2022-06-07 01:56 - 000000000 ____D C:\ProgramData\iTop 2022-06-07 01:55 - 2022-06-07 02:25 - 000000000 ____D C:\ProgramData\{150F4013-6884-4350-8DDC-6BFCB4C5DC15} 2022-06-07 01:55 - 2022-06-07 02:16 - 000000000 ____D C:\ProgramData\ProductData 2022-06-07 01:43 - 2022-06-07 01:43 - 000000000 ____D C:\Users\Kamil\AppData\Local\RM 2022-06-05 22:33 - 2022-06-05 22:33 - 000000000 ____D C:\ProgramData\EA Core 2022-06-05 21:29 - 2022-06-05 22:33 - 000000000 ____D C:\Program Files\VS Revo Group 2022-06-05 21:29 - 2022-06-05 21:29 - 000001037 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2022-06-05 21:29 - 2022-06-05 21:29 - 000000000 ____D C:\Users\Kamil\AppData\Local\VS Revo Group 2022-06-05 21:29 - 2022-06-05 21:29 - 000000000 ____D C:\ProgramData\VS Revo Group 2022-06-05 21:29 - 2022-06-05 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2022-06-05 21:29 - 2020-09-29 08:54 - 000047280 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys 2022-06-05 20:35 - 2022-06-05 20:35 - 000189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2022-06-05 20:35 - 2022-06-05 20:35 - 000189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2022-06-05 20:35 - 2022-06-05 20:35 - 000075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2022-06-05 19:53 - 2011-10-10 16:42 - 002580552 ____R C:\Windows\SysWOW64\pbsvc.exe 2022-06-05 18:29 - 2022-06-05 18:29 - 000000000 ____D C:\Users\Kamil\AppData\Local\Battlefield 4 Launcher 2022-06-04 14:19 - 2022-06-24 21:57 - 000000000 ____D C:\ProgramData\Piriform 2022-06-03 20:12 - 2022-06-03 20:18 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Render System 2022-06-03 20:12 - 2022-06-03 20:12 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\DOGE 2022-06-03 20:04 - 2022-06-03 20:04 - 000000000 ____D C:\Users\Kamil\AppData\Local\GameAnalytics 2022-06-03 14:07 - 2022-06-04 06:35 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Spiral Circus 2022-06-03 09:26 - 2022-06-03 09:26 - 000000000 ___HD C:\Users\Kamil\AppData\Roaming\twt2.nacon.anzu 2022-06-02 22:42 - 2022-06-02 22:42 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\WinRAR 2022-06-02 22:41 - 2022-06-24 16:19 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-06-02 22:41 - 2022-06-02 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-06-02 22:41 - 2022-06-02 22:41 - 000000000 ____D C:\Program Files\WinRAR 2022-06-01 18:19 - 2022-06-01 18:19 - 000000000 ____D C:\Users\Kamil\AppData\Local\NVIDIA Corporation 2022-06-01 16:21 - 2022-06-01 16:21 - 000000000 ____D C:\Users\Kamil\AppData\Local\SuperToyCarsOffroad 2022-06-01 16:20 - 2022-06-01 16:20 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Eclipse Games S_C_ 2022-06-01 16:20 - 2022-06-01 16:20 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Eclipse Games S.C_ 2022-06-01 16:20 - 2022-06-01 16:20 - 000000000 ____D C:\Users\Kamil\AppData\Local\Super Toy Cars Offroad 2022-06-01 14:01 - 2022-06-01 16:28 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Lavasoft 2022-06-01 14:01 - 2022-06-01 16:28 - 000000000 ____D C:\ProgramData\Lavasoft 2022-06-01 14:01 - 2022-06-01 14:02 - 000000000 ____D C:\Users\Kamil\AppData\Local\Lavasoft 2022-06-01 14:01 - 2022-06-01 14:01 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys 2022-06-01 13:59 - 2022-06-01 13:59 - 000000000 ____D C:\Users\Kamil\AppData\Local\Adaware 2022-06-01 12:59 - 2022-06-03 01:01 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Goldberg SocialClub Emu Saves ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-26 22:45 - 2022-02-09 02:09 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-06-26 22:44 - 2017-01-05 00:28 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Mozilla 2022-06-26 22:26 - 2011-01-29 15:58 - 000741288 _____ C:\Windows\system32\perfh015.dat 2022-06-26 22:26 - 2011-01-29 15:58 - 000156336 _____ C:\Windows\system32\perfc015.dat 2022-06-26 22:26 - 2009-07-14 07:13 - 001673180 _____ C:\Windows\system32\PerfStringBackup.INI 2022-06-26 22:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2022-06-26 19:28 - 2022-05-17 20:45 - 000000000 ____D C:\GRY 2022-06-26 19:28 - 2016-07-11 19:07 - 000000000 ____D C:\Users\Kamil 2022-06-26 18:55 - 2009-07-14 06:45 - 000037648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-06-26 18:55 - 2009-07-14 06:45 - 000037648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-06-26 18:48 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-06-26 01:12 - 2016-07-11 14:00 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Mozilla 2022-06-26 01:11 - 2017-12-06 22:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-06-26 01:11 - 2016-07-11 14:00 - 000000000 ____D C:\Users\Kamil\AppData\Local\Mozilla 2022-06-25 23:53 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2022-06-25 00:39 - 2020-08-13 21:19 - 000063696 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2022-06-25 00:38 - 2020-08-13 21:18 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2022-06-25 00:38 - 2020-07-15 21:43 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Disc-Soft 2022-06-25 00:35 - 2020-07-15 21:43 - 000000000 ____D C:\ProgramData\Disc-Soft 2022-06-24 21:13 - 2017-12-26 19:53 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Temp 2022-06-24 21:13 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2022-06-24 18:36 - 2016-07-11 19:25 - 000000000 __SHD C:\Users\Kamil\IntelGraphicsProfiles 2022-06-24 16:19 - 2022-05-20 11:19 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Milestone 2022-06-24 16:19 - 2022-05-19 08:44 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Windows Updates Files 2022-06-24 16:19 - 2022-05-18 07:46 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\ProtectDISC 2022-06-24 16:19 - 2021-12-29 14:52 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\ProductAuthenticationService 2022-06-24 16:19 - 2021-12-23 17:35 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Steam 2022-06-24 16:19 - 2021-03-16 07:50 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\2K Sports 2022-06-24 16:19 - 2020-05-18 00:40 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Light 2022-06-24 16:19 - 2020-03-01 14:58 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\UnrealEngine 2022-06-24 16:19 - 2020-03-01 14:58 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Arise 2022-06-24 16:19 - 2016-12-07 07:15 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Opera Software 2022-06-24 16:19 - 2016-10-24 09:31 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Reallusion 2022-06-24 16:19 - 2016-09-02 19:36 - 000000000 ____D C:\Windows\Minidump 2022-06-24 16:19 - 2016-08-22 05:28 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\SmartSteamEmu 2022-06-24 16:19 - 2016-07-11 14:35 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Canneverbe Limited 2022-06-24 16:19 - 2016-07-11 14:11 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Adobe 2022-06-24 16:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration 2022-06-24 07:00 - 2016-07-11 19:07 - 000000000 ____D C:\Users\Kamil\AppData\Local\VirtualStore 2022-06-24 06:59 - 2020-03-16 07:26 - 000000000 ____D C:\Program Files (x86)\directx 2022-06-23 08:44 - 2016-07-11 19:22 - 000000000 ____D C:\ProgramData\Package Cache 2022-06-23 08:43 - 2018-01-06 23:11 - 000000000 ___HD C:\Windows\msdownld.tmp 2022-06-23 08:43 - 2016-10-15 23:45 - 000000000 ____D C:\Windows\SysWOW64\directx 2022-06-23 07:08 - 2020-04-24 22:47 - 000004098 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1587761263 2022-06-22 13:40 - 2016-07-12 18:27 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Unity 2022-06-19 09:57 - 2020-12-21 16:50 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-06-19 09:56 - 2020-12-21 16:50 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2022-06-10 23:01 - 2021-10-07 07:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-06-10 06:22 - 2009-07-14 07:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2022-06-10 00:09 - 2021-03-22 19:01 - 000000000 ____D C:\ProgramData\Electronic Arts 2022-06-07 14:19 - 2017-08-20 11:20 - 000000000 ____D C:\Users\Kamil\AppData\Local\UnrealEngine 2022-06-07 02:22 - 2020-02-17 16:19 - 000003486 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2022-06-07 02:22 - 2020-02-17 16:19 - 000003358 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-06-07 01:59 - 2018-01-06 23:14 - 000000000 ____D C:\ProgramData\Wargaming.net 2022-06-07 01:42 - 2017-04-19 19:22 - 000000000 ____D C:\Program Files (x86)\Google 2022-06-06 11:17 - 2016-07-11 14:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2022-06-05 17:50 - 2016-07-11 19:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-06-03 19:54 - 2021-02-26 10:12 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\HB Studios Multimedia Ltd_ 2022-06-01 22:06 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2022-06-01 16:41 - 2021-02-26 10:12 - 000000000 ____D C:\Users\Kamil\AppData\Local\SKIDROW 2022-06-01 00:47 - 2022-03-09 11:05 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-06-01 00:47 - 2020-02-17 16:21 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-03-01 14:58 - 2022-02-12 21:00 - 000001536 _____ () C:\Users\Kamil\AppData\Local\GfxMetrics.cfg 2022-02-12 21:00 - 2022-02-12 21:00 - 000169472 _____ () C:\Users\Kamil\AppData\Local\GfxMetrics.dat 2019-08-23 01:25 - 2019-08-23 01:25 - 000029514 _____ () C:\Users\Kamil\AppData\Local\recently-used.xbel 2020-02-22 22:36 - 2020-02-22 22:36 - 000000000 _____ () C:\Users\Kamil\AppData\Local\{21CEDA1D-8355-4C81-8B68-2B7071B5E5BD} ==================== FLock ============================== 2022-06-24 16:26 C:\Windows\windefender.exe ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2022-06-26 13:36 ==================== Koniec FRST.txt ========================