wklejto.pl

Dodane przez: ~Anonim (2021-07-19 23:37) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
Ran by łukasz (administrator) on LUKASZ (Dell Inc. Inspiron 5737) (20-07-2021 01:23:41)
Running from C:\Users\łukasz\Downloads
Loaded Profiles: łukasz
Platform: Windows 8.1 (Update) (X64) Language: Polski (Polska)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-21] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-21] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-03-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3795519858-1023177073-538787850-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3795519858-1023177073-538787850-1001\...\Run: [ALLUpdate] => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
HKU\S-1-5-21-3795519858-1023177073-538787850-1001\...\Run: [Napisy24Update] => "C:\Program Files (x86)\Napisy24\Napisy24Update.exe" "sleep"
HKU\S-1-5-21-3795519858-1023177073-538787850-1001\...\Run: [FreeYouTubeDownloader] => "C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe" -h
HKU\S-1-5-21-3795519858-1023177073-538787850-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3795519858-1023177073-538787850-501\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-24] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-02-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-02-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0173E519-389F-4423-AB70-1CB29E7F0E85} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {1CA0C506-333C-4A2D-AE44-6BA77C99D2AA} - System32\Tasks\Opera scheduled Autoupdate 1448379311 => C:\Program Files (x86)\Opera\launcher.exe
Task: {2D38F659-D2C9-4306-B2A1-D5634278A091} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {2F9AA10C-D8B9-45D5-8F1C-6EC8D952999C} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {412DCB03-FF70-450C-A2F1-0C52E9C015FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-24] (Google Inc -> Google Inc.)
Task: {587AC0A3-A55E-4CB8-8770-7A6DEFECE8C1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [133422552 2021-07-19] (Microsoft Windows -> Microsoft Corporation)
Task: {594BD72D-E1E7-4491-A38C-2AAB8C636CEF} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {6C327C6D-5D3A-4463-BD54-A8C7EF69ECAD} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe
Task: {6CD3D2E4-B87B-48AA-9631-F62587EB151E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {6ED7FB88-AC6E-4A9B-B938-975BFD5E1DB8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {76DC43EB-AE11-462B-8944-A783C930230B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-24] (Google Inc -> Google Inc.)
Task: {7D925499-6EAF-4E22-9C97-9527CC48B4B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {817FC7F9-880B-4062-988B-F222AC2FE9FB} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {9E55513C-3096-48E3-8562-BB72DB864068} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B75665E1-1227-46F9-B205-C3C2070E7F09} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {C9DE8842-5C79-4AE0-A5FB-8ED28EA55DC9} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {F77B80FE-1DFE-40CD-B508-0F68A1B21787} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 217.173.176.6 217.173.176.34 192.168.1.1
Tcpip\..\Interfaces\{25479BB8-2F89-441D-94D4-A1A8664B10AB}: [DhcpNameServer] 217.173.176.6 217.173.176.34 192.168.1.1
Tcpip\..\Interfaces\{A0B71373-7024-4877-A940-B93957953CF9}: [DhcpNameServer] 217.173.176.6 217.173.176.34
 
Edge: 
=======
Edge Profile: C:\Users\łukasz\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-19]
 
FireFox:
========
FF ProfilePath: C:\Users\łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\88qz4kl6.default [2021-07-20]
FF Homepage: Mozilla\Firefox\Profiles\88qz4kl6.default -> hxxp://www.gazeta.pl/0,0.html?p=190
FF Extension: (NoScript) - C:\Users\łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\88qz4kl6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-09-20] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\88qz4kl6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-10] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\łukasz\AppData\Local\Google\Chrome\User Data\Default [2021-07-20]
CHR Notifications: Default -> hxxps://kickass2.cc; hxxps://meet.google.com; hxxps://www.facebook.com; hxxps://www.ipla.tv; hxxps://www.vipbox.live; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.global-pl.com/
CHR StartupUrls: Default -> "hxxps://www.google.pl/"
CHR Extension: (Flash Video Downloader) - C:\Users\łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-03-17]
CHR Extension: (Nano Adblocker) - C:\Users\łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabbbocakeomblphkmmnoamkioajlkfo [2020-08-29]
CHR Extension: (Nano Defender) - C:\Users\łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggolfgbegefeeoocgjbmkembbncoadlb [2020-08-24]
CHR Extension: (Avast Online Security) - C:\Users\łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-19]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\łukasz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-09]
CHR Profile: C:\Users\łukasz\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
Opera: 
=======
OPR Profile: C:\Users\łukasz\AppData\Roaming\Opera Software\Opera Stable [2019-12-24]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.pl/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
U2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Techporch Incorporated -> Dell Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (Dell Inc -> SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-03-02] (Qualcomm Atheros -> Atheros) [File not signed]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 amsdk; C:\Windows\System32\Drivers\amsdk.sys [232792 2019-12-26] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-31] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2015-05-22] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-01-09] (Disc Soft Ltd -> Disc Soft Ltd)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-07-20 01:23 - 2021-07-20 01:25 - 000017739 _____ C:\Users\łukasz\Downloads\FRST.txt
2021-07-20 01:22 - 2021-07-20 01:22 - 000000000 ___RD C:\Users\łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2021-07-20 01:01 - 2021-07-20 01:12 - 000008868 _____ C:\Users\łukasz\Downloads\Fixlog.txt
2021-07-20 01:00 - 2021-07-20 01:00 - 000000002 _____ C:\Users\łukasz\Downloads\ngnupoatorgzwbcg.txt
2021-07-20 00:52 - 2021-07-20 00:53 - 000003871 _____ C:\Users\łukasz\Downloads\Fixlogold.txt
2021-07-20 00:49 - 2021-07-20 00:49 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\łukasz\Downloads\Niepotwierdzony 903024.crdownload
2021-07-19 02:29 - 2021-07-19 02:29 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-19 02:29 - 2021-07-19 02:29 - 000002214 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-07-19 02:28 - 2021-07-19 02:28 - 000003410 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-19 02:28 - 2021-07-19 02:28 - 000003282 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-19 01:35 - 2021-07-19 01:35 - 000000000 ____D C:\Users\łukasz\AppData\Local\Safer-Networking Ltd
2021-07-19 01:35 - 2021-07-19 01:35 - 000000000 ____D C:\Safer-Networking Ltd
2021-07-19 01:34 - 2021-07-19 01:34 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\łukasz\Downloads\spybotsd-2.8.68.0.exe
2021-07-19 01:08 - 2021-07-19 01:08 - 000638336 _____ (Dell Inc.) C:\Users\łukasz\Downloads\SupportAssistLauncher.exe
2021-07-19 00:48 - 2021-07-19 00:49 - 251912888 _____ C:\Users\łukasz\Downloads\nu71jwdx.exe
2021-07-19 00:43 - 2021-07-19 00:46 - 000000029 _____ C:\Users\łukasz\Desktop\Nowy dokument tekstowy.txt
2021-07-19 00:30 - 2021-07-19 00:30 - 011332032 _____ (SurfRight B.V.) C:\Users\łukasz\Downloads\HitmanPro_x64.exe
2021-07-19 00:28 - 2021-07-19 00:28 - 010710464 _____ (SurfRight B.V.) C:\Users\łukasz\Downloads\HitmanPro.exe
2021-07-19 00:10 - 2021-07-19 00:10 - 000000000 ____D C:\Users\łukasz\AppData\Local\mbam
2021-07-19 00:06 - 2021-07-20 00:51 - 002300416 _____ (Farbar) C:\Users\łukasz\Downloads\FRSTEnglish.exe
2021-07-19 00:06 - 2021-07-19 00:06 - 011644232 _____ C:\Users\łukasz\Downloads\mb-support-1.8.4.896.exe
2021-07-18 23:43 - 2021-07-18 23:43 - 000000877 _____ C:\Users\łukasz\Desktop\Pobrane — skrót.lnk
2021-07-18 23:42 - 2021-07-18 23:42 - 002092128 _____ (Malwarebytes) C:\Users\łukasz\Downloads\MBSetup (1).exe
2021-07-18 23:27 - 2021-07-18 23:27 - 002092128 _____ (Malwarebytes) C:\Users\łukasz\Downloads\MBSetup.exe
2021-07-18 23:27 - 2021-07-18 23:27 - 000000000 ____D C:\Program Files\Malwarebytes
2021-07-18 23:20 - 2021-07-18 23:21 - 000000000 ____D C:\AdwCleaner
2021-07-18 23:20 - 2021-07-18 23:20 - 008553680 _____ (Malwarebytes) C:\Users\łukasz\Downloads\aa.exe
2021-07-12 17:56 - 2021-07-12 17:56 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-07-20 01:24 - 2019-12-01 20:28 - 000000000 ____D C:\FRST
2021-07-20 01:24 - 2014-01-09 22:16 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-20 01:24 - 2013-10-03 02:16 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2021-07-20 01:22 - 2019-12-27 15:36 - 000000436 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-07-20 01:21 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-20 01:16 - 2014-03-18 11:57 - 000005900 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-20 01:16 - 2014-03-18 11:28 - 005920198 _____ C:\WINDOWS\system32\perfh015.dat
2021-07-20 01:16 - 2014-03-18 11:28 - 001949556 _____ C:\WINDOWS\system32\perfc015.dat
2021-07-20 01:12 - 2014-01-09 22:05 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3795519858-1023177073-538787850-1001
2021-07-20 00:53 - 2014-04-23 13:58 - 000000000 ____D C:\Users\łukasz
2021-07-20 00:53 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-07-20 00:48 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2021-07-19 02:24 - 2014-04-23 15:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-07-19 02:22 - 2014-01-11 16:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-19 02:21 - 2014-01-11 16:09 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-19 02:20 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-19 01:12 - 2020-01-12 21:35 - 000000000 ____D C:\ProgramData\AVAST Software
2021-07-19 01:08 - 2017-06-28 19:24 - 000000000 ____D C:\ProgramData\SupportAssist
2021-07-19 01:08 - 2015-02-11 03:19 - 000000000 ____D C:\Program Files (x86)\Dell
2021-07-19 01:08 - 2013-10-03 02:00 - 000000000 ____D C:\Program Files\Dell
2021-07-19 00:46 - 2019-12-26 19:42 - 000012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2021-07-19 00:45 - 2019-12-26 19:13 - 000000000 ____D C:\ProgramData\HitmanPro
2021-07-19 00:24 - 2020-01-12 21:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-07-18 23:39 - 2016-07-29 11:15 - 000003354 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-18 23:39 - 2014-07-04 00:51 - 000003482 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-18 23:14 - 2014-01-20 20:54 - 000000000 ____D C:\Program Files (x86)\Winamp
2021-07-18 23:14 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-07-18 23:14 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-07-18 23:05 - 2013-10-03 02:21 - 000000000 ____D C:\ProgramData\McAfee
2021-07-18 22:59 - 2020-01-12 21:36 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2021-07-18 22:57 - 2020-08-29 18:13 - 000000000 ____D C:\Users\łukasz\AppData\Roaming\WhatsApp
2021-07-18 22:57 - 2020-08-29 18:13 - 000000000 ____D C:\Users\łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-07-18 22:57 - 2020-08-29 18:13 - 000000000 ____D C:\Users\łukasz\AppData\Local\WhatsApp
2021-07-18 22:43 - 2021-03-10 21:51 - 000000000 ____D C:\Users\łukasz\AppData\Local\FluxSoftware
2021-06-24 20:22 - 2019-12-26 23:49 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-24 20:22 - 2019-12-26 23:49 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-22 19:09 - 2019-12-26 23:30 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3795519858-1023177073-538787850-1003
2021-06-22 19:09 - 2016-07-22 17:09 - 000003484 _____ C:\WINDOWS\system32\Tasks\PCDEventLauncherTask
2021-06-22 19:09 - 2016-07-22 17:09 - 000003342 _____ C:\WINDOWS\system32\Tasks\PCDDataUploadTask
2021-06-22 19:09 - 2016-07-22 17:09 - 000003216 _____ C:\WINDOWS\system32\Tasks\SystemToolsDailyTest
2021-06-22 19:09 - 2015-11-24 17:36 - 000003884 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1448379311
2021-06-22 19:09 - 2015-05-09 01:27 - 000003980 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{7467C0C2-32F5-46A7-8679-73E81DE098DF}
 
==================== Files in the root of some directories ========
 
2019-02-24 19:54 - 2019-11-28 23:30 - 000000000 _____ () C:\Users\łukasz\AppData\Roaming\MCVi2UserDetail.ini
2014-01-10 19:08 - 2020-06-19 22:20 - 000000042 _____ () C:\Users\łukasz\AppData\Roaming\WB.CFG
2020-08-11 21:49 - 2020-08-11 21:49 - 000001736 _____ () C:\Users\łukasz\AppData\Local\recently-used.xbel
 
==================== FLock ==============================
 
2013-10-03 13:26 C:\System Recovery
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2017-05-18 18:42
==================== End of FRST.txt ========================
Wygenerowano w 0.005s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!