Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 06-10-2021 Uruchomiony przez Fenix (administrator) SWING (08-10-2021 19:28:44) Uruchomiony z E:\Pobrane\FRST Załadowane profile: Fenix Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Safe Mode (with Networking) ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\51.0.15.0\crashpad_handler.exe (Hagel Technologies Ltd. -> Hagel Technologies Ltd.) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\DU Meter\DUMeter.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> ) HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [165928 2021-08-06] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3332156207-579031683-4136996809-1000\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [4245400 2014-02-04] (Hagel Technologies Ltd. -> Hagel Technologies Ltd.) [Brak podpisu cyfrowego] [Plik w użyciu] HKU\S-1-5-21-3332156207-579031683-4136996809-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49952240 2021-09-09] (Google LLC -> ) HKU\S-1-5-21-3332156207-579031683-4136996809-1000\...\Run: [CCleaner Smart Cleaning] => E:\Pobrane\lyy0l.CCleaner.Professional..Business..Technician.5.63.7540.Multilingual.Portable\CCleanerProfessionalPortable\App\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-3332156207-579031683-4136996809-1000\...\Run: [KeePassXC] => C:\Program Files\KeePassXC\KeePassXC.exe [7140552 2021-06-11] (DroidMonkey Apps, LLC -> KeePassXC Team) HKU\S-1-5-21-3332156207-579031683-4136996809-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3332156207-579031683-4136996809-1000\...\Run: [Opera Browser Assistant] => C:\Users\Fenix\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-05] (Opera Software AS -> Opera Software) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\Canon MG3100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAR.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3100 series: C:\Windows\system32\CNMLMAR.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\EPSON PX720WD Series 64MonitorBE: C:\Windows\system32\E_ILMGYE.DLL [118784 2008-11-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\Windows\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.71\Installer\chrmstp.exe [2021-10-03] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) Startup: C:\Users\Fenix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\purevpn — skrót.lnk [2019-01-16] ShortcutTarget: purevpn — skrót.lnk -> C:\Program Files (x86)\PureVPN\purevpn.exe (Brak pliku) Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {26BBB401-3431-420F-8E2F-4F15BA0B2EA1} - System32\Tasks\GoogleUpdateTaskMachineUA1cf9221af9c665e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {2B89F896-E3AC-4AD2-8300-15D8EA53C355} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e9107a77e3dc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {2CC39D82-7E81-4631-8C04-ADB357DBE728} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7685808 2017-09-20] (Piriform Ltd -> Piriform Ltd) Task: {36476D8F-EF1A-4056-9CED-496954599FDA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-23] (Mozilla Corporation -> Mozilla Foundation) Task: {4864C274-54C0-46E4-8503-F35AEDD3FA66} - System32\Tasks\GoogleUpdateTaskMachineUA1d042fb32c5e928 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {4A261964-2A9E-4131-959F-46B9C95129C5} - System32\Tasks\GoogleUpdateTaskMachineCore1d0c0071f973d3f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {6D4512E4-701D-4987-9BE6-8961BCFDF09F} - System32\Tasks\GoogleUpdateTaskMachineUA1d12f849ee45b03 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {8676D003-2DA9-4EB8-BEDA-972CC3F64E71} - System32\Tasks\GoogleUpdateTaskMachineUA1d09073de27101b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {CAC4C4F2-40A5-4A70-865C-100E0F9BE056} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {CD8352DF-B083-4EA7-998A-66627A60BEB4} - System32\Tasks\GoogleUpdateTaskMachineUA1d181a9f235e221 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {D8C020CB-B308-4FE1-9C09-5139AD8C37FC} - System32\Tasks\GoogleUpdateTaskMachineCore1d12f849eca2be0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {E64891D5-B54A-4C21-9DB3-BD19FC5C113A} - System32\Tasks\Opera scheduled Autoupdate 1544381464 => C:\Users\Fenix\AppData\Local\Programs\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software) Task: {E8CA7ACA-8691-4629-8D57-FCCE49F6289B} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9107a5f7981 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {EA01E0D7-5A32-4FB4-84AC-182E4077C4C6} - System32\Tasks\GoogleUpdateTaskMachineUA1d0c0071fb8a85b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.) Task: {F3590AF3-74A6-4B81-A144-FFB4F1DD1398} - System32\Tasks\Opera scheduled assistant Autoupdate 1623590555 => C:\Users\Fenix\AppData\Local\Programs\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Fenix\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {FA6BB872-C8FB-4F94-A656-988188A93E27} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [25600 2016-12-04] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{082514F3-1B81-4268-84E0-3AB91E1AE2AB}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{76DAFAFC-339F-42D0-86D6-9646E6D4CC31}: [DhcpNameServer] 192.168.42.129 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Fenix\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-23] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: cwp03y5u.default FF ProfilePath: C:\Users\Fenix\AppData\Roaming\Mozilla\Firefox\Profiles\cwp03y5u.default [2021-10-06] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-01-26] [Przestarzałe] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-3332156207-579031683-4136996809-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-10-08] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default [2021-10-08] CHR DownloadDir: E:\Pobrane CHR Notifications: Default -> hxxps://krosno.com.pl; hxxps://wrealu24.tv; hxxps://www.google.pl CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/" CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Dokumenty) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Dysk Google) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (PureVPN: #1 Proxy Extension for Chrome) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfidboloedlamgdmenmlbipfnccokknp [2021-10-03] CHR Extension: (YouTube) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Tampermonkey) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-06-06] CHR Extension: (Video Downloader professional) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2021-06-16] CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28] CHR Extension: (Dokumenty Google offline) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-03] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-10-03] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-10-08] CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23] CHR Extension: (Video DownloadHelper) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-07-02] CHR Extension: (Usługa zwrotu gotówki LetyShops) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\lphicbbhfmllgmomkkhjfkpbdlncafbn [2021-10-04] CHR Extension: (Auto Replay for YouTube™) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcdpnidfhfjfbafmpppcplcejgepadbo [2018-02-01] CHR Extension: (Video Downloader PLUS) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2021-10-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (KeePassXC-Browser) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\oboonakemofpalcgghocfoadofidjkkk [2021-07-23] CHR Extension: (Gmail) - C:\Users\Fenix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR HKU\S-1-5-21-3332156207-579031683-4136996809-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKU\S-1-5-21-3332156207-579031683-4136996809-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] CHR HKLM-x32\...\Chrome\Extension: [bfidboloedlamgdmenmlbipfnccokknp] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Opera: ======= OPR Profile: C:\Users\Fenix\AppData\Roaming\Opera Software\Opera Stable [2021-10-08] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Fenix\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekmmelpnmfdegjhnmadddcfjcahpajnm [2021-06-13] OPR Extension: (Rich Hints Agent) - C:\Users\Fenix\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-03] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Fenix\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-03] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [Brak podpisu cyfrowego] S2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-03-19] (Creative Labs) [Brak podpisu cyfrowego] S2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-12-19] (Creative Technology Ltd) [Brak podpisu cyfrowego] S2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2385304 2014-02-04] (Hagel Technologies Ltd. -> Hagel Technologies Ltd.) [Brak podpisu cyfrowego] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [821376 2020-05-22] (EasyAntiCheat Oy -> Epic Games, Inc) S2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-08-06] (ESET, spol. s r.o. -> ESET) S3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-08-06] (ESET, spol. s r.o. -> ESET) S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] S2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7789240 2021-10-06] (Malwarebytes Inc -> Malwarebytes) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2014-02-20] (Microsoft Corporation) [Brak podpisu cyfrowego] S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] (ASUSTeK Computer Inc. -> ) S3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1930240 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) S3 BTCFilterService; C:\Windows\System32\DRIVERS\motfilt.sys [6144 2009-01-29] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc) S3 csravrcp; C:\Windows\System32\DRIVERS\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 CsrBthAudioHF; C:\Windows\System32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrhfgcc; C:\Windows\System32\DRIVERS\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csr_bthav; C:\Windows\System32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 DUMeterDrv; C:\Program Files (x86)\DU Meter\DUMETR64.SYS [20968 2013-03-01] (Hagel Technologies Ltd. -> Hagel Technologies Ltd.) [Brak podpisu cyfrowego] S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [169424 2021-08-06] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [123472 2021-08-06] (ESET, spol. s r.o. -> ESET) S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [194776 2021-08-06] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43904 2021-08-06] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [70232 2021-08-06] (ESET, spol. s r.o. -> ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [55840 2021-08-04] (ESET, spol. s r.o. -> ESET) S1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [107456 2021-08-06] (ESET, spol. s r.o. -> ESET) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Brak podpisu cyfrowego] S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Brak podpisu cyfrowego] R1 googledrivefs3525; C:\Windows\System32\DRIVERS\googledrivefs3525.sys [382944 2021-09-09] (Google LLC -> Google, Inc.) S1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) S2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210344 2021-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-10-08] (Malwarebytes Inc -> Malwarebytes) S3 motandroidusb; C:\Windows\System32\Drivers\motoandroid.sys [31744 2009-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Motorola) S3 motccgp; C:\Windows\System32\DRIVERS\motccgp.sys [21504 2010-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Motorola) S3 motccgpfl; C:\Windows\System32\DRIVERS\motccgpfl.sys [9216 2009-01-29] (Microsoft Windows Hardware Compatibility Publisher -> Motorola) S3 MotDev; C:\Windows\System32\DRIVERS\motodrv.sys [53632 2009-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc) S3 motmodem; C:\Windows\System32\DRIVERS\motmodem.sys [30208 2010-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Motorola) S3 MotoSwitchService; C:\Windows\System32\DRIVERS\motswch.sys [8576 2007-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Motorola) S3 Motousbnet; C:\Windows\System32\DRIVERS\Motousbnet.sys [26624 2010-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Motorola) S3 motusbdevice; C:\Windows\System32\DRIVERS\motusbdevice.sys [10240 2010-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc) S3 MpKslc60edf32; C:\Windows\system32\MpEngineStore\MpKslDrv.sys [47336 2021-01-13] (Microsoft Windows -> Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] (ASUSTeK Computer Inc. -> ) R3 nlwt; C:\Windows\System32\DRIVERS\nlwt.sys [29888 2020-06-10] (TEFINCOM S.A. -> WireGuard LLC) S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [25600 2008-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-08] (Disc Soft Ltd -> Duplex Secure Ltd.) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [39040 2018-02-06] (GZ Systems Limited -> The OpenVPN Project) R3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project) S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv_AMD64.sys [17280 2015-03-14] (ALL WINNER (HONG KONG) LIMITED -> Scott) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation -> Oracle Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-10-08 19:27 - 2021-10-08 19:27 - 000210344 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2021-10-07 21:55 - 2021-10-07 21:55 - 000000008 __RSH C:\ProgramData\ntuser.pol 2021-10-07 19:44 - 2021-10-07 19:44 - 000005399 _____ C:\Users\Fenix\Desktop\asd.txt 2021-10-06 21:18 - 2021-10-06 21:18 - 000020236 _____ C:\Users\Fenix\Desktop\JRT.txt 2021-10-06 19:07 - 2021-10-08 19:17 - 000000000 ____D C:\Users\Fenix\AppData\LocalLow\IGDump 2021-10-06 19:07 - 2021-10-06 19:07 - 000001971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-10-05 21:19 - 2021-10-08 19:27 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2021-10-05 19:56 - 2021-10-06 19:07 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2021-10-05 19:56 - 2021-10-06 19:07 - 000001959 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-10-05 19:56 - 2021-10-05 19:56 - 000000000 ____D C:\ProgramData\MB2Migration 2021-10-05 19:56 - 2021-10-05 19:56 - 000000000 ____D C:\Program Files\Malwarebytes 2021-10-04 19:35 - 2021-10-04 19:35 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-10-03 14:57 - 2021-10-03 14:57 - 000001950 _____ C:\Users\Public\Desktop\Ochrona bankowości internetowej ESET.lnk 2021-10-03 03:46 - 2021-10-03 03:46 - 000002030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-10-03 03:46 - 2021-10-03 03:46 - 000001865 _____ C:\Users\Default\Desktop\Google Slides.lnk 2021-10-03 03:46 - 2021-10-03 03:46 - 000001865 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2021-10-03 03:46 - 2021-10-03 03:46 - 000001853 _____ C:\Users\Default\Desktop\Google Docs.lnk 2021-10-03 02:43 - 2021-09-09 10:29 - 000382944 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3525.sys ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-10-08 19:28 - 2014-04-27 11:10 - 000000000 ____D C:\FRST 2021-10-08 19:27 - 2021-08-03 17:46 - 001646576 _____ C:\Windows\ntbtlog.txt 2021-10-08 19:22 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-10-08 19:21 - 2009-07-14 06:45 - 000029088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2021-10-08 19:21 - 2009-07-14 06:45 - 000029088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2021-10-08 19:18 - 2014-02-04 18:41 - 000000000 ____D C:\Program Files (x86)\Google 2021-10-07 21:49 - 2017-01-24 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard 2021-10-07 21:49 - 2014-07-30 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACE COMBAT ASSAULT HORIZON Enhanced Edition 2021-10-07 21:49 - 2014-02-04 18:13 - 000000000 ____D C:\Users\Fenix 2021-10-07 21:49 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2021-10-07 21:49 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2021-10-06 21:11 - 2014-03-16 09:13 - 000000000 ____D C:\AdwCleaner 2021-10-06 21:08 - 2014-05-19 18:25 - 000000000 ___RD C:\Users\Fenix\Dysk Google 2021-10-06 19:08 - 2021-01-16 18:37 - 000000000 ____D C:\ProgramData\Mozilla 2021-10-06 19:08 - 2018-10-07 13:36 - 000000000 ____D C:\Users\Fenix\AppData\LocalLow\Mozilla 2021-10-05 21:28 - 2018-12-09 20:51 - 000004078 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1544381464 2021-10-05 20:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2021-10-05 20:12 - 2021-06-13 15:22 - 000004270 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1623590555 2021-10-05 19:56 - 2014-05-21 21:57 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2021-10-05 19:56 - 2014-02-14 07:52 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-10-05 19:52 - 2017-07-16 16:50 - 000000000 ____D C:\Users\Fenix\AppData\Roaming\WhatsApp 2021-10-05 18:30 - 2021-01-23 21:23 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-10-05 18:30 - 2018-10-07 13:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-10-04 19:16 - 2014-02-04 22:57 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-10-04 19:16 - 2014-02-04 22:57 - 000000000 ____D C:\Windows\system32\MRT 2021-10-03 15:01 - 2014-05-27 19:21 - 000000000 ____D C:\Users\Fenix\AppData\Roaming\uTorrent 2021-10-03 14:55 - 2018-03-04 18:31 - 000000000 ____D C:\ProgramData\ESET 2021-10-03 14:55 - 2017-09-03 13:41 - 000000000 ____D C:\Program Files\ESET 2021-10-03 10:25 - 2020-03-17 17:45 - 000000000 ___HD C:\Users\Fenix\Desktop\.tmp.drivedownload 2021-10-03 03:46 - 2019-10-16 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-10-03 02:43 - 2017-04-17 09:00 - 000000000 ____D C:\Program Files\Google 2021-10-02 20:57 - 2016-07-28 22:41 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d1e9107a77e3dc 2021-10-02 20:57 - 2016-07-28 22:41 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d1e9107a5f7981 ==================== Pliki w katalogu głównym wybranych folderów ======== 2014-02-04 21:31 - 2017-07-14 20:51 - 000007616 _____ () C:\Users\Fenix\AppData\Local\resmon.resmoncfg 2019-02-25 18:54 - 2020-09-04 17:25 - 000000280 _____ () C:\Users\Fenix\AppData\Local\temp.bat ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2021-10-03 01:16 ==================== Koniec FRST.txt ========================