avatar
Untitled

Guest 569 23rd Nov, 2022

MARKUP 48.19 KB
                                           
                         Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 18-11-2022
Uruchomiony przez user (administrator)  DESKTOP-FSCD8NH (Dell Inc. Precision M4800) (23-11-2022 21:01:03)
Uruchomiony z C:\Users\user\Downloads
Załadowane profile: user
Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.2251 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Byte Technologies LLC) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\user\AppData\Local\Temp\~nsuA.tmp\Un_A.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\RAVAntivirus\rsEngineSvc.exe ->) (Reason Software Company, Inc -> Reason Cybersecurity Ltd.) C:\Program Files\RAVAntivirus\ui\RAVAntivirus.exe <4>
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <40>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Vidoc\scrobbler\VidocScrobbler.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Reason Software Company, Inc -> Reason Software Company Inc.) C:\Program Files\RAVAntivirus\rsClientSvc.exe
(services.exe ->) (Reason Software Company, Inc -> Reason Software Company Inc.) C:\Program Files\RAVAntivirus\rsEngineSvc.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Brak pliku)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8782592 2015-12-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407232 2015-12-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [717744 2015-11-23] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\user\AppData\Local\Microsoft\Teams\Update.exe [2585824 2022-11-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Walliant] => C:\Users\user\AppData\Local\Programs\Walliant\walliant.exe [263272 2020-08-19] (Globalhop Ltd -> Walliant)
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [SteamServerBrowser] => C:\Users\user\AppData\Roaming\SteamServerBrowser\SteamServerBrowser.exe [289304 2021-04-27] (Lyrha Software Technologies Inc. -> )
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [ProductAuthenticationService] => "C:\Users\user\AppData\Roaming\ProductAuthenticationService\pas.exe" /nogui (Brak pliku) <==== UWAGA
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-09-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3149608 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Opera GX Stable] => C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe [2404096 2022-05-10] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1689600 2020-07-09] (Informer Technologies, Inc.) [Brak podpisu cyfrowego]
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\user\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892168 2022-11-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4245352 2022-11-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Discord] => C:\Users\user\AppData\Local\Discord\Update.exe [1525032 2022-08-08] (Discord Inc. -> GitHub)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-12] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0DE76E08-B566-4810-BD43-64069C469BBB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {22EF4A28-F59B-40AF-803F-A4B20F9998A1} - System32\Tasks\WpsExternal_user_20221028213517 => C:\Users\user\AppData\Local\Kingsoft\WPS Office\11.2.0.11380\office6\wpscloudsvr.exe [1061512 2022-10-28] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {4B813F32-DED7-41F5-8B14-DEB10793C6BC} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [552496 2022-03-10] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
Task: {4C7E2ACC-A6C6-4807-AD5A-BB5E081BBA82} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
Task: {5C72E338-EC96-4F88-879A-79A7B59E50A9} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [69056 2022-11-02] (Microsoft Corporation -> Microsoft)
Task: {66A11858-1F72-48D2-A3B3-6BD2721E7D60} - System32\Tasks\WpsUpdateTask_user => C:\Users\user\AppData\Local\Kingsoft\WPS Office\11.2.0.11380\office6\wpsupdate.exe [172168 2022-10-28] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {6CA4BE0A-FD0D-456C-BDF7-9A369E7C38C1} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1644845756 => C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe [2404096 2022-05-10] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\user\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {70776E36-97F5-4E9D-AFBD-E3223E35C814} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-12-10] (Google Inc -> Google LLC)
Task: {7B72C920-A89E-41F5-83EB-260AD0E73CDD} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407232 2015-12-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {7D0A3FC3-B830-422C-8D85-C77BDED3683F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-12-10] (Google Inc -> Google LLC)
Task: {A9E9BCCF-2BF0-43D0-817B-80236D7F9D03} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
Task: {BD77F636-9EB3-4802-BCD1-912B53F2C8E4} - System32\Tasks\Vidoc => C:\Program Files (x86)\Vidoc\Vidoc.exe [235992 2022-01-24] (Plum Research Spółka Akcyjna -> )
Task: {BF8CDD06-D807-497A-B43D-999DB58A0B90} - System32\Tasks\Opera GX scheduled Autoupdate 1642255176 => C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe [2404096 2022-05-10] (Opera Software AS -> Opera Software)
Task: {C09A4BC2-35AA-4ACC-99B6-86FD50ADD0B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {CA0307A1-9CC0-4764-A7E2-F0948C4DFE01} - System32\Tasks\Opera scheduled Autoupdate 1607941080 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Brak pliku)
Task: {DC8A9FCE-0226-4542-BA57-283601A484D8} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1689600 2020-07-09] (Informer Technologies, Inc.) [Brak podpisu cyfrowego]
Task: {F6F4E2B8-107D-46A5-B5C8-D741B0B17B31} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2104816 2018-09-28] (NVIDIA Corporation -> )

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b46420dd-c9b7-4679-a9bb-34d4e9f428e9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{df1e515d-5b1c-4b86-b58f-c635a1f1c718}: [DhcpNameServer] 192.168.0.1

Edge: 
=======
DownloadDir: C:\Users\user\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1990702335-2584829588-1078921940-1001 -> hxxps://teams.microsoft.com/_#/school//?ctx=teamsGrid
Edge Notifications: HKU\S-1-5-21-1990702335-2584829588-1078921940-1001 -> hxxps://teams.microsoft.com
Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono]
Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono]
Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono]
Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono]
Edge DefaultProfile: Default
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-14]
Edge DownloadDir: Default -> C:\Users\user\Downloads
Edge Notifications: Default -> hxxps://teams.microsoft.com
Edge Extension: (Outlook) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-12-19]
Edge Extension: (Word) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-12-19]
Edge Extension: (Excel) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-12-19]
Edge Extension: (PowerPoint) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-12-19]

FireFox:
========
FF DefaultProfile: js1lc5qn.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\js1lc5qn.default [2020-12-17]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\r30al5ra.default-release [2021-05-13]
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-18] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-18] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2022-11-23]
CHR Notifications: Default -> hxxps://aternos.org; hxxps://teams.microsoft.com; hxxps://wholeniceblog.com; hxxps://www.facebook.com
CHR Extension: (Adblock dla Youtube™) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-11-18]
CHR Extension: (alerabat.com | kupony i cashback) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacdinoicboceafielngnmjjplncljhj [2022-11-17]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-02-26]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-02-26]
CHR Extension: (Prezentacje) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-12]
CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-12]
CHR Extension: (Dysk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-12]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-12]
CHR Extension: (Arkusze) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-02-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-22]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-12]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-12]
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera: 
=======
OPR Profile: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable [2020-12-14]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
StartMenuInternet: (HKU\S-1-5-21-1990702335-2584829588-1078921940-1001) Opera GXStable - "C:\Users\user\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Usługi (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539032 2022-11-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-03-04] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-10] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [5810832 2021-09-09] (Int3 Software AB -> Int3 Software AB)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [860640 2022-11-12] (McAfee, LLC -> McAfee, LLC)
R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [4716288 2018-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 rsClientSvc; C:\Program Files\RAVAntivirus\rsClientSvc.exe [384392 2021-03-12] (Reason Software Company, Inc -> Reason Software Company Inc.)
R2 rsEngineSvc; C:\Program Files\RAVAntivirus\rsEngineSvc.exe [388544 2021-03-12] (Reason Software Company, Inc -> Reason Software Company Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 VidocScrobbler; C:\Program Files (x86)\Vidoc\Scrobbler\VidocScrobbler.exe [3268608 2022-01-24] () [Brak podpisu cyfrowego]
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1058504 2021-08-07] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Sterowniki (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382504 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-09-10] (Int3 Software AB -> )
R1 rsKernelEngine; C:\WINDOWS\System32\DRIVERS\rsKernelEngine.sys [47496 2021-03-12] (Reason Software Company Inc. -> Windows (R) Win 7 DDK provider)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R1 TASANTIVIRUSKD; C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [85480 2020-12-14] (Digital Communications Inc -> Corp DCom) <==== UWAGA
R3 wbfcvusbdrv; C:\WINDOWS\System32\Drivers\wbfcvusbdrv.sys [20064 2016-08-30] (Broadcom Corporation -> Broadcom Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc (utworzone) (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2022-11-23 21:01 - 2022-11-23 21:04 - 000027732 _____ C:\Users\user\Downloads\FRST.txt
2022-11-23 20:59 - 2022-11-23 21:03 - 000000000 ____D C:\FRST
2022-11-23 20:58 - 2022-11-23 20:59 - 002375680 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2022-11-23 20:20 - 2022-11-23 20:20 - 000000421 _____ C:\Users\user\Desktop\zadanie3sprawdzian.ini
2022-11-23 20:13 - 2022-11-23 20:13 - 000000995 _____ C:\Users\user\Downloads\WiÅ_niewski.zip
2022-11-23 20:02 - 2022-11-23 20:15 - 000000253 _____ C:\Users\user\Desktop\123.py
2022-11-20 09:26 - 2022-11-20 09:26 - 000027048 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_288181567783.dll
2022-11-17 14:51 - 2022-11-23 20:14 - 000000421 _____ C:\Users\user\Desktop\zadanie3sprawdzian.py
2022-11-16 21:40 - 2022-11-16 21:40 - 000022921 _____ C:\Users\user\Downloads\2z_sprawdzian.xlsx
2022-11-15 19:46 - 2022-11-15 19:46 - 000001213 _____ C:\Users\user\Desktop\Program.cs
2022-11-14 21:48 - 2022-11-14 21:52 - 000022128 _____ C:\Users\user\Desktop\2z_ćwiczenie_licz_jeżeli.xlsx
2022-11-14 21:16 - 2022-11-14 21:16 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-14 21:16 - 2022-11-14 21:16 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-14 21:16 - 2022-11-14 21:16 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-14 21:15 - 2022-11-14 21:15 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-14 21:05 - 2022-11-14 21:05 - 000000000 ___HD C:\$WinREAgent
2022-11-12 17:23 - 2022-11-12 17:23 - 031623121 _____ C:\Users\user\Desktop\War Thunder - W bitwie 2022-11-12 17-23-25.mp4
2022-11-07 21:30 - 2022-11-07 21:30 - 000005586 _____ C:\Users\user\Desktop\aPKonZeZd1_Wojciech_Wisniewski.zip
2022-11-06 11:02 - 2022-11-06 11:02 - 000000000 _____ C:\Users\user\Desktop\Untitled-1.py
2022-11-02 21:18 - 2022-11-02 21:18 - 000005375 _____ C:\Users\user\Desktop\programy do korewy.zip
2022-11-02 21:11 - 2022-11-02 21:17 - 000001526 _____ C:\Users\user\Desktop\programy do korewy.7z
2022-11-02 20:20 - 2022-11-02 20:20 - 000000860 _____ C:\Users\user\Desktop\Zadanie.2.cs
2022-11-02 20:18 - 2022-11-07 21:26 - 000000000 ____D C:\Users\user\Desktop\aPKonZeZd1_Wojciech_Wisniewski
2022-11-02 20:13 - 2022-11-02 20:13 - 000000000 ____D C:\Users\user\AppData\LocalLow\Temp
2022-11-02 19:53 - 2022-11-02 19:53 - 000001758 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\3082
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\2052
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1055
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1049
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1046
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1045
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1042
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1041
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1040
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1036
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1031
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1029
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1028
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\3082
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\2052
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1055
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1049
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1046
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1045
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1042
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1041
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1040
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1036
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1033
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1031
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1029
2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1028
2022-11-02 19:50 - 2022-11-02 19:50 - 000000000 ___HD C:\Users\user\Downloads\.vs
2022-11-02 19:49 - 2022-11-02 19:49 - 000001161 _____ C:\Users\user\Downloads\zestaw_1_sebastian_zdanowicz.sln
2022-11-02 19:43 - 2022-11-02 19:43 - 000000000 ____D C:\Users\user\AppData\Roaming\NuGet
2022-11-02 19:43 - 2022-11-02 19:43 - 000000000 ____D C:\Users\user\AppData\Local\Xamarin
2022-11-02 19:40 - 2022-11-02 19:40 - 000000000 ____D C:\Users\user\source
2022-11-02 19:39 - 2022-11-02 19:39 - 000000000 ____D C:\Users\user\AppData\Local\IdentityNexusIntegration
2022-11-02 19:38 - 2022-11-02 19:38 - 000000000 ____D C:\Users\user\AppData\Local\ServiceHub
2022-11-02 19:38 - 2022-11-02 19:38 - 000000000 ____D C:\Users\user\.templateengine
2022-11-02 19:37 - 2022-11-02 20:47 - 000000000 ____D C:\Users\user\Documents\Visual Studio 2022
2022-11-02 19:37 - 2022-11-02 19:46 - 000000000 ____D C:\Users\user\AppData\Local\.IdentityService
2022-11-02 19:37 - 2022-11-02 19:37 - 000000000 ____D C:\Users\user\AppData\Local\Microsoft SDKs
2022-11-02 19:35 - 2022-11-02 19:35 - 000000000 ____D C:\Program Files (x86)\Xamarin
2022-11-02 19:28 - 2022-11-02 19:28 - 000135696 _____ C:\Users\user\Downloads\parentsConsent-9986f1e58dcdbed214af91ca85ca8071.pdf
2022-11-02 19:28 - 2022-11-02 19:28 - 000000000 ____D C:\Program Files (x86)\Android
2022-11-02 19:24 - 2022-11-02 19:24 - 000000000 ____D C:\Program Files\Android
2022-11-02 19:18 - 2022-11-02 19:18 - 000000000 ____D C:\Program Files (x86)\NuGet
2022-11-02 19:15 - 2022-11-02 19:15 - 000000000 ____D C:\Users\user\.dotnet
2022-11-02 19:13 - 2022-11-02 19:18 - 000000000 ____D C:\Program Files\dotnet
2022-11-02 19:13 - 2022-11-02 19:13 - 000000000 ____D C:\Program Files (x86)\dotnet
2022-11-02 19:12 - 2022-11-02 19:12 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2022-11-02 19:10 - 2022-11-02 19:36 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2022-11-02 19:09 - 2022-11-02 19:09 - 000001757 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022.lnk
2022-11-02 19:08 - 2022-11-02 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022
2022-11-02 19:08 - 2022-11-02 19:08 - 000000000 ____D C:\Program Files\Microsoft Visual Studio
2022-11-02 19:07 - 2022-11-02 19:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2022-11-02 19:07 - 2022-11-02 19:07 - 000001433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2022-11-02 19:07 - 2022-11-02 19:07 - 000000000 ____D C:\Users\user\AppData\Roaming\Visual Studio Setup
2022-11-02 19:07 - 2022-11-02 19:07 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2022-11-01 22:01 - 2022-11-01 22:01 - 002903328 _____ C:\Users\user\Desktop\Prezentacja11listopada_przesuwa_sie_sama.pptx
2022-11-01 21:20 - 2022-11-01 21:20 - 000015736 _____ C:\Users\user\Downloads\baza_normalizacja1.xlsx
2022-11-01 18:04 - 2022-11-01 18:04 - 004083852 _____ C:\WINDOWS\Minidump\110122-31640-01.dmp
2022-11-01 15:10 - 2022-11-01 15:10 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-01 15:10 - 2022-11-01 15:10 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-11-01 10:52 - 2022-11-01 10:52 - 000025632 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_2713404049631.dll
2022-10-31 18:07 - 2022-10-31 18:07 - 000886932 _____ C:\WINDOWS\Minidump\103122-15281-01.dmp
2022-10-31 13:38 - 2022-10-31 13:38 - 000025632 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_145527282375929.dll
2022-10-30 17:39 - 2022-10-30 17:39 - 000024922 _____ C:\Users\user\AppData\Local\recently-used.xbel
2022-10-28 20:35 - 2022-11-15 17:25 - 000003050 _____ C:\WINDOWS\system32\Tasks\WpsExternal_user_20221028213517
2022-10-28 20:35 - 2022-11-15 17:25 - 000002734 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_user
2022-10-28 18:48 - 2022-10-28 18:48 - 034821043 _____ C:\Users\user\Desktop\War Thunder 2022-10-28 19-48-43.mp4
2022-10-28 17:55 - 2022-10-28 17:55 - 000025632 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_25275477868746.dll
2022-10-28 16:27 - 2022-10-28 16:27 - 036134956 _____ C:\Users\user\Desktop\War Thunder 2022-10-28 17-27-09.mp4
2022-10-27 19:45 - 2022-10-27 19:45 - 000025632 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_53569697458901.dll
2022-10-25 15:53 - 2022-11-20 15:41 - 000000048 _____ C:\Users\user\Desktop\program_XD.py
2022-10-25 15:53 - 2022-10-25 15:53 - 000000000 _____ C:\Users\user\Desktop\program_XD.txt

==================== Jeden miesiąc (zmodyfikowane) ==================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2022-11-23 21:05 - 2021-03-12 10:11 - 000000000 ____D C:\Users\user\AppData\Roaming\rav-antivirus-client
2022-11-23 20:40 - 2020-12-10 13:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-23 20:37 - 2020-12-14 11:17 - 000000000 ____D C:\Program Files\ByteFence
2022-11-23 20:36 - 2021-04-09 15:21 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-11-23 20:33 - 2021-04-09 15:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-23 20:33 - 2021-03-12 10:11 - 000000000 ____D C:\Program Files\RAVAntivirus
2022-11-23 20:33 - 2020-12-10 13:13 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-23 20:33 - 2020-12-10 13:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-11-23 20:33 - 2020-12-10 13:09 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles
2022-11-23 20:33 - 2020-12-10 13:06 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-23 20:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-23 20:32 - 2021-04-09 15:14 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-23 20:32 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-23 20:30 - 2022-09-10 17:53 - 000000000 ____D C:\Users\user\AppData\Roaming\Code
2022-11-23 20:15 - 2020-12-19 00:35 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-23 20:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-23 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-23 20:01 - 2021-04-09 15:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-20 21:30 - 2022-10-09 11:14 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-20 19:35 - 2020-12-13 22:26 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2022-11-20 19:33 - 2021-04-09 15:18 - 001768820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-20 19:33 - 2019-12-07 16:09 - 000785792 _____ C:\WINDOWS\system32\perfh015.dat
2022-11-20 19:33 - 2019-12-07 16:09 - 000152652 _____ C:\WINDOWS\system32\perfc015.dat
2022-11-20 19:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-20 19:27 - 2021-10-25 17:54 - 000000000 ____D C:\WINDOWS\Minidump
2022-11-20 19:26 - 2020-12-10 13:00 - 001267034 ____N C:\WINDOWS\Minidump\112022-21234-01.dmp
2022-11-19 17:49 - 2022-09-10 17:52 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2022-11-19 17:30 - 2021-07-30 12:13 - 000000000 ____D C:\Users\user\AppData\Local\Avast Software
2022-11-17 03:01 - 2021-04-09 15:14 - 000290768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-17 03:00 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-15 18:30 - 2021-10-13 16:00 - 000000000 ____D C:\Users\user\AppData\Roaming\discord
2022-11-15 18:17 - 2022-10-16 11:18 - 000000000 ____D C:\Users\user\AppData\Local\Discord
2022-11-15 17:25 - 2021-04-09 15:21 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-11-15 17:25 - 2021-04-09 15:21 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-15 17:25 - 2021-04-09 15:21 - 000003274 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-11-15 17:25 - 2021-04-09 15:21 - 000003270 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-15 17:25 - 2021-04-09 15:21 - 000002304 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton
2022-11-15 17:25 - 2021-04-09 15:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-11-15 02:41 - 2021-12-02 17:47 - 000000000 ____D C:\Program Files (x86)\Origin
2022-11-14 22:02 - 2020-12-10 13:14 - 000382504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-14 21:21 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-14 21:15 - 2021-04-09 15:14 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-12 18:34 - 2020-12-15 23:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-12 18:23 - 2020-12-15 23:43 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-12 09:10 - 2020-12-10 13:13 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-12 09:10 - 2020-12-10 13:13 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-07 21:14 - 2020-12-13 22:20 - 000002363 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-11-07 21:14 - 2020-12-13 22:20 - 000002355 _____ C:\Users\user\Desktop\Microsoft Teams.lnk
2022-11-06 21:01 - 2021-03-27 15:00 - 000000000 ____D C:\Users\user\Documents\MPC Beats
2022-11-05 18:02 - 2020-12-10 13:07 - 000000000 ____D C:\Users\user\AppData\Local\PlaceholderTileLogoFolder
2022-11-02 20:20 - 2021-04-17 16:39 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache
2022-11-02 19:49 - 2020-12-10 13:02 - 000000000 ____D C:\Users\user\AppData\Local\Packages
2022-11-02 19:10 - 2022-10-21 15:06 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-11-02 19:10 - 2022-07-24 14:15 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-11-02 19:10 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-11-01 18:04 - 2021-11-08 18:40 - 2877094893 _____ C:\WINDOWS\MEMORY.DMP
2022-11-01 15:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-11-01 15:10 - 2020-12-10 13:14 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-01 15:10 - 2020-12-10 13:14 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-01 15:10 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-31 08:58 - 2021-01-06 14:20 - 000000000 ____D C:\Users\user\AppData\Local\babl-0.1
2022-10-30 17:39 - 2021-01-06 16:42 - 000000000 ____D C:\Users\user\AppData\Local\gtk-2.0
2022-10-28 20:35 - 2021-11-02 22:45 - 000002533 _____ C:\Users\user\Desktop\WPS PDF.lnk
2022-10-25 17:36 - 2022-08-22 12:42 - 000001895 _____ C:\Users\user\Desktop\Crystal Launcher.lnk
2022-10-25 16:09 - 2021-12-24 21:46 - 000000000 ____D C:\Users\user\AppData\Roaming\mpk-mini-software-manager
2022-10-25 15:17 - 2021-02-12 18:11 - 000000000 ____D C:\Users\user\AppData\Roaming\Minecraft_Note_Block_Studio

==================== Pliki w katalogu głównym wybranych folderów ========

2022-08-22 12:42 - 2022-08-22 12:42 - 000000046 _____ () C:\Users\user\AppData\Roaming\.crystalinst
2020-12-17 07:53 - 2020-12-17 07:53 - 000000000 _____ () C:\Users\user\AppData\Local\BIT37F3.tmp
2021-01-14 08:21 - 2021-01-14 08:21 - 000000000 _____ () C:\Users\user\AppData\Local\BIT47AA.tmp
2021-10-21 16:23 - 2021-10-21 16:23 - 000000000 _____ () C:\Users\user\AppData\Local\BIT85BC.tmp
2021-10-21 16:23 - 2021-10-21 16:23 - 000000000 _____ () C:\Users\user\AppData\Local\BIT85CC.tmp
2020-12-17 07:53 - 2020-12-17 07:53 - 000000000 _____ () C:\Users\user\AppData\Local\BITCBB.tmp
2021-12-13 18:47 - 2021-12-13 18:47 - 000000000 _____ () C:\Users\user\AppData\Local\BITD29A.tmp
2022-09-18 13:39 - 2022-09-18 13:39 - 000000000 _____ () C:\Users\user\AppData\Local\BITE863.tmp
2020-12-14 10:13 - 2021-03-12 13:49 - 000016438 _____ () C:\Users\user\AppData\Local\partner.bmp
2022-10-30 17:39 - 2022-10-30 17:39 - 000024922 _____ () C:\Users\user\AppData\Local\recently-used.xbel
2021-12-02 14:52 - 2021-12-02 14:52 - 000000017 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg
2021-04-17 08:37 - 2021-04-17 08:37 - 000000000 _____ () C:\Users\user\AppData\Local\{216BF51F-53F8-45DA-8B0C-406B3BD2D621}
2021-04-13 07:30 - 2021-04-13 07:30 - 000000000 _____ () C:\Users\user\AppData\Local\{4D69447F-D045-4582-9676-61866F95A99B}
2021-05-27 19:27 - 2021-05-27 19:27 - 000000000 _____ () C:\Users\user\AppData\Local\{50A077CA-3E56-4574-B217-A8724CC76AB0}
2021-02-04 22:23 - 2021-02-04 22:23 - 000000000 _____ () C:\Users\user\AppData\Local\{6A2B26C9-010E-428B-94A2-F29E9A3F3162}
2022-01-04 10:41 - 2022-01-04 10:41 - 000000000 _____ () C:\Users\user\AppData\Local\{BA750F1E-50A0-4D52-AF4B-64F517888484}

==================== SigCheck ============================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

==================== Koniec  FRST.txt ========================
                      
                                       
To share this paste please copy this url and send to your friends
RAW Paste Data
Recent Pastes
Ta strona używa plików cookie w celu usprawnienia i ułatwienia dostępu do serwisu oraz prowadzenia danych statystycznych. Dalsze korzystanie z tej witryny oznacza akceptację tego stanu rzeczy.
Wykorzystywanie plików Cookie
Jak wyłączyć cookies?
ROZUMIEM