Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 12-05-2023 01 Uruchomiony przez User (administrator) DEVANGELIS (Acer Aspire E5-772G) (13-05-2023 03:08:06) Uruchomiony z C:\Users\User\Desktop\FRST64 (1).exe Załadowane profile: User Platforma: Microsoft Windows 10 Home Wersja 22H2 19045.2965 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (DroidMonkey Apps, LLC -> ) C:\Program Files\KeePassXC\keepassxc-proxy.exe (C:\Program Files\CheckMAL\AppCheck\AppCheckS.exe ->) (CheckMAL Inc. -> CheckMAL Inc.) C:\Program Files\CheckMAL\AppCheck\AppCheck.exe (C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\74.0.3.0\crashpad_handler.exe <2> (C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe (C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler64.exe (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe <7> (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8> (msiexec.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (services.exe ->) (CheckMAL Inc. -> CheckMAL Inc.) C:\Program Files\CheckMAL\AppCheck\AppCheckS.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (ICEpower a/s -> ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572528 2021-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13134160 2023-05-02] (SteelSeries ApS -> SteelSeries ApS) HKLM\...\Run: [AppCheck Tray] => C:\Program Files\CheckMAL\AppCheck\AppCheck.exe [1960792 2023-04-05] (CheckMAL Inc. -> CheckMAL Inc.) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-03] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-03] (Google LLC -> Google, Inc.) HKU\S-1-5-21-1659238798-1047672378-217683653-1001\...\Run: [KeePassXC] => C:\Program Files\KeePassXC\KeePassXC.exe [5220096 2022-10-29] (DroidMonkey Apps, LLC -> KeePassXC Team) HKU\S-1-5-21-1659238798-1047672378-217683653-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-03] (Google LLC -> Google, Inc.) HKU\S-1-5-21-1659238798-1047672378-217683653-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [959856 2023-04-26] (Helpfeel Inc -> Helpfeel Inc.) HKU\S-1-5-21-1659238798-1047672378-217683653-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152224 2023-05-05] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1659238798-1047672378-217683653-1001\...\Run: [Ghostpress] => "C:\Users\User\Desktop\Ghostpress\Ghostpress.exe" -autostart (Brak pliku) HKU\S-1-5-21-1659238798-1047672378-217683653-1001\...\MountPoints2: {4f53eda0-a660-11e9-8a65-3065eca764e1} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1659238798-1047672378-217683653-1001\...\MountPoints2: {4f53ee04-a660-11e9-8a65-3065eca764e1} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-03] (Google LLC -> Google, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.93\Installer\chrmstp.exe [2023-05-12] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0BCC5E09-61B3-4EC8-B861-B574D89939CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2533564D-AA9B-4B6E-839A-534CF13DBF56} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3230B94C-585A-40FB-B5CD-C30C7A48D961} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [654784 2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {37920BA7-BE8C-4FA2-B63C-4512957B3E1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-21] (Google Inc -> Google Inc.) Task: {37ABD769-AA69-490E-884D-7D22160D3B29} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10514704 2023-04-26] (Helpfeel Inc -> Helpfeel Inc.) Task: {61FAB749-46E6-4DE5-AAA2-D3C115C42799} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6AB71A84-58E7-4D00-8FD1-86071FE7E803} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-13] (Mozilla Corporation -> Mozilla Foundation) Task: {77FE084A-7B69-4961-951F-EF382038EA1B} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7C297F56-CB86-49A6-A4A1-C23DF4C12592} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\User\Desktop\adwcleaner.exe/uninstall Task: {80DD36C3-2A64-45BB-B9D1-910D3847C833} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-05-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {8217B69E-0341-4623-B9CA-CEBD4EA98C03} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {947DB0EC-7C77-4FC6-B127-92B7811C4A33} - System32\Tasks\Ghostpress_SkipUAC_656807A4ABD7047E92FA6880E11F1868 => C:\Users\User\Desktop\Ghostpress\Ghostpress.exe (Brak pliku) Task: {A3C51D37-3411-4CC1-A2F8-9401D1219A25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A411B6D4-6A94-4ABA-A3B5-5E38D326DC0E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe (Brak pliku) Task: {A6A4377F-7118-43AC-8BB8-CB6A1CE880AB} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C1DEF959-A454-49ED-9BC7-203D102AE6D3} - System32\Tasks\Remove AdwCleaner Application => C:\Windows\system32\CMD.EXE [289792 2021-01-13] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "C:\Users\User\Desktop\adwcleaner.exe" Task: {DCD18134-AA63-4C77-BD0E-87942C73F09D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E25365F5-7970-47F9-8BA2-7B0145DEEADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F21473AB-3E0C-4559-AAD1-348FC9BDBD8E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-21] (Google Inc -> Google Inc.) Task: {FB5CBADC-AD3E-454A-9532-2E62015E8E8F} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10514704 2023-04-26] (Helpfeel Inc -> Helpfeel Inc.) Task: {FEC356C3-891A-4AB3-9DAF-9B0E0926B8AE} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.86.74 Tcpip\..\Interfaces\{b3a16f2e-c193-438e-a09c-e88061e92e0f}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{b3a16f2e-c193-438e-a09c-e88061e92e0f}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{f6b3642c-18e3-4cee-920e-4a481bc79f8b}: [DhcpNameServer] 192.168.86.74 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-13] Edge DownloadDir: Default -> C:\Users\User\Desktop Edge Notifications: Default -> hxxps://app.chime.aws; hxxps://tinder.com; hxxps://www.lento.pl Edge Extension: (LeechBlock NG) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\blaaajhemilngeeffpbfkdjjoefldkok [2023-03-15] Edge Extension: (Enhancer for YouTube™) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dlgfaleeejmphhnemjgiaekdbonkagkd [2023-03-30] Edge Extension: (Chrono menadżer pobierania) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2023-02-23] Edge Extension: (KeePassXC-Browser) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffhmdngciaglkoonimfcmckehcpafo [2023-04-11] Edge Extension: (Privacy Badger) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2023-05-11] FireFox: ======== FF DefaultProfile: rhl87m2u.default-1673016522364 FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rhl87m2u.default-1673016522364 [2023-05-13] FF Notifications: Mozilla\Firefox\Profiles\rhl87m2u.default-1673016522364 -> hxxps://www.youtube.com FF Extension: (Facebook Container) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rhl87m2u.default-1673016522364\Extensions\@contain-facebook.xpi [2023-03-09] FF Extension: (CanvasBlocker) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rhl87m2u.default-1673016522364\Extensions\CanvasBlocker@kkapsner.de.xpi [2023-05-13] FF Extension: (Cookie AutoDelete) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rhl87m2u.default-1673016522364\Extensions\CookieAutoDelete@kennydo.com.xpi [2023-05-13] FF Extension: (Enhancer for YouTube™) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rhl87m2u.default-1673016522364\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2023-03-09] FF Extension: (Consent Blocker) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rhl87m2u.default-1673016522364\Extensions\google-consent@defkev.xpi [2023-05-13] FF Extension: (Użyj Google Translate) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rhl87m2u.default-1673016522364\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2023-03-09] FF Extension: (AdBlocker for YouTube™) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rhl87m2u.default-1673016522364\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2023-03-09] FF Extension: (Image Search Options) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\rhl87m2u.default-1673016522364\Extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi [2023-03-09] FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Brak pliku] FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Brak pliku] FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Brak pliku] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Brak pliku] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Brak pliku] FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Brak pliku] FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Brak pliku] FF Plugin HKU\S-1-5-21-1659238798-1047672378-217683653-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Brak pliku] FF Plugin HKU\S-1-5-21-1659238798-1047672378-217683653-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Brak pliku] FF Plugin HKU\S-1-5-21-1659238798-1047672378-217683653-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Brak pliku] Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2023-05-13] CHR DownloadDir: C:\Users\User\Desktop CHR Notifications: Default -> hxxps://pl.aliexpress.com; hxxps://www.filmweb.pl; hxxps://www.kupbilecik.pl; hxxps://www.pyszne.pl; hxxps://www.wish.com CHR Extension: (uBlock Origin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-04-27] CHR Extension: (Cookie AutoDelete) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhcgjolkccmbidfldomjliifgaodjagh [2023-05-13] CHR Extension: (Word Online) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2018-12-21] CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-24] CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-11] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Enhancer for YouTube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle [2023-03-09] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2023-01-25] CHR HKU\S-1-5-21-1659238798-1047672378-217683653-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AppCheck; C:\Program Files\CheckMAL\AppCheck\AppCheckS.exe [1751664 2023-04-05] (CheckMAL Inc. -> CheckMAL Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9880840 2023-01-24] (BattlEye Innovations e.K. -> ) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [228848 2022-11-13] (HP Inc. -> HP Inc.) S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35152 2023-05-02] (SteelSeries ApS -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AppCheckD; C:\Program Files\CheckMAL\AppCheck\AppCheckD.sys [119032 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> CheckMAL Inc.) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2022-01-03] (Acer Incorporated -> Acer Incorporated) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2022-01-03] (Acer Incorporated -> Acer Incorporated) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [42912 2022-11-22] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [44456 2023-03-13] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation) S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-05-13 02:55 - 2023-05-13 02:55 - 000000000 ____D C:\Users\User\AppData\Local\ToastNotificationManagerCompat 2023-05-13 01:18 - 2023-05-13 01:18 - 002363152 _____ (kernel-panik) C:\Users\User\Desktop\kprm_2.13.exe 2023-05-13 01:10 - 2023-05-13 01:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppCheck 2023-05-13 01:10 - 2023-05-13 01:10 - 000000000 ____D C:\Program Files\CheckMAL 2023-05-13 01:09 - 2023-05-13 01:09 - 000000000 ____D C:\ProgramData\CheckMAL 2023-05-13 01:05 - 2023-05-13 01:05 - 000003174 _____ C:\WINDOWS\system32\Tasks\Ghostpress_SkipUAC_656807A4ABD7047E92FA6880E11F1868 2023-05-13 00:58 - 2023-05-13 02:48 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-05-13 00:25 - 2023-05-13 00:25 - 000032270 _____ C:\Users\User\Desktop\Shortcut.txt 2023-05-13 00:09 - 2023-05-13 00:25 - 000030934 _____ C:\Users\User\Desktop\Addition.txt 2023-05-12 23:57 - 2023-05-13 03:13 - 000024232 _____ C:\Users\User\Desktop\FRST.txt 2023-05-12 23:44 - 2023-05-12 23:44 - 002382848 _____ (Farbar) C:\Users\User\Desktop\FRST64 (1).exe 2023-05-12 18:40 - 2023-05-12 18:40 - 000000000 ___HD C:\$WinREAgent 2023-05-06 14:58 - 2023-05-06 14:58 - 000000000 _____ C:\Users\User\Desktop\so on.odt 2023-05-05 14:03 - 2023-05-05 14:04 - 000311011 _____ C:\Users\User\Desktop\Regulamin_promocji_Kupuję_teraz_spłacam_później.pdf 2023-04-29 23:08 - 2023-05-06 15:26 - 000001745 _____ C:\Users\User\Desktop\rap.txt 2023-04-29 06:49 - 2023-04-29 06:51 - 000000000 ____D C:\Users\User\.weasis 2023-04-29 06:49 - 2023-04-29 06:49 - 000000000 ____D C:\ProgramData\Oracle 2023-04-24 06:51 - 2023-04-24 06:51 - 000000000 ____D C:\Users\User\Desktop\UMOWA_____PRD_010_0011386451_00002 ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-05-13 03:17 - 2018-12-20 16:54 - 000000000 ___SD C:\Users\User\AppData\Roaming\Microsoft\Credentials 2023-05-13 03:11 - 2023-01-10 22:10 - 000000000 ____D C:\FRST 2023-05-13 03:09 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-05-13 03:04 - 2018-12-21 19:54 - 000000000 ____D C:\Program Files (x86)\Google 2023-05-13 02:50 - 2022-02-09 17:01 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-05-13 02:48 - 2023-01-06 16:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-05-13 02:48 - 2023-01-06 16:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-05-13 02:45 - 2022-11-20 20:59 - 000000000 ____D C:\Users\User\AppData\Local\KeePassXC 2023-05-13 02:40 - 2018-12-20 16:54 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles 2023-05-13 02:40 - 2018-12-20 16:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2023-05-13 02:39 - 2018-12-20 16:16 - 000000000 ____D C:\ProgramData\NVIDIA 2023-05-13 02:37 - 2020-06-11 13:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-05-13 02:37 - 2020-06-11 12:46 - 000008192 ___SH C:\DumpStack.log.tmp 2023-05-13 02:36 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-05-13 02:15 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-05-13 01:59 - 2023-03-07 22:59 - 000000000 ____D C:\Riot Games 2023-05-13 01:58 - 2020-10-25 02:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2023-05-13 01:57 - 2023-01-12 19:46 - 000000000 ____D C:\Users\User\AppData\Roaming\Easeware 2023-05-13 01:52 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-05-13 01:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-05-13 01:51 - 2018-12-20 16:54 - 000000000 ____D C:\Users\User\AppData\Local\Packages 2023-05-13 01:50 - 2019-03-21 18:25 - 000000000 ____D C:\Users\User\AppData\Roaming\Zoom 2023-05-13 01:39 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-05-13 00:19 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2023-05-12 23:27 - 2018-12-21 18:43 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-05-12 23:21 - 2021-07-09 12:47 - 000000505 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2023-05-12 23:19 - 2020-06-11 12:55 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-05-12 23:19 - 2019-12-07 17:08 - 000785594 _____ C:\WINDOWS\system32\perfh015.dat 2023-05-12 23:19 - 2019-12-07 17:08 - 000152454 _____ C:\WINDOWS\system32\perfc015.dat 2023-05-12 21:01 - 2020-06-11 12:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-05-12 19:50 - 2020-09-24 11:24 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps 2023-05-12 19:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-05-12 19:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-05-12 19:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-05-12 19:22 - 2020-06-11 12:52 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-05-12 14:19 - 2018-12-21 19:55 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-05-12 13:27 - 2021-02-20 19:24 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-05-12 13:21 - 2018-12-21 18:43 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-05-11 17:22 - 2022-10-04 16:52 - 000000000 ____D C:\Users\User\Desktop\UWO 2023-05-11 09:52 - 2020-06-04 01:31 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-05-10 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-05-09 15:12 - 2022-11-14 16:21 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc 2023-05-06 06:51 - 2023-01-27 13:29 - 000000000 ____D C:\Users\User\Desktop\Przerobione - do dalszej nauki 2023-05-05 23:07 - 2020-06-11 12:47 - 000465360 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-05-05 23:03 - 2019-12-07 17:08 - 000000000 ____D C:\WINDOWS\SysWOW64\pl 2023-05-05 23:03 - 2019-12-07 17:08 - 000000000 ____D C:\WINDOWS\system32\pl 2023-05-05 23:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-05-05 23:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-05-05 23:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-05-03 18:20 - 2019-01-24 16:55 - 000000000 ____D C:\Users\User\AppData\Local\Tibia 2023-05-03 13:57 - 2023-02-15 23:30 - 000003520 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachineDaily 2023-05-03 13:57 - 2023-02-15 23:30 - 000003384 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachine 2023-05-03 13:57 - 2023-02-15 23:29 - 000000000 ____D C:\Program Files (x86)\Gyazo 2023-05-03 03:54 - 2023-01-11 19:05 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2023-05-03 03:54 - 2023-01-11 19:05 - 000001863 _____ C:\Users\User\Desktop\Google Drive.lnk 2023-05-03 03:38 - 2018-12-20 15:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-04-25 11:57 - 2020-06-11 13:13 - 000003864 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2023-04-25 11:57 - 2020-06-11 13:13 - 000003740 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2023-04-23 22:57 - 2018-12-20 16:57 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder 2023-04-16 04:42 - 2023-01-08 22:11 - 000000000 ____D C:\Users\User\Desktop\Konf z Vimeo ==================== Pliki w katalogu głównym wybranych folderów ======== 2023-01-06 18:16 - 2023-01-06 18:16 - 000000886 _____ () C:\Users\User\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================