Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19-06-2022 Uruchomiony przez sebastian (administrator) DESKTOP-H1LFGA1 (Micro-Star International Co., Ltd. MS-7A34) (20-06-2022 16:51:29) Uruchomiony z C:\Users\sebastian\Desktop Załadowane profile: sebastian Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.1766 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Users\sebastian\AppData\Local\Temp\24qrrXHyyao7PIDSMXbgocvqIlv\services.exe ->) () [Brak podpisu cyfrowego] C:\Users\sebastian\AppData\Roaming\.dllbackups\data\modules\dll-host\downloads\phoenix\Antimalware Service Executable.exe (C:\Users\sebastian\AppData\Local\Temp\24qrrXHyyao7PIDSMXbgocvqIlv\services.exe ->) (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\sebastian\AppData\Roaming\.dllbackups\data\modules\dll-propagation\dll-propagation_2.9.8.exe (C:\Users\sebastian\AppData\Local\Temp\24qrrXHyyao7PIDSMXbgocvqIlv\services.exe ->) (www.xmrig.com) [Brak podpisu cyfrowego] C:\Users\sebastian\AppData\Roaming\.dllbackups\data\modules\dll-host\downloads\xmrig\MS Defender.exe (C:\Users\sebastian\AppData\Roaming\.dllbackups\data\modules\dll-propagation\dll-propagation_2.9.8.exe ->) (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Users\sebastian\AppData\Local\Temp\1xq0MkKMTM0YtEl1JnXJ2x0ArfP\dll-propagation.exe <3> (C:\Users\sebastian\AppData\Roaming\.dllbackups\dllruntime.exe ->) (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Users\sebastian\AppData\Local\Temp\24qrrXHyyao7PIDSMXbgocvqIlv\services.exe <7> (Discord Inc. -> Discord Inc.) C:\Users\sebastian\AppData\Local\Discord\app-1.0.9005\Discord.exe <6> (explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\sebastian\AppData\Local\FluxSoftware\Flux\flux.exe (explorer.exe ->) (Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe (explorer.exe ->) (GNE) [Brak podpisu cyfrowego] C:\Program Files (x86)\Dual Monitor Tools\DMT.exe (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3> (explorer.exe ->) (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\sebastian\AppData\Roaming\.dllbackups\dllruntime.exe <2> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (ShareX Team) [Brak podpisu cyfrowego] C:\Program Files\ShareX\ShareX.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <47> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Wondershare\MobileTrans\ElevationService.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe (svchost.exe ->) () [Brak podpisu cyfrowego] C:\Users\sebastian\Desktop\openhardwaremonitor-v0.9.6\OpenHardwareMonitor\OpenHardwareMonitor.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11236136 2020-04-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62636856 2020-10-26] (Discord Inc. -> Discord Inc.) HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835760 2019-11-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26327864 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) HKLM-x32\...\Run: [AutoAD] => C:\Program Files (x86)\Wondershare\MobileTrans\AutoAD.exe [73224 2022-03-16] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKU\S-1-5-21-3182251074-1433944820-3341931099-1001\...\Run: [Discord] => C:\Users\sebastian\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub) HKU\S-1-5-21-3182251074-1433944820-3341931099-1001\...\Run: [f.lux] => C:\Users\sebastian\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC) HKU\S-1-5-21-3182251074-1433944820-3341931099-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [146943096 2022-06-10] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-3182251074-1433944820-3341931099-1001\...\Run: [GNE_DualMonitorTools] => C:\Program Files (x86)\Dual Monitor Tools\DMT.exe [796160 2018-06-04] (GNE) [Brak podpisu cyfrowego] HKU\S-1-5-21-3182251074-1433944820-3341931099-1001\...\Run: [SoundID Listen.exe] => C:\Program Files\SoundID Listen\Current Version\SoundID Listen.exe --launched-on-startup (Brak pliku) HKU\S-1-5-21-3182251074-1433944820-3341931099-1001\...\Run: [AnyTransToolHelper] => C:\Program Files\AnyTrans for iOS\AnyTransToolHelper.exe (Brak pliku) HKU\S-1-5-21-3182251074-1433944820-3341931099-1001\...\Run: [AutoAD] => C:\Program Files (x86)\Wondershare\MobileTrans\AutoAD.exe [73224 2022-03-16] (Wondershare Technology Co.,Ltd -> Wondershare) HKU\S-1-5-21-3182251074-1433944820-3341931099-1001\...\Run: [electron.app.dllservices] => C:\Users\sebastian\AppData\Roaming\.dllbackups\dllruntime.exe [63159807 2022-06-17] (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] HKU\S-1-5-21-3182251074-1433944820-3341931099-1001\...\Run: [electron.app.services] => C:\Users\sebastian\AppData\Roaming\.dllbackups\dllruntime.exe [63159807 2022-06-17] (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-10] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\102.1.39.122\Installer\chrmstp.exe [2022-06-11] (Brave Software, Inc. -> Brave Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MTWSAndroidAppHelper.lnk [2022-03-26] ShortcutTarget: MTWSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\MobileTrans\WSAndroidAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MTWSAppHelper.lnk [2022-03-26] ShortcutTarget: MTWSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\MobileTrans\WSAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft) Startup: C:\Users\sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2022-03-26] ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter) Startup: C:\Users\sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2020-10-26] ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [Brak podpisu cyfrowego] ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {007FD70F-9E9D-4B94-B1EE-42E9A8DB8822} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-19] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {12234B11-77F5-4B59-B1D8-85841099419F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339464 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {27909E7B-7F00-4886-8F80-616F184A45F2} - System32\Tasks\HWiNFO => C:\Users\sebastian\Desktop\hwi_704\HWiNFO64.exe (Brak pliku) Task: {2ABCD965-271D-4928-85AA-6C0AB1EE7BD7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {36E44895-D58D-42DF-8C32-23DDF30CB375} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-19] (Google LLC -> Google LLC) Task: {372D11FD-DA0C-4FDC-9C27-1465E9F2AA8A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {3A2ECC99-3411-46BF-97A8-35EEC85A5122} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {3EC4A9DE-514D-48FE-8FD0-117DB415E580} - System32\Tasks\Core Temp Autostart sebastian => C:\Program Files\Core Temp\Core Temp.exe (Brak pliku) Task: {4826F8B5-5CA8-46C4-8F6D-187590636B2E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3182251074-1433944820-3341931099-500 => C:\Users\sebastian\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Brak pliku) Task: {5AA2DF30-7311-4CD4-BACC-CB8CF391FD37} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {78193424-D617-4824-A18B-D8DB37755DC9} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> ) Task: {805EB7B4-77B1-42B2-8E2D-B7830EE8B9A3} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-19] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {82BBAB68-AD8E-4345-8FBC-F60F4F4300A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-19] (Google LLC -> Google LLC) Task: {86645534-1611-4870-A31E-16C576B565C3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {9801DD68-4847-47AD-80D1-1A674012E2FA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {9DF082EF-6003-4AA3-AECC-CD85A3E00F4F} - System32\Tasks\Open Hardware Monitor\Startup => C:\Users\sebastian\Desktop\openhardwaremonitor-v0.9.6\OpenHardwareMonitor\OpenHardwareMonitor.exe [493568 2020-12-27] () [Brak podpisu cyfrowego] Task: {9EFDF5CB-C817-4B99-814C-0BA36D65F6F5} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {A3C03D2A-8AA3-4052-9CFE-DAE914ABD379} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {E948FABF-6D8A-4DE3-AFD9-97A135405E8D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {EF83D157-ABE8-46FB-9951-60FA0497AFB1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2021-11-24] (Nvidia Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 91.218.211.210 91.218.203.34 Tcpip\..\Interfaces\{dcb5644f-d5d6-4732-9182-123a06119733}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{dcb5644f-d5d6-4732-9182-123a06119733}: [DhcpNameServer] 91.218.211.210 91.218.203.34 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\sebastian\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-09] FireFox: ======== FF DefaultProfile: nbbs4y91.default FF ProfilePath: C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\nbbs4y91.default [2020-10-26] FF ProfilePath: C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta [2022-06-20] FF Notifications: Mozilla\Firefox\Profiles\8822p7pt.default-beta -> hxxps://multi-head.pl; hxxps://www.youtube.com; hxxps://steamcommunity.com; hxxps://pochylnia.pl; hxxps://client.poorchat.net; hxxps://web.whatsapp.com; hxxps://antistorm.eu; hxxps://www.messenger.com FF Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2022-05-27] FF Extension: (Facebook Container) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\@contain-facebook.xpi [2022-03-18] FF Extension: (Arc Dark Theme) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\arc-dark-theme@afnankhan.xpi [2021-06-03] FF Extension: (Browsec VPN - Free VPN for Firefox) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\browsec@browsec.com.xpi [2022-06-17] FF Extension: (Flash Video Downloader) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\ductloanphuok@gmail.com.xpi [2020-04-29] FF Extension: (Enhancer for YouTube™) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2022-05-16] FF Extension: (BetterTTV) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\firefox@betterttv.net.xpi [2022-05-30] FF Extension: (Tampermonkey) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\firefox@tampermonkey.net.xpi [2022-05-12] FF Extension: (HTTPS Everywhere) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\https-everywhere-eff@eff.org.xpi [2022-05-18] [UpdateUrl:hxxps://www.eff.org/files/https-everywhere-updates.json] FF Extension: (Popup View for Google™ Translate) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\jid0-fbHwsGfb6kJyq2hj65KnbGte3yT@jetpack.xpi [2022-05-27] FF Extension: (Notifier for Gmail™) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2021-09-19] FF Extension: (Magic Actions for YouTube™) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2021-05-04] FF Extension: (h264ify) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\jid1-TSgSxBhncsPBWQ@jetpack.xpi [2019-09-10] FF Extension: (ScriptSafe) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\scriptsafe@protonmail.com.xpi [2018-07-31] FF Extension: (Tab Session Manager) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\Tab-Session-Manager@sienori.xpi [2022-05-05] FF Extension: (Close Tab History Button) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\tb-tab-close-history-single@codefisher.org.xpi [2018-07-31] FF Extension: (Alternate Player for Twitch.tv) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\twitch5@coolcmd.xpi [2022-02-10] FF Extension: (uBlock Origin) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\uBlock0@raymondhill.net.xpi [2022-06-15] FF Extension: (Imagus) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2020-04-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (Watch YouTube in your preferred video quality, such as 720p, 1080p, 1440p and 2160p.) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{094c428f-8a39-4af8-a4a3-1aff5fb34abc}.xpi [2020-01-14] FF Extension: (Search by Image) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2022-05-23] FF Extension: (Bitwarden - darmowy menedżer haseł) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2022-06-11] FF Extension: (Always active Window - Always Visible) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{4b7825da-0dd1-44f9-9717-bee5b2408af6}.xpi [2022-03-10] FF Extension: (Just Black for Firefox) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{871b4647-0ed9-4425-86d9-991e886981d9}.xpi [2021-10-28] FF Extension: (ImTranslator: Tłumacz, Słownik, Głos) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2022-05-23] FF Extension: (Flash and Video Download) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2020-06-09] FF Extension: (Jadisco.pl) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{bbb0df11-b3d0-4423-8100-393ed4458ce3}.xpi [2018-07-31] FF Extension: (Matte Black (White)) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{bcf9bb24-1417-4c9e-b901-1ffa328ba873}.xpi [2022-02-25] FF Extension: (Nano Defender Pro) - C:\Users\sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\8822p7pt.default-beta\Extensions\{f9cacf2e-cafc-4f0f-b6ad-8e1a01b4b4d0}.xpi [2020-10-13] [UpdateUrl:hxxps://raw.githubusercontent.com/LiCybora/NanoDefenderFirefox/master/Extension%20Compiler/updates.json] FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR Profile: C:\Users\sebastian\AppData\Local\Google\Chrome\User Data\Default [2022-04-28] CHR Extension: (Prezentacje) - C:\Users\sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-19] CHR Extension: (BetterTTV) - C:\Users\sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2022-04-24] CHR Extension: (Dokumenty) - C:\Users\sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-19] CHR Extension: (Dysk Google) - C:\Users\sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-19] CHR Extension: (uBlock Origin) - C:\Users\sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-28] CHR Extension: (Arkusze) - C:\Users\sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-19] CHR Extension: (Dokumenty Google offline) - C:\Users\sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-24] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-27] CHR Extension: (Gmail) - C:\Users\sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-19] Brave: ======= BRA Profile: C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-04-20] BRA Extension: (BetterTTV) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2022-04-14] BRA Extension: (uBlock Origin) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-14] BRA Extension: (Imagus) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2021-11-20] BRA Extension: (Bitwarden - darmowy menedżer haseł) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-04-14] BRA Extension: (Brave Local Data Files Updater) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-04-20] BRA Extension: (Brave NTP background images) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-04-20] BRA Extension: (Wallet Data Files Updater) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-04-20] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-04-20] BRA Extension: (Brave NTP sponsored images) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodhafecfemgejckecbnmpobnhmoaoag [2022-04-20] BRA Extension: (Brave SpeedReader Updater) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-04-20] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-04-20] BRA Extension: (Brave Ad Block Updater (Oficjalne Polskie Filtry do AdBlocka, uBlocka Origin i AdGuarda)) - C:\Users\sebastian\AppData\Local\BraveSoftware\Brave-Browser\User Data\paoecjnjjbclkgbempaeemcbeldldlbo [2022-04-20] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2688544 2022-06-08] (PUBG CORPORATION -> ) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-04-27] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-19] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-19] (Brave Software, Inc. -> BraveSoftware Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2020-10-26] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 ElevationService; C:\Program Files (x86)\Wondershare\MobileTrans\ElevationService.exe [913408 2021-10-28] () [Brak podpisu cyfrowego] R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11523704 2022-06-10] (Logitech Inc -> Logitech, Inc.) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-17] (Malwarebytes Inc. -> Malwarebytes) S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService_x64.exe [2669240 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2343600 2019-10-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService_x64.exe [2725048 2017-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2255544 2018-11-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2507952 2019-10-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2018-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2740912 2019-10-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2210104 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254368 2022-06-15] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [6020336 2022-03-16] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare) S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [9132336 2022-06-01] (PUBG CORPORATION -> KRAFTON, Inc) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-10-26] (Martin Malik - REALiX -> REALiX(tm)) R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [33528 2022-03-25] (WDKTestCert builder,132743893872553407 -> Logitech) R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [21704 2022-03-25] (WDKTestCert builder,132743893872553407 -> Logitech) R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [62904 2022-03-25] (WDKTestCert builder,132743893872553407 -> Logitech) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-06-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R1 ndextlag; C:\Windows\system32\DRIVERS\ndextlag.sys [48640 2018-04-11] (Mainline Net Holdings Limited -> SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA - ME) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) R2 SSGDIO; C:\Windows\SysWOW64\DRIVERS\ssgdio64.sys [14608 2021-01-29] (ATI Technologies, Inc -> ATI Technologies Inc.) S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2022-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [443664 2022-04-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-07] (Microsoft Windows -> Microsoft Corporation) R3 WinRing0_1_2_0; C:\Users\sebastian\Desktop\openhardwaremonitor-v0.9.6\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [14544 2022-06-20] (Noriyuki MIYAZAKI -> OpenLibSys.org) S3 WireGuard; C:\Windows\system32\DRIVERS\wireguard.sys [489368 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 xhunter1; C:\Windows\xhunter1.sys [1431256 2022-06-17] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-20 16:51 - 2022-06-20 16:52 - 000033863 _____ C:\Users\sebastian\Desktop\FRST.txt 2022-06-20 16:50 - 2022-06-20 16:51 - 000000000 ____D C:\FRST 2022-06-20 16:50 - 2022-06-20 16:50 - 002369024 _____ (Farbar) C:\Users\sebastian\Desktop\FRST64.exe 2022-06-19 19:21 - 2022-06-19 19:21 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\Ookla 2022-06-18 08:31 - 2022-06-18 08:31 - 002700138 _____ C:\Users\sebastian\Desktop\8zaltu.mp4 2022-06-17 11:38 - 2022-06-20 16:28 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\dll-propagation 2022-06-17 07:45 - 2022-06-17 07:45 - 000002449 _____ C:\Users\sebastian\Desktop\asdasdasdasd.txt 2022-06-17 07:41 - 2022-06-17 07:41 - 000000000 ____D C:\Users\sebastian\AppData\Local\mbam 2022-06-17 07:40 - 2022-06-17 07:40 - 002549096 _____ (Malwarebytes) C:\Users\sebastian\Desktop\MBSetup.exe 2022-06-17 07:40 - 2022-06-17 07:40 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2022-06-17 07:40 - 2022-06-17 07:40 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2022-06-17 07:40 - 2022-06-17 07:40 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2022-06-17 07:40 - 2022-06-17 07:40 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-06-17 07:40 - 2022-06-17 07:40 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-06-17 07:40 - 2022-06-17 07:40 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-06-17 07:40 - 2022-06-17 07:40 - 000000000 ____D C:\Program Files\Malwarebytes 2022-06-17 07:38 - 2022-06-20 16:12 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\services 2022-06-17 07:37 - 2022-06-17 09:56 - 000000000 ___HD C:\Users\sebastian\AppData\Roaming\.dllbackups 2022-06-17 07:37 - 2022-06-17 07:37 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\dllservices 2022-06-17 07:35 - 2022-06-17 07:35 - 000000000 ____D C:\Users\sebastian\AppData\Local\4kdownload.com 2022-06-17 05:56 - 2022-06-17 05:56 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-06-16 11:09 - 2022-06-17 23:32 - 000000000 ____D C:\ProgramData\AntiCheatExpert 2022-06-16 11:09 - 2022-06-16 11:11 - 000000000 ____D C:\Program Files\AntiCheatExpert 2022-06-15 21:25 - 2022-06-15 21:25 - 000000130 _____ C:\Users\sebastian\Desktop\Nowy dokument tekstowy (2).txt 2022-06-15 16:44 - 2022-06-15 16:44 - 000479744 _____ C:\Windows\system32\AssignedAccessCsp.dll 2022-06-15 16:44 - 2022-06-15 16:44 - 000104448 _____ C:\Windows\system32\nettraceex.dll 2022-06-15 16:44 - 2022-06-15 16:44 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll 2022-06-15 16:44 - 2022-06-15 16:44 - 000011787 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-06-15 16:43 - 2022-06-15 16:43 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2022-06-15 16:43 - 2022-06-15 16:43 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2022-06-15 16:43 - 2022-06-15 16:43 - 000232288 _____ C:\Windows\system32\containerdevicemanagement.dll 2022-06-15 16:38 - 2022-06-15 16:38 - 000000000 ___HD C:\$WinREAgent 2022-06-11 10:24 - 2022-06-11 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2022-06-06 16:53 - 2022-06-06 16:53 - 000030071 _____ C:\Users\sebastian\Desktop\Dokument bez tytułu2.pdf 2022-06-06 16:49 - 2022-06-06 16:49 - 000030077 _____ C:\Users\sebastian\Desktop\Dokument bez tytułu.pdf 2022-06-03 19:13 - 2022-06-03 19:13 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\Remote for Windows 2022-06-03 19:13 - 2022-06-03 19:13 - 000000000 ____D C:\Users\sebastian\AppData\Local\Evgeny_Cherpak 2022-06-03 19:13 - 2022-06-03 19:13 - 000000000 ____D C:\Program Files\Remote for Windows 2022-06-03 18:28 - 2022-06-03 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2022-06-03 18:28 - 2022-06-03 18:28 - 000000000 ____D C:\Program Files\qBittorrent 2022-05-23 19:13 - 2022-05-23 19:13 - 026299508 _____ C:\Users\sebastian\Desktop\vyxgij.mp4 2022-05-23 19:13 - 2022-05-23 19:13 - 018322289 _____ C:\Users\sebastian\Desktop\3mug1g.mp4 ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-20 16:48 - 2020-10-26 19:39 - 000000000 ____D C:\Users\sebastian\AppData\Local\LGHUB 2022-06-20 16:48 - 2020-10-26 19:29 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\discord 2022-06-20 16:43 - 2020-11-19 02:23 - 000000000 ____D C:\Program Files (x86)\Google 2022-06-20 16:15 - 2020-10-26 20:09 - 000000000 ____D C:\ProgramData\NVIDIA 2022-06-20 16:15 - 2020-10-26 18:57 - 000000000 ____D C:\Users\sebastian\AppData\LocalLow\Mozilla 2022-06-20 16:14 - 2020-10-27 19:00 - 000000000 ____D C:\Users\sebastian\AppData\Local\CrashDumps 2022-06-20 16:13 - 2022-03-26 00:24 - 000000000 ____D C:\Users\sebastian\AppData\Local\Wondershare 2022-06-20 16:13 - 2022-01-12 20:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-06-20 16:12 - 2021-07-17 01:51 - 000000000 ____D C:\Users\sebastian\AppData\Local\Discord 2022-06-20 16:12 - 2020-10-26 19:39 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\LGHUB 2022-06-19 22:07 - 2020-10-26 19:37 - 000000000 ____D C:\Users\sebastian\Documents\ShareX 2022-06-19 22:07 - 2020-09-27 07:52 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-06-19 22:07 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-06-19 20:59 - 2020-10-26 19:28 - 000000000 ____D C:\Program Files (x86)\Steam 2022-06-18 00:30 - 2020-10-26 18:49 - 000000000 ____D C:\Users\sebastian 2022-06-17 23:32 - 2020-11-07 12:56 - 000000000 ____D C:\Program Files\Common Files\PUBG 2022-06-17 23:29 - 2020-12-12 23:58 - 001431256 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys 2022-06-17 22:08 - 2020-09-27 09:55 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-06-17 22:08 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-06-17 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2022-06-17 12:56 - 2020-10-31 10:04 - 000000000 ____D C:\Users\sebastian\Documents\Euro Truck Simulator 2 2022-06-17 11:48 - 2020-11-11 02:18 - 000025409 _____ C:\Users\sebastian\Desktop\hax.txt 2022-06-17 11:40 - 2020-10-27 16:02 - 000000000 ____D C:\Users\sebastian\AppData\Local\D3DSCache 2022-06-17 09:55 - 2021-12-08 17:50 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-06-17 09:55 - 2020-10-26 18:57 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-06-17 08:09 - 2020-10-29 19:07 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\vlc 2022-06-17 07:40 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2022-06-17 05:58 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2022-06-16 14:48 - 2020-10-26 18:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-06-16 13:08 - 2020-11-24 18:10 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\WhatsApp 2022-06-16 13:06 - 2022-02-06 18:09 - 000000000 ____D C:\Users\sebastian\AppData\Local\ExitLag 2022-06-16 11:10 - 2020-10-26 19:07 - 001767984 _____ C:\Windows\system32\PerfStringBackup.INI 2022-06-16 11:10 - 2019-12-07 17:08 - 000784340 _____ C:\Windows\system32\perfh015.dat 2022-06-16 11:10 - 2019-12-07 17:08 - 000152236 _____ C:\Windows\system32\perfc015.dat 2022-06-16 11:09 - 2021-04-16 19:25 - 000000000 ____D C:\Windows\Minidump 2022-06-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState 2022-06-16 11:04 - 2020-09-27 09:52 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-06-16 11:04 - 2020-09-27 07:52 - 000008192 ___SH C:\DumpStack.log.tmp 2022-06-16 11:04 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2022-06-16 10:43 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2022-06-16 10:31 - 2020-09-27 09:54 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-06-16 10:31 - 2020-09-27 09:54 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-06-15 23:34 - 2020-09-27 07:52 - 000258744 _____ C:\Windows\system32\FNTCACHE.DAT 2022-06-15 23:33 - 2021-08-11 08:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-06-15 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2022-06-15 23:33 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing 2022-06-15 16:43 - 2020-09-27 09:54 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2022-06-15 16:37 - 2020-10-26 20:14 - 000000000 ____D C:\Windows\system32\MRT 2022-06-15 16:35 - 2020-10-26 20:14 - 145918784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-06-14 21:46 - 2021-01-05 17:34 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\Spotify 2022-06-14 20:57 - 2021-01-05 17:34 - 000000000 ____D C:\Users\sebastian\AppData\Local\Spotify 2022-06-11 10:24 - 2021-09-15 04:03 - 000000000 ____D C:\Program Files\LGHUB 2022-06-11 10:24 - 2020-11-19 02:20 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2022-06-11 10:24 - 2020-11-19 02:20 - 000002329 _____ C:\Users\Public\Desktop\Brave.lnk 2022-06-10 16:53 - 2021-07-31 20:29 - 000000000 ____D C:\Users\sebastian\Desktop\OneCommanderLatest 2022-06-10 15:01 - 2020-11-19 02:23 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-06-10 15:01 - 2020-11-19 02:23 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-06-04 09:16 - 2020-11-07 02:51 - 000000000 ____D C:\Users\sebastian\AppData\Roaming\qBittorrent 2022-06-02 18:36 - 2020-09-27 09:56 - 000000000 ____D C:\ProgramData\Packages 2022-05-31 22:29 - 2022-03-09 17:04 - 000000000 ____D C:\Users\sebastian\Desktop\UKRAINA ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-10-26 19:54 - 2021-07-31 15:38 - 000000128 _____ () C:\Users\sebastian\AppData\Roaming\winscp.rnd 2020-10-26 19:48 - 2020-10-26 21:56 - 000000128 _____ () C:\Users\sebastian\AppData\Local\PUTTY.RND 2021-11-21 01:28 - 2021-11-21 01:28 - 000003711 _____ () C:\Users\sebastian\AppData\Local\recently-used.xbel 2021-05-02 22:10 - 2021-05-02 22:10 - 000007602 _____ () C:\Users\sebastian\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================