Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-04-2023 01 Uruchomiony przez ja (administrator) DESKTOP-SA17QD7 (LENOVO 20217) (22-04-2023 21:40:08) Uruchomiony z C:\Users\itakn\Downloads\FRST64.exe Załadowane profile: ja Platforma: Microsoft Windows 10 Home Wersja 21H2 19044.2846 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe <2> (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCopyAccelerator.exe (cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\itakn\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe (explorer.exe ->) (Duality Software Co. Ltd. -> Duality Software) C:\Program Files\DS Clock\dsclock.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Mozilla Corporation -> Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe <17> (services.exe ->) (Duality Software) [Brak podpisu cyfrowego] C:\Program Files\DS Clock\dsetime.exe (services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\Run: [Discord] => C:\Users\itakn\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub) HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\Run: [DS Clock] => C:\Program Files\DS Clock\DSClock.exe [2200752 2022-05-09] (Duality Software Co. Ltd. -> Duality Software) HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13668840 2022-10-11] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [39159608 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\Run: [GoogleChromeAutoLaunch_7B930CA7E6B9B93DF963EA70D74918AE] => D:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [3287344 2023-03-08] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [3273520 2023-04-19] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\itakn\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Brak pliku) HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\itakn\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Brak pliku) HKU\S-1-5-21-1903997591-1751237780-1841981495-1001\...\RunOnce: [Uninstall 23.066.0326.0005] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\itakn\AppData\Local\Microsoft\OneDrive\23.066.0326.0005" (Brak pliku) HKLM\Software\...\AppCompatFlags\Custom\At.exe: [{d39698f1-1e15-4eba-8a7e-4b99ffb8f1cb}.sdb] -> GOG.com Airline Tycoon Deluxe HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database HKLM\Software\...\AppCompatFlags\Custom\S3.EXE: [{1673baf1-fccd-4fa6-a1a1-0ce069442897}.sdb] -> GOG.com The Settlers 3 HKLM\Software\...\AppCompatFlags\Custom\S3_multi.EXE: [{1673baf1-fccd-4fa6-a1a1-0ce069442897}.sdb] -> GOG.com The Settlers 3 HKLM\Software\...\AppCompatFlags\InstalledSDB\{1673baf1-fccd-4fa6-a1a1-0ce069442897}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{1673baf1-fccd-4fa6-a1a1-0ce069442897}.sdb [2022-11-25] HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2022-11-25] HKLM\Software\...\AppCompatFlags\InstalledSDB\{d39698f1-1e15-4eba-8a7e-4b99ffb8f1cb}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{d39698f1-1e15-4eba-8a7e-4b99ffb8f1cb}.sdb [2022-12-05] HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\Installer\chrmstp.exe [2023-04-20] (Brave Software, Inc. -> Brave Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-01-16] ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> ) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {28E9F8A0-F12A-4785-8659-F65D4A0A7381} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {2D76A7B9-79C5-4D3D-A2DE-298C4AA7772C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591160 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {37541E13-0F1F-4DDF-9AAD-78D4D336854A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {42895F8E-7B40-4E7F-B196-8C9829DE9535} - System32\Tasks\CCleanerSkipUAC - ja => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {4E461555-B13B-4E32-BECA-47E79A51AF7C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 260915DCF3A62DA7 => D:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-19] (Mozilla Corporation -> Mozilla Foundation) Task: {4F823812-F538-4B36-AA4D-AF3836F38AF7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5534C2E5-D925-4D6D-AC76-43D540B8753D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> ) Task: {5973FAA3-C7D2-4332-AFC8-78576F9EF6D2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> ) Task: {60ADBE0C-4FFE-4977-890F-199D7FA93807} - System32\Tasks\Mozilla\Firefox Background Update 260915DCF3A62DA7 => D:\Program Files (x86)\Mozilla Firefox\firefox.exe [676768 2023-04-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\260915DCF3A62DA7\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {724CBD42-30F5-4913-B10E-C6FCC0DC5BAA} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7C41E3FB-F8F2-4A61-A86F-02DCD0D76E9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {82E9072B-ED1D-45AF-99E8-1922ADB1695D} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {88941AAB-A019-4024-A38A-3E8087266543} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1903997591-1751237780-1841981495-1001 => C:\Users\itakn\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2023-04-10] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {8DFFCE00-FCAD-4061-BA26-4F7D99A50D56} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849720 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9A7B19C8-6CA3-4DE9-82E3-9BEC225B5BC0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "3019de24-39a9-4c14-8905-6f89cdde6bd6" --version "6.10.10347" --silent Task: {AF00EEBA-BED8-4305-8470-BBBA07FDC575} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B7B62614-D28E-4A58-96A3-75B22919089B} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-26] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {C2B9D193-9AD1-45FE-A2D7-4D2C2B491F15} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C5E6E095-76C3-488A-A521-141E8FE5E05A} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-26] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {C98383FE-6519-4751-8FB7-8392D5C860A2} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F22002B4-FA6B-4D4C-8545-266500DAC8A2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849720 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{964270b5-7a85-4e07-8ee6-2495e1a2ccc3}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b155fdbb-caba-4796-9826-02610d570ca1}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\itakn\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-20] FireFox: ======== FF DefaultProfile: 0ydyvw8p.default FF ProfilePath: C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\0ydyvw8p.default [2021-01-11] FF ProfilePath: C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release [2023-04-22] FF Homepage: Mozilla\Firefox\Profiles\leybuoyc.default-release -> hxxps://www.salon24.pl/ FF Session Restore: Mozilla\Firefox\Profiles\leybuoyc.default-release -> [funkcja włączona] FF Extension: (Facebook Container) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\@contain-facebook.xpi [2022-11-03] FF Extension: (Bypass Forced Download) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\bypass-forced-download@lukas-mai.addons.mozilla.org.xpi [2021-01-12] FF Extension: (noflash) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\jid1-n8wH2cBfc2QaUj@jetpack.xpi [2021-01-12] FF Extension: (Mate Translate - translator, słownik) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\jid1-TMndP6cdKgxLcQ@jetpack.xpi [2021-01-12] FF Extension: (Keplr) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\keplr-extension@keplr.app.xpi [2023-04-21] FF Extension: (uBlock Origin) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-04-06] FF Extension: (Presearch.org Search Extension) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\{441ae0e7-c955-4b0e-8209-99462af458db}.xpi [2021-01-31] FF Extension: (Psychedelic Glass Squared) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\{52b92fe9-753c-4514-851f-63689f4427f2}.xpi [2021-01-12] FF Extension: (Bulk Media Downloader) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\{72b2e02b-3a71-4895-886c-fd12ebe36ba3}.xpi [2021-01-12] FF Extension: (Misty dark forest II) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\{ac92fc5a-c8cd-4f87-b75c-7a4268e9b5cc}.xpi [2021-01-12] FF Extension: (Abyss Yellow) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\{adc5e39e-0f46-4326-a1c3-32681e673e00}.xpi [2021-06-07] FF Extension: (Video DownloadHelper) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-08] FF Extension: (Dark Fox) - C:\Users\itakn\AppData\Roaming\Mozilla\Firefox\Profiles\leybuoyc.default-release\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-01-12] StartMenuInternet: Firefox-260915DCF3A62DA7 - D:\Program Files (x86)\Mozilla Firefox\firefox.exe Brave: ======= BRA DefaultProfile: Profile 1 BRA Profile: C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-04-14] BRA DefaultSearchURL: Default -> hxxps://presearch.com/extsearch?term={searchTerms} BRA DefaultSearchKeyword: Default -> Presearch.com BRA Extension: (FPL Tools) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bplgdnfjlmbnjpibjogpoabahffibepk [2022-07-11] BRA Extension: (Keplr) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dmkamcknogkgcdfhhbddcghachkejeap [2023-04-14] BRA Extension: (Return YouTube Dislike) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-02-21] BRA Extension: (Mate Translate - translator, słownik) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2022-11-16] BRA Extension: (Presearch) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\inpoelmimmiplkcldmdljiboidfkcfbh [2023-01-07] BRA Extension: (Timer for Google Chrome™) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kbajefidbakalojflbaojijekaomlidj [2022-03-23] BRA Extension: (polkadot{.js} extension) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-10] BRA Extension: (Asystent IPFS) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nibjojkomfdiaoajekhjakgkdhaomnch [2023-02-23] BRA Extension: (MetaMask) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-14] BRA Profile: C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2023-04-21] BRA Profile: C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1 [2023-04-22] BRA Extension: (FPL Tools) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\bplgdnfjlmbnjpibjogpoabahffibepk [2022-12-30] BRA Extension: (Keplr) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\dmkamcknogkgcdfhhbddcghachkejeap [2023-04-20] BRA Extension: (Hubble Rarity Tools) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\ebndcaocpnhaodepigklmjpefakginih [2022-10-19] BRA Profile: C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\System Profile [2023-04-21] BRA Extension: (Brave Local Data Files Updater) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-04-21] BRA Extension: (Brave Ads Resources) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\aijecnhpjljblhnogamehknbmljlbfgn [2021-08-07] BRA Extension: (Brave NTP background images) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-12] BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications List (plaintext))) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-04-22] BRA Extension: (Wallet Data Files Updater) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-04-17] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2023-03-19] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2022-03-26] BRA Extension: (Brave Ads Resources) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\feeklcgpaolphdiamjaolkkcpbeihkbh [2023-04-07] BRA Extension: (Brave Ads Resources) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\fojhemdeemkcacelmecilmibcjallejo [2022-03-29] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-04-15] BRA Extension: (Brave NTP sponsored images) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodhafecfemgejckecbnmpobnhmoaoag [2023-04-21] BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-04-22] BRA Extension: (Brave SpeedReader Updater) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-11] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-20] BRA Extension: (Brave Ad Block Updater (Oficjalne Polskie Filtry do AdBlocka, uBlocka Origin i AdGuarda (plaintext))) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\ngcohbdfildjnmfnicgdipopmlhdcokg [2023-04-21] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-04-19] BRA Extension: (Brave Ad Block Updater (Oficjalne Polskie Filtry do AdBlocka, uBlocka Origin i AdGuarda)) - C:\Users\itakn\AppData\Local\BraveSoftware\Brave-Browser\User Data\paoecjnjjbclkgbempaeemcbeldldlbo [2023-03-19] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-03-19] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-26] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-26] (Brave Software, Inc. -> BraveSoftware Inc.) S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\brave_vpn_helper.exe [3015472 2023-04-19] (Brave Software, Inc. -> Brave Software, Inc.) R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1072440 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 DSClockSyncTime; C:\Program Files\DS Clock\dsetime.exe [96768 2017-10-28] (Duality Software) [Brak podpisu cyfrowego] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-12-08] (EasyAntiCheat Oy -> Epic Games, Inc) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2131432 2022-10-11] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-10-11] (GOG Sp. z o.o. -> GOG.com) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) S3 BraveElevationService1d9331019a2312c; "C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\elevation_service.exe" [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2023-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [497920 2023-04-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-12] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-04-22 21:40 - 2023-04-22 21:41 - 000026124 _____ C:\Users\itakn\Downloads\FRST.txt 2023-04-22 21:39 - 2023-04-22 21:39 - 002381824 _____ (Farbar) C:\Users\itakn\Downloads\FRST64.exe 2023-04-16 22:31 - 2023-04-16 22:31 - 000000989 _____ C:\Users\itakn\Desktop\Core Temp.lnk 2023-04-16 22:31 - 2023-04-16 22:31 - 000000067 _____ C:\Users\itakn\Desktop\Core Temp Gadget & Addons.url 2023-04-16 22:31 - 2023-04-16 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp 2023-04-16 22:31 - 2023-04-16 22:31 - 000000000 ____D C:\Program Files\Core Temp 2023-04-16 22:30 - 2023-04-16 22:30 - 001289312 _____ (ALCPU ) C:\Users\itakn\Downloads\Core-Temp-setup.exe 2023-04-11 20:49 - 2023-04-11 20:49 - 000000000 ___HD C:\$WinREAgent 2023-04-06 21:12 - 2023-04-06 21:12 - 000000000 ____D C:\ProgramData\BraveSoftware 2023-04-02 19:30 - 2023-04-02 19:30 - 000838864 _____ C:\Users\itakn\Downloads\Droga Cienia - Brent Weeks.mobi 2023-04-02 19:29 - 2023-04-02 19:29 - 000804024 _____ C:\Users\itakn\Downloads\1. Droga Cienia - Weeks Brent.mobi 2023-04-02 14:13 - 2023-04-02 14:13 - 020704448 _____ C:\Users\itakn\Downloads\Sir Alex Ferguson - Autobiografia.mobi 2023-03-30 22:09 - 2023-03-30 22:09 - 000000000 ____D C:\Users\itakn\AppData\Local\NVIDIA ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-04-22 21:40 - 2021-11-24 00:25 - 000000000 ____D C:\FRST 2023-04-22 21:33 - 2022-02-11 15:34 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-04-22 21:32 - 2021-01-11 23:54 - 000000000 ____D C:\Users\itakn\AppData\Local\Battle.net 2023-04-22 20:02 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-04-22 19:11 - 2020-11-19 00:29 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-04-22 15:47 - 2021-12-11 01:35 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1903997591-1751237780-1841981495-1001 2023-04-22 15:47 - 2020-12-25 14:45 - 000003374 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1903997591-1751237780-1841981495-1001 2023-04-22 15:47 - 2020-11-19 01:48 - 000002427 _____ C:\Users\itakn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-04-22 14:26 - 2023-01-16 20:40 - 000000000 ____D C:\Program Files\CCleaner 2023-04-22 13:55 - 2020-12-25 14:52 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2023-04-22 13:26 - 2023-01-16 20:41 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update 2023-04-22 03:22 - 2020-12-25 14:54 - 000000000 ____D C:\ProgramData\NVIDIA 2023-04-21 14:12 - 2020-11-19 01:44 - 001768764 _____ C:\Windows\system32\PerfStringBackup.INI 2023-04-21 14:12 - 2019-12-07 17:08 - 000785780 _____ C:\Windows\system32\perfh015.dat 2023-04-21 14:12 - 2019-12-07 17:08 - 000152640 _____ C:\Windows\system32\perfc015.dat 2023-04-21 14:12 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2023-04-21 14:06 - 2021-02-06 03:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-04-21 14:06 - 2020-11-19 01:37 - 000008192 ___SH C:\DumpStack.log.tmp 2023-04-21 14:06 - 2020-11-19 01:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-04-21 14:06 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI 2023-04-21 10:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-04-21 10:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2023-04-20 11:06 - 2022-03-26 23:04 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2023-04-20 11:06 - 2022-03-26 23:04 - 000002329 _____ C:\Users\Public\Desktop\Brave.lnk 2023-04-19 01:30 - 2021-01-11 23:31 - 000000000 ____D C:\Users\itakn\AppData\LocalLow\Mozilla 2023-04-18 00:56 - 2021-01-28 20:16 - 000000000 ____D C:\Users\itakn\AppData\Roaming\Telegram Desktop 2023-04-17 23:26 - 2021-10-12 01:16 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2023-04-16 12:00 - 2023-01-16 23:20 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-04-16 12:00 - 2020-11-19 01:31 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-04-13 10:45 - 2021-05-12 00:19 - 000000000 ____D C:\Users\itakn\AppData\Local\LenovoServiceBridge 2023-04-13 00:35 - 2020-11-19 00:29 - 000268200 _____ C:\Windows\system32\FNTCACHE.DAT 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-04-13 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2023-04-12 21:30 - 2020-11-19 01:29 - 000000000 ____D C:\Windows\system32\Drivers\wd 2023-04-11 20:59 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2023-04-11 20:56 - 2020-11-19 01:31 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2023-04-11 20:45 - 2021-02-03 16:31 - 000000000 ____D C:\Windows\system32\MRT 2023-04-11 20:42 - 2021-02-03 16:31 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2023-04-03 21:08 - 2020-11-19 01:31 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-04-03 21:08 - 2020-11-19 01:31 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-04-01 13:20 - 2021-01-23 17:01 - 000000000 ____D C:\Users\itakn\AppData\Roaming\atomic 2023-03-30 22:06 - 2021-02-26 19:36 - 000000000 ____D C:\Users\itakn\AppData\Local\UnrealEngine 2023-03-30 22:06 - 2021-02-26 19:36 - 000000000 ____D C:\ProgramData\Epic 2023-03-29 02:53 - 2021-03-07 01:17 - 000000000 ____D C:\Users\itakn\AppData\Roaming\discord 2023-03-29 01:59 - 2022-04-19 20:14 - 000000000 ____D C:\Users\itakn\AppData\Local\Discord 2023-03-29 00:06 - 2023-02-20 14:45 - 000000000 ____D C:\Users\itakn\AppData\Roaming\AtomicCache 2023-03-24 02:25 - 2021-03-07 01:17 - 000002231 _____ C:\Users\itakn\Desktop\Discord.lnk ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================