Jeszcze log z TDSSKiller. W logu nadal widac: C:\WINDOWS\system32\Drivers\bTCNfrmddz.sys Jezeli TDSS tego nie wykryje, to uzyj https://www.fixitpc.pl/topic/4414-diagnostyka-infekcji-na-niestartuj%C4%85cych-windows/ i przy pomocy WinRE z FRST usun plik wykonujac Fixlist.txt: C:\WINDOWS\system32\Drivers\bTCNfrmddz.sys Nastepnie zamiesc nowy log zrobiony w trybie normalnym, wystarczy sam frst.txt. Wykonałem WinRE z FRST. W załączniku nowe logi.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-01-2022
Uruchomiony przez venor (administrator) LAPTOP-1B1V6S7M (Acer Aspire A315-55G) (17-01-2022 21:53:08)
Uruchomiony z C:\Users\venor\OneDrive\Pulpit\frst
Załadowane profile: venor
Platform: Microsoft Windows 10 Home Wersja 21H1 19043.1466 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Edge
Tryb startu: Normal
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Acer Incorporated - & gt; ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated - & gt; Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(Acer Incorporated - & gt; Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(Acer Incorporated - & gt; Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(Acer Incorporated - & gt; Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(Acer Incorporated - & gt; Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QALockHandler.exe
(Acer Incorporated - & gt; Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(Adobe Inc. - & gt; Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Dropbox, Inc - & gt; Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc - & gt; Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe & lt; 2 & gt;
(Intel(R) Embedded Subsystems and IP Blocks Group - & gt; Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxext.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ea63d1eddd5853b5\IntelCpHDCPSvc.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ea63d1eddd5853b5\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology - & gt; Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_99239023b47c777a\RstMwService.exe
(Malwarebytes Inc - & gt; Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc - & gt; Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingNews_4.54.22741.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher - & gt; Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Nvidia Corporation - & gt; NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_c4249bf0af3f8396\Display.NvContainer\NVDisplay.Container.exe & lt; 2 & gt;
(Qualcomm Atheros - & gt; Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. - & gt; Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe & lt; 2 & gt;
(Samsung Electronics Co., Ltd. - & gt; Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe
(Shanghai Microvirt Software Technology Co., Ltd. - & gt; ) C:\Program Files\Microvirt\MEmu\MemuService.exe
(Smart Sound Technology - & gt; Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(VMware, Inc. - & gt; VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. - & gt; VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. - & gt; VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. - & gt; VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Windscribe Limited - & gt; Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Wondershare Technology Co.,Ltd - & gt; Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Rejestr (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [RtkAudUService] = & gt; C:\WINDOWS\System32\RtkAudUService64.exe [953120 2019-12-25] (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor)
HKLM-x32\...\Run: [Dropbox] = & gt; C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8806688 2022-01-02] (Dropbox, Inc - & gt; Dropbox, Inc.)
HKLM-x32\...\Run: [FxSound] = & gt; C:\Program Files (x86)\DFX\dfx.exe [1778152 2020-07-31] (FxSound, LLC - & gt; ) [Brak podpisu cyfrowego]
HKU\S-1-5-21-870150861-3523061735-1628765901-1001\...\Run: [IDMan] = & gt; C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5482296 2020-12-25] (Tonec Inc.) [Brak podpisu cyfrowego]
HKU\S-1-5-21-870150861-3523061735-1628765901-1001\...\Run: [EpicGamesLauncher] = & gt; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33618400 2021-12-27] (Epic Games Inc. - & gt; Epic Games, Inc.)
HKU\S-1-5-21-870150861-3523061735-1628765901-1001\...\Run: [Windscribe] = & gt; C:\Program Files (x86)\Windscribe\Windscribe.exe [5461888 2021-08-27] (Windscribe Limited - & gt; Windscribe Limited)
HKU\S-1-5-21-870150861-3523061735-1628765901-1001\...\Run: [MicrosoftEdgeAutoLaunch_E42507F4B7A441295BBD94C1D053B1E7] = & gt; " C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe " --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-870150861-3523061735-1628765901-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-13] (Google LLC - & gt; Google LLC)
==================== Zaplanowane zadania (filtrowane) ============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {04E8864E-9754-4C52-8245-EEE22708C200} - System32\Tasks\ACCBackgroundApplication = & gt; C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated - & gt; )
Task: {08643F8F-DD32-4E0C-993A-BAB90C5D604C} - System32\Tasks\Quick Access = & gt; C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated - & gt; Acer Incorporated)
Task: {13B017CC-96A7-4DE5-B1B2-0D86DF2F0898} - System32\Tasks\Samsung_PSSD_Registration = & gt; C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [497752 2020-04-29] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics)
Task: {145E9856-9710-4444-8B7E-984BC0CE1168} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation - & gt; NVIDIA Corporation)
Task: {1943904A-23DD-4046-B7AB-2655F45264D1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation - & gt; NVIDIA Corporation)
Task: {2463577E-C5E8-4D91-A854-496F98D54724} - System32\Tasks\AcerCMUpdateTask2.1.16258 = & gt; C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated - & gt; )
Task: {2C20C70F-ED7F-4C7A-A646-130970067BA2} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-04] (Google LLC - & gt; Google LLC)
Task: {40CB7D57-3D4C-40B1-B241-8E12DFA70915} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {46B5FB97-D05C-4567-B09E-0D5A97A363F7} - System32\Tasks\CareCenter\DAEMON Tools Lite Automount_Reg_HKCURun_S-1-5-21-870150861-3523061735-1628765901-1001 = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-05-24] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
Task: {479B7CAC-7DB6-4FA0-9E13-E106C651378E} - System32\Tasks\ACC = & gt; C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated - & gt; )
Task: {4A2597D7-6B60-498E-8481-FDD79AE6D063} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-870150861-3523061735-1628765901-500 = & gt; C:\Users\venor\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Brak pliku)
Task: {4FCCCF9F-4C61-40C7-8E61-5FFE55772300} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. - & gt; Adobe Inc.)
Task: {7D91C0C8-D095-47D4-B139-691D0A47653F} - System32\Tasks\Software Update Application = & gt; C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2021-12-30] (Acer Incorporated - & gt; Acer Incorporated)
Task: {8F3DCA1C-768D-4414-9F84-01348FAF935F} - System32\Tasks\DropboxUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc - & gt; Dropbox, Inc.)
Task: {9951A73B-062D-4754-BE52-72E957DC4737} - System32\Tasks\DropboxUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc - & gt; Dropbox, Inc.)
Task: {A1240715-F3E0-41F9-98F0-C0E1522EFF0D} - System32\Tasks\BlueStacksHelper_nxt = & gt; C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-11-01] (Bluestack Systems, Inc - & gt; BlueStack Systems, Inc.)
Task: {A359CEAE-451B-41FA-9F53-2BF201104BF3} - System32\Tasks\UEIPInvitation = & gt; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2019-01-10] (Acer Incorporated - & gt; Acer Incorporated)
Task: {A70225DE-D637-436C-BE24-40E42AECD614} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LAPTOP-1B1V6S7M-venor LAPTOP-1B1V6S7M = & gt; C:\Program Files\Microsoft Office\Office15\MsoSync.exe (Brak pliku)
Task: {A757BC86-8361-4B1D-8547-00F2996D1ED7} - System32\Tasks\UbtFrameworkService = & gt; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268096 2019-01-10] (Acer Incorporated - & gt; Acer Incorporated)
Task: {A8091E21-B3FF-46DE-B2DF-66AE63FC9634} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {A9C04217-7EFE-4446-BD02-BD1F2BFBCC1F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon = & gt; C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-14] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {B4912830-5D8E-417A-ADEB-CADE74C2F015} - System32\Tasks\Microsoft\Office\Office Feature Updates = & gt; C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-14] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {C41232D4-8699-490C-A90E-9368DB9A0CAB} - System32\Tasks\Oem\AcerJumpstartTask = & gt; C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated - & gt; Acer)
Task: {CE8D4D1E-9581-4A40-BBB7-4D870443C568} - System32\Tasks\ACCAgent = & gt; C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated - & gt; )
Task: {F03AFC7B-9262-4972-B34D-A93B6E4F5C20} - System32\Tasks\Power Button = & gt; C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated - & gt; Acer Incorporated)
Task: {FB12EDA3-D7AF-4499-82A8-64566CC41990} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-04] (Google LLC - & gt; Google LLC)
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job = & gt; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job = & gt; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip\..\Interfaces\{47fe9175-1caa-45cd-8cf6-926c9278f013}: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip\..\Interfaces\{b7f6175f-6efb-4238-8ced-438de850fdc7}: [NameServer] 9.9.9.9,149.112.112.112
Tcpip\..\Interfaces\{b7f6175f-6efb-4238-8ced-438de850fdc7}: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip\..\Interfaces\{f2dd053c-4d97-4904-8ae2-5a0935b7c870}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\venor\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-17]
Edge HomePage: Default - & gt; edge://newtab/
Edge Extension: (Download Accelerator & Manager) - C:\Users\venor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhndgfkkkdgjfhmcflckkccomogpeppp [2021-06-08]
Edge Extension: (Browsing Protection by F-Secure) - C:\Users\venor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2021-12-13]
Edge Extension: (IDM Integration Module) - C:\Users\venor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-10-20]
Edge HKU\S-1-5-21-870150861-3523061735-1628765901-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2020-11-25]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 0rlam0q1.default
FF ProfilePath: C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default [2022-01-17]
FF Homepage: Mozilla\Firefox\Profiles\0rlam0q1.default - & gt; about:blank
FF Extension: (Facebook Container) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\@contain-facebook.xpi [2021-08-03]
FF Extension: (Tampermonkey) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\firefox@tampermonkey.net.xpi [2021-04-30]
FF Extension: (HTTPS Everywhere) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\https-everywhere@eff.org.xpi [2021-07-15]
FF Extension: (Użyj Google Translate) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-22]
FF Extension: (Polski Language Pack) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2022-01-14]
FF Extension: (Brak nazwy) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2022-01-02]
FF Extension: (Norton Safe Web) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\nortonsafeweb@symantec.com.xpi [2021-12-14]
FF Extension: (Polish Spellchecker Dictionary) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\pl@dictionaries.addons.mozilla.org.xpi [2020-09-23]
FF Extension: (Chrome Remote Desktop) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\remotedesktop@google.com.xpi [2021-11-11] [UpdateUrl:hxxps://www.gstatic.com/chromoting/firefox_extension/update.json]
FF Extension: (Google Translator for Firefox) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\translator@zoli.bod.xpi [2021-12-03]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-01-16]
FF Extension: (Video DownloadHelper) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-02]
FF Extension: (DownThemAll!) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2021-11-25]
FF Extension: (Greasemonkey) - C:\Users\venor\AppData\Roaming\Mozilla\Firefox\Profiles\0rlam0q1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-01-28]
FF Extension: (Polski Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\langpack-pl@firefox.mozilla.org.xpi [2019-05-14]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2022-01-14] [Przestarzałe]
FF HKU\S-1-5-21-870150861-3523061735-1628765901-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\venor\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\venor\AppData\Roaming\IDM\idmmzcc5 [2021-01-31] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKU\S-1-5-21-870150861-3523061735-1628765901-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2020-04-16] [Przestarzałe]
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: Adobe Acrobat - & gt; C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. - & gt; Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation - & gt; Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\venor\AppData\Local\Google\Chrome\User Data\Default [2022-01-17]
CHR Extension: (Prezentacje) - C:\Users\venor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-13]
CHR Extension: (Dokumenty) - C:\Users\venor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-13]
CHR Extension: (Dysk Google) - C:\Users\venor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-13]
CHR Extension: (Microsoft Defender Browser Protection) - C:\Users\venor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbeeeffjjeopflfhgeknacdieedcoml [2022-01-17]
CHR Extension: (YouTube) - C:\Users\venor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-13]
CHR Extension: (Arkusze) - C:\Users\venor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\venor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-13]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\venor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-13]
CHR Extension: (Gmail) - C:\Users\venor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-13]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-11-17]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-11-17]
Opera:
=======
OPR Profile: C:\Users\venor\AppData\Roaming\Opera Software\Opera Stable [2022-01-16]
OPR DefaultSuggestURL: Opera Stable - & gt; hxxps://www.google.com/complete/search?client=opera & q={searchTerms} & ie={inputEncoding} & oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\venor\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-24]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\venor\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-13]
OPR Extension: (Tampermonkey) - C:\Users\venor\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2021-06-24]
Vivaldi:
=======
VIV Profile: C:\Users\venor\AppData\Local\Vivaldi\User Data\Default [2022-01-14]
VIV Extension: (Browsing Protection by F-Secure) - C:\Users\venor\AppData\Local\Vivaldi\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2021-12-03]
VIV Extension: (IDM Integration Module) - C:\Users\venor\AppData\Local\Vivaldi\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-12-04]
VIV Extension: (e-pity - dodatek) - C:\Users\venor\AppData\Local\Vivaldi\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2021-12-03]
==================== Usługi (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated - & gt; Acer Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. - & gt; Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-02-24] (BattlEye Innovations e.K. - & gt; )
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe [72536 2021-11-04] (Google LLC - & gt; Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation - & gt; Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc - & gt; Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc - & gt; Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-01-02] (Dropbox, Inc - & gt; Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4512448 2020-05-24] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-02-16] (EasyAntiCheat Oy - & gt; Epic Games, Inc)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2022-01-16] (Malwarebytes Inc - & gt; Malwarebytes)
R2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. - & gt; )
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated - & gt; Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated - & gt; Acer Incorporated)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-12-15] (ADLICE (ASCOET JULIEN) - & gt; )
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2019-01-10] (Acer Incorporated - & gt; Acer Incorporated)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746688 2021-04-28] (Oracle Corporation - & gt; Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-14] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-14] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [1300352 2021-08-27] (Windscribe Limited - & gt; Windscribe Limited)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd - & gt; Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_c4249bf0af3f8396\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_c4249bf0af3f8396\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Sterowniki (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated - & gt; Acer Incorporated)
S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher - & gt; Atheros Communications, Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2021-11-01] (Bluestack Systems, Inc - & gt; Bluestack System Inc.)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Power Technology - & gt; Windows (R) Win 7 DDK provider)
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power Technology - & gt; Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-05-24] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-05-24] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-01-16] (Microsoft Windows Hardware Compatibility Publisher - & gt; Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2022-01-16] (Microsoft Windows Hardware Compatibility Publisher - & gt; Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-01-16] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher - & gt; Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher - & gt; Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-16] (Malwarebytes Inc - & gt; Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher - & gt; Malwarebytes)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. - & gt; Maiwei Corporation)
R1 SMR523; C:\WINDOWS\System32\drivers\SMR523.SYS [119888 2020-11-01] (Symantec Corporation - & gt; Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2021-08-27] (Windscribe Limited - & gt; The OpenVPN Project)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [239616 2021-04-28] (Oracle Corporation - & gt; Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249536 2021-04-28] (Oracle Corporation - & gt; Oracle Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2021-03-25] (VMware, Inc. - & gt; VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-03-25] (VMware, Inc. - & gt; VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-10] (VMware, Inc. - & gt; VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-01-14] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2022-01-14] (Microsoft Windows - & gt; Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-14] (Microsoft Windows - & gt; Microsoft Corporation)
S3 WindscribeSplitTunnel; C:\WINDOWS\system32\DRIVERS\WindscribeSplitTunnel.sys [35752 2021-08-27] (Windscribe Limited - & gt; )
R3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2021-08-27] (Windscribe Limited - & gt; WireGuard LLC)
S3 X86BDA; C:\WINDOWS\System32\drivers\OEMDrv.sys [268416 2011-06-08] (Microsoft Windows Hardware Compatibility Publisher - & gt; )
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S0 {DB437C57-08A3-47e9-ACFF-111254F830DF}; system32\drivers\bTCNfrmddz.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc (utworzone) (filtrowane) =========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2022-01-17 21:47 - 2022-01-17 21:47 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-01-17 21:47 - 2022-01-17 21:47 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-01-17 21:47 - 2022-01-17 21:47 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-01-17 21:47 - 2022-01-17 21:47 - 000000000 ____D C:\Users\venor\AppData\LocalLow\IGDump
2022-01-17 21:28 - 2022-01-17 21:42 - 024903680 _____ C:\WINDOWS\system32\config\SYSTEM
2022-01-17 20:06 - 2022-01-17 20:06 - 000000000 ____D C:\TDSSKiller_Quarantine
2022-01-17 20:04 - 2022-01-17 20:12 - 000030720 _____ C:\TDSSKiller.3.1.0.28_17.01.2022_20.04.25_log.txt
2022-01-17 15:36 - 2022-01-17 16:05 - 000000000 ____D C:\KVRT2020_Data
2022-01-16 23:44 - 2022-01-16 23:44 - 000000000 ____D C:\Users\venor\AppData\Local\mbam
2022-01-16 23:42 - 2022-01-16 23:42 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-01-16 23:42 - 2022-01-16 23:42 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-01-16 23:42 - 2022-01-16 23:42 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-01-16 23:42 - 2022-01-16 23:42 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-01-16 23:42 - 2022-01-16 23:42 - 000001997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-16 23:42 - 2022-01-16 23:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-16 23:42 - 2022-01-16 23:42 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-16 23:12 - 2022-01-16 23:12 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-01-15 18:19 - 2022-01-15 18:20 - 000000000 ____D C:\ProgramData\UCheck
2022-01-15 18:00 - 2022-01-16 23:23 - 000671832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-14 21:35 - 2022-01-14 21:43 - 000000000 ____D C:\ProgramData\RogueKiller
2022-01-14 21:35 - 2022-01-14 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2022-01-14 21:35 - 2022-01-14 21:35 - 000000000 ____D C:\Program Files\RogueKiller
2022-01-14 20:06 - 2022-01-17 15:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-14 19:43 - 2022-01-14 19:56 - 000000000 ____D C:\Users\venor\AppData\Roaming\Geek Uninstaller
2022-01-14 19:07 - 2022-01-14 20:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-14 19:06 - 2022-01-14 19:06 - 000041499 _____ C:\Users\venor\Downloads\[nitro.to] Listy do M. 4 _2020_ [m1080p.BluRay.x264.AC3.5.1-NitroTeam] [Film Polski].torrent
2022-01-14 18:52 - 2022-01-14 18:52 - 000001754 _____ C:\Users\venor\Downloads\[nitro.to] Listy do M. 3 (2017) [WEB-DL] [XVID-PiJarS [Film Polski] [avi] [FIONA9].torrent
2022-01-14 18:48 - 2022-01-14 18:48 - 000011563 _____ C:\Users\venor\Downloads\[nitro.to] Listy do M. 3 _2017_ [720p.BDRip.XviD.AC3] [PL].torrent
2022-01-14 00:53 - 2022-01-17 21:53 - 000000000 ____D C:\FRST
2022-01-13 23:08 - 2022-01-13 23:08 - 000002289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-13 20:56 - 2022-01-13 20:56 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 20:56 - 2022-01-13 20:56 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 20:56 - 2022-01-13 20:56 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 20:37 - 2022-01-13 20:37 - 000000000 ___HD C:\$WinREAgent
2022-01-13 00:50 - 2022-01-13 00:51 - 000000000 ____D C:\nowy
2022-01-13 00:37 - 2022-01-13 00:37 - 000016937 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Behawiorysta (2022) [S01E02] [720p] [WEB-DL] [x264] [PL] [GhN] (1).torrent
2022-01-13 00:33 - 2022-01-13 00:33 - 000068122 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Księga Boby Fetta - The Book of Boba Fett (2021) [S01E03] [1080p.WEB.H264] [Napisy PL].torrent
2022-01-11 23:49 - 2022-01-11 23:49 - 000014040 _____ C:\Users\venor\Downloads\[nitro.to] Avira Phantom VPN Pro 2.34.3.23032 Crack Setup.torrent
2022-01-11 23:35 - 2022-01-11 23:35 - 000008446 _____ C:\Users\venor\Downloads\[Filetracker.PL] - AVIRA PHANTOM VPN PRO [2.34.3.23032] [MULTI] [FULL].torrent
2022-01-11 23:26 - 2022-01-11 23:26 - 000016937 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Behawiorysta (2022) [S01E02] [720p] [WEB-DL] [x264] [PL] [GhN] .torrent
2022-01-10 22:53 - 2022-01-10 22:53 - 000000000 ____D C:\ProgramData\Mount and Blade II Bannerlord
2022-01-10 22:52 - 2022-01-15 11:57 - 000000000 ____D C:\Users\venor\OneDrive\Dokumenty\Mount and Blade II Bannerlord
2022-01-10 22:19 - 2022-01-10 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount & Blade II - Bannerlord [GOG.com]
2022-01-10 00:49 - 2022-01-10 00:49 - 000061820 _____ C:\Users\venor\Downloads\[nitro.to] Mount and Blade II_ Bannerlord (2020) [MULTi4-ENG] [GOG] [v1.6.4.288289] [DVD9] [exe] (1).torrent
2022-01-10 00:35 - 2022-01-10 00:35 - 000061820 _____ C:\Users\venor\Downloads\[nitro.to] Mount and Blade II_ Bannerlord (2020) [MULTi4-ENG] [GOG] [v1.6.4.288289] [DVD9] [exe].torrent
2022-01-10 00:28 - 2022-01-10 00:28 - 000093999 _____ C:\Users\venor\Downloads\Mount.and.Blade.II.Bannerlord.v1.5.7.259658-GOG.torrent
2022-01-10 00:19 - 2022-01-10 00:19 - 002330577 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Mount and Blade II Bannerlord _2020_ [ENG] [EXE] [Early Access].torrent
2022-01-10 00:01 - 2022-01-10 00:04 - 000000378 _____ C:\Users\venor\AppData\Roaming\Microsoft\Windows\Start Menu\Mount and Blade II Bannerlord.lnk
2022-01-08 01:32 - 2022-01-08 01:32 - 000006101 _____ C:\Users\venor\Downloads\[nitro.to] CyberGhost VPN 6.0.5.2405 [PL] [Crack] [EXE].torrent
2022-01-08 01:21 - 2022-01-08 01:22 - 000000000 ____D C:\Users\venor\Downloads\[argha-boy] CyberGhost_6.0.4.2205 (2017)
2022-01-08 00:30 - 2022-01-08 00:30 - 000101280 _____ C:\Users\venor\Downloads\[nitro.to] Córka wilka Daughter of the Wolf (2019) [DVDRip] [XviD] [AC3-NN] [Lektor PL].torrent
2022-01-06 23:03 - 2022-01-06 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-01-06 00:52 - 2022-01-06 00:52 - 000057221 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Jak pokochałam gangstera (2022) [NF.WEB-DL.XviD-K83] [Film polski].torrent
2022-01-06 00:39 - 2022-01-06 00:39 - 000103463 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Księga Boby Fetta - The Book of Boba Fett (2021) [S01E02] [1080p.WEB.H264] [Napisy PL].torrent
2022-01-04 23:06 - 2022-01-04 23:06 - 000016517 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Behawiorysta (2022) [S01E01] [720p] [WEB-DL] [x264] [PL] [GhN] .torrent
2022-01-04 23:04 - 2022-01-04 23:04 - 000015648 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Chyłka-Oskarżenie (2021)[S05E06] [720p] [WEB-DL] [x264] [PL] [GhN] .torrent
2022-01-02 01:15 - 2022-01-02 01:15 - 000000745 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Manuela Gretkowska - Mistrzyni [PL] [rar] [FIONA9].torrent
2022-01-02 00:57 - 2022-01-02 00:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-01-02 00:57 - 2022-01-02 00:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-01-02 00:57 - 2022-01-02 00:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-01-02 00:57 - 2022-01-02 00:57 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-01-02 00:45 - 2022-01-02 00:45 - 000028907 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Wesele (2021) [LQ.WEB-DL.XviD-MXFiLMS] [Film polski].torrent
2021-12-30 00:50 - 2021-12-30 00:52 - 000000000 ____D C:\Users\venor\Downloads\The.Matrix.Resurrections.2021.PL.WEB-DL.XviD
2021-12-30 00:50 - 2021-12-30 00:50 - 000015527 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Matrix Zmartwychwstania _ The Matrix Resurrections (2021) [WEB-DL] [XviD] [Napisy PL].torrent
2021-12-30 00:39 - 2021-12-30 00:39 - 000076274 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Księga Boby Fetta - The Book of Boba Fett (2021) [S01E01] [1080p.DSNP.WEB-DL.DDP5.1.Atmos.H.264] [Napisy PL].torrent
2021-12-28 00:30 - 2021-12-28 00:31 - 000000000 ____D C:\Users\venor\Downloads\1977 - Nowa nadzieja
2021-12-28 00:16 - 2022-01-17 01:02 - 000000000 ____D C:\Users\venor\Downloads\Video
2021-12-27 23:58 - 2021-12-27 23:58 - 000001943 _____ C:\Users\venor\Downloads\[Filetracker.PL] - Kronika świąteczna _ The Christmas Chronicles (2018) PLDUB.NF.WEB-DL] [XviD-KiT] [Dubbing PL] [avi] [FIONA9].torrent
2021-12-22 00:01 - 2021-12-22 00:01 - 000115015 _____ C:\Users\venor\Downloads\Click_here.zip
==================== Jeden miesiąc (zmodyfikowane) ==================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2022-01-17 21:51 - 2020-07-24 20:49 - 001855830 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-17 21:51 - 2019-12-07 16:08 - 000820718 _____ C:\WINDOWS\system32\perfh015.dat
2022-01-17 21:51 - 2019-12-07 16:08 - 000164096 _____ C:\WINDOWS\system32\perfc015.dat
2022-01-17 21:51 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-17 21:49 - 2020-05-04 20:47 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-17 21:47 - 2021-07-10 23:53 - 000000000 ____D C:\ProgramData\VMware
2022-01-17 21:47 - 2020-07-24 20:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-17 21:47 - 2020-07-24 20:46 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-17 21:47 - 2020-05-05 09:05 - 000000000 __SHD C:\Users\venor\IntelGraphicsProfiles
2022-01-17 21:47 - 2020-01-22 19:35 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-17 21:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-17 21:47 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-17 21:28 - 2019-12-07 10:03 - 024903680 _____ C:\WINDOWS\system32\config\BCD000000
2022-01-17 21:28 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-01-17 21:22 - 2020-05-05 09:55 - 000000000 ____D C:\Users\venor\AppData\LocalLow\Mozilla
2022-01-17 21:20 - 2020-01-22 19:57 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-17 21:00 - 2020-05-31 22:23 - 000000000 ____D C:\Users\venor\AppData\Roaming\DMCache
2022-01-17 16:58 - 2020-07-24 20:36 - 000000000 ____D C:\Users\venor
2022-01-17 16:26 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-17 16:01 - 2020-07-24 20:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\CareCenter
2022-01-17 16:01 - 2020-06-26 13:17 - 000000000 ____D C:\Users\venor\AppData\Roaming\ProductAuthenticationService
2022-01-17 16:00 - 2021-12-12 23:53 - 000000000 ____D C:\Users\venor\Doctor Web
2022-01-17 01:02 - 2020-05-16 19:57 - 000000000 ____D C:\Users\venor\AppData\Roaming\vlc
2022-01-17 00:09 - 2021-08-14 00:09 - 000000000 ____D C:\ProgramData\F-Secure
2022-01-17 00:09 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-16 23:58 - 2021-08-13 22:58 - 000000000 ____D C:\Users\venor\AppData\LocalLow\aD1rF3aM8r
2022-01-16 23:58 - 2021-08-13 22:58 - 000000000 ____D C:\ProgramData\52
2022-01-16 23:58 - 2020-10-05 18:14 - 000000000 ____D C:\Program Files (x86)\Microsoft Games
2022-01-16 23:40 - 2021-01-31 01:04 - 000000000 ____D C:\Users\venor\AppData\Roaming\IDM
2022-01-16 23:14 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-16 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-16 23:11 - 2021-05-21 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office
2022-01-16 23:11 - 2020-01-22 20:00 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-16 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-01-16 23:08 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-01-16 23:03 - 2021-03-30 23:12 - 000000000 ____D C:\ProgramData\Battle.net
2022-01-16 23:02 - 2020-05-17 15:19 - 000000000 ____D C:\Users\venor\AppData\Local\CrashDumps
2022-01-16 00:37 - 2020-07-24 20:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-15 17:42 - 2020-07-24 19:18 - 000000000 ___DC C:\WINDOWS\Panther
2022-01-15 17:42 - 2020-05-24 14:08 - 000000000 ____D C:\Users\venor\AppData\Roaming\DAEMON Tools Lite
2022-01-15 17:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2022-01-15 15:00 - 2021-12-16 15:38 - 000005348 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for LAPTOP-1B1V6S7M-venor LAPTOP-1B1V6S7M
2022-01-15 11:21 - 2020-07-24 20:51 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-15 11:21 - 2020-07-24 20:51 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-14 23:52 - 2020-10-16 20:31 - 000000000 ____D C:\Program Files (x86)\FreeGrabApp
2022-01-14 23:13 - 2020-07-24 20:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Oem
2022-01-14 23:13 - 2020-01-22 19:54 - 000000000 ____D C:\Program Files (x86)\Acer
2022-01-14 21:20 - 2020-05-16 13:42 - 000000000 ____D C:\Users\venor\AppData\Local\NVIDIA
2022-01-14 21:20 - 2020-05-05 09:06 - 000000000 ____D C:\Users\venor\AppData\Local\NVIDIA Corporation
2022-01-14 21:20 - 2020-01-22 19:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-01-14 21:20 - 2020-01-22 19:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-01-14 21:20 - 2020-01-22 19:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-01-14 21:16 - 2020-09-07 22:36 - 000000000 ____D C:\Users\venor\AppData\Roaming\GlarySoft
2022-01-14 21:16 - 2020-01-22 19:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-14 21:12 - 2020-05-05 09:05 - 000000000 ____D C:\Users\venor\AppData\Roaming\Adobe
2022-01-14 20:14 - 2020-01-22 19:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-14 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-01-14 20:12 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-01-14 20:06 - 2020-01-22 19:57 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-14 20:04 - 2021-08-18 21:28 - 000000000 ____D C:\Users\venor\AppData\Roaming\qBittorrent
2022-01-14 20:04 - 2020-05-16 19:52 - 000000000 ____D C:\Program Files (x86)\IObit
2022-01-14 17:09 - 2020-05-16 20:18 - 000000000 ____D C:\Users\venor\AppData\Local\Adobe
2022-01-14 16:30 - 2020-05-19 11:41 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-14 01:01 - 2021-11-08 01:54 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-14 01:01 - 2020-07-24 20:51 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-14 00:47 - 2020-06-02 19:03 - 000000000 ____D C:\EEK
2022-01-14 00:41 - 2020-06-16 16:12 - 000000000 ____D C:\Users\venor\.VirtualBox
2022-01-14 00:34 - 2020-06-16 16:12 - 000000000 ____D C:\ProgramData\VirtualBox
2022-01-13 23:08 - 2021-01-24 23:28 - 000000000 ____D C:\Users\venor\AppData\Local\Google
2022-01-13 23:08 - 2021-01-16 00:47 - 000000000 ____D C:\Program Files\Google
2022-01-13 21:13 - 2021-08-14 22:03 - 000001427 _____ C:\Users\venor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-01-13 21:01 - 2021-08-14 00:09 - 000000000 ____D C:\Users\venor\AppData\Local\FSDART
2022-01-13 21:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-13 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-13 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-13 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-13 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-13 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-13 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-13 20:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-13 20:37 - 2020-05-05 09:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 20:33 - 2020-05-05 09:41 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-10 22:19 - 2020-01-22 19:35 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-08 01:29 - 2020-05-05 15:17 - 000000000 ____D C:\Users\venor\AppData\Local\D3DSCache
2022-01-08 00:21 - 2020-05-16 19:53 - 000000000 ____D C:\ProgramData\ProductData
2022-01-07 01:19 - 2021-02-02 20:58 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-01-06 23:03 - 2020-05-05 09:14 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-01-03 23:53 - 2020-05-18 20:04 - 000000000 ____D C:\Users\venor\AppData\Local\ElevatedDiagnostics
2022-01-02 13:36 - 2020-06-25 20:15 - 000000000 ____D C:\Users\venor\AppData\Roaming\.tlauncher
2022-01-02 13:36 - 2020-05-31 23:35 - 000000000 ____D C:\Users\venor\AppData\Roaming\.minecraft
2021-12-27 18:24 - 2021-02-15 19:21 - 000000000 ____D C:\Users\venor\AppData\Local\UnrealEngine
2021-12-24 00:23 - 2020-07-24 20:51 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-24 00:23 - 2020-07-24 20:51 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-20 01:17 - 2021-12-13 00:13 - 000000000 ____D C:\WINDOWS\Minidump
2021-12-19 16:38 - 2021-11-18 00:33 - 000116200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2021-12-19 16:38 - 2021-08-28 23:33 - 002225640 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-12-19 16:38 - 2021-08-28 23:33 - 000333288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-12-19 16:38 - 2021-08-28 23:33 - 000217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-12-19 16:38 - 2021-08-28 23:33 - 000197048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-12-19 16:38 - 2021-08-28 23:33 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-12-19 16:38 - 2021-08-28 23:33 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
==================== SigCheck ============================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
==================== Koniec FRST.txt ========================