Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 18-11-2022 Uruchomiony przez user (administrator) DESKTOP-FSCD8NH (Dell Inc. Precision M4800) (23-11-2022 21:01:03) Uruchomiony z C:\Users\user\Downloads Załadowane profile: user Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.2251 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Byte Technologies LLC) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\user\AppData\Local\Temp\~nsuA.tmp\Un_A.exe (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (C:\Program Files\RAVAntivirus\rsEngineSvc.exe ->) (Reason Software Company, Inc -> Reason Cybersecurity Ltd.) C:\Program Files\RAVAntivirus\ui\RAVAntivirus.exe <4> (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3> (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <40> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Vidoc\scrobbler\VidocScrobbler.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2> (services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Reason Software Company, Inc -> Reason Software Company Inc.) C:\Program Files\RAVAntivirus\rsClientSvc.exe (services.exe ->) (Reason Software Company, Inc -> Reason Software Company Inc.) C:\Program Files\RAVAntivirus\rsEngineSvc.exe (svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-11-01] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Brak pliku) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8782592 2015-12-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407232 2015-12-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [717744 2015-11-23] (Waves Inc -> Waves Audio Ltd.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\user\AppData\Local\Microsoft\Teams\Update.exe [2585824 2022-11-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Walliant] => C:\Users\user\AppData\Local\Programs\Walliant\walliant.exe [263272 2020-08-19] (Globalhop Ltd -> Walliant) HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [SteamServerBrowser] => C:\Users\user\AppData\Roaming\SteamServerBrowser\SteamServerBrowser.exe [289304 2021-04-27] (Lyrha Software Technologies Inc. -> ) HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [ProductAuthenticationService] => "C:\Users\user\AppData\Roaming\ProductAuthenticationService\pas.exe" /nogui (Brak pliku) <==== UWAGA HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-09-29] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3149608 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Opera GX Stable] => C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe [2404096 2022-05-10] (Opera Software AS -> Opera Software) HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1689600 2020-07-09] (Informer Technologies, Inc.) [Brak podpisu cyfrowego] HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\user\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892168 2022-11-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4245352 2022-11-19] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1990702335-2584829588-1078921940-1001\...\Run: [Discord] => C:\Users\user\AppData\Local\Discord\Update.exe [1525032 2022-08-08] (Discord Inc. -> GitHub) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-12] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0DE76E08-B566-4810-BD43-64069C469BBB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {22EF4A28-F59B-40AF-803F-A4B20F9998A1} - System32\Tasks\WpsExternal_user_20221028213517 => C:\Users\user\AppData\Local\Kingsoft\WPS Office\11.2.0.11380\office6\wpscloudsvr.exe [1061512 2022-10-28] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {4B813F32-DED7-41F5-8B14-DEB10793C6BC} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [552496 2022-03-10] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC) Task: {4C7E2ACC-A6C6-4807-AD5A-BB5E081BBA82} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software) Task: {5C72E338-EC96-4F88-879A-79A7B59E50A9} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [69056 2022-11-02] (Microsoft Corporation -> Microsoft) Task: {66A11858-1F72-48D2-A3B3-6BD2721E7D60} - System32\Tasks\WpsUpdateTask_user => C:\Users\user\AppData\Local\Kingsoft\WPS Office\11.2.0.11380\office6\wpsupdate.exe [172168 2022-10-28] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {6CA4BE0A-FD0D-456C-BDF7-9A369E7C38C1} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1644845756 => C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe [2404096 2022-05-10] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\user\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {70776E36-97F5-4E9D-AFBD-E3223E35C814} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-12-10] (Google Inc -> Google LLC) Task: {7B72C920-A89E-41F5-83EB-260AD0E73CDD} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407232 2015-12-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {7D0A3FC3-B830-422C-8D85-C77BDED3683F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-12-10] (Google Inc -> Google LLC) Task: {A9E9BCCF-2BF0-43D0-817B-80236D7F9D03} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-11-01] (Avast Software s.r.o. -> AVAST Software) Task: {BD77F636-9EB3-4802-BCD1-912B53F2C8E4} - System32\Tasks\Vidoc => C:\Program Files (x86)\Vidoc\Vidoc.exe [235992 2022-01-24] (Plum Research Spółka Akcyjna -> ) Task: {BF8CDD06-D807-497A-B43D-999DB58A0B90} - System32\Tasks\Opera GX scheduled Autoupdate 1642255176 => C:\Users\user\AppData\Local\Programs\Opera GX\launcher.exe [2404096 2022-05-10] (Opera Software AS -> Opera Software) Task: {C09A4BC2-35AA-4ACC-99B6-86FD50ADD0B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {CA0307A1-9CC0-4764-A7E2-F0948C4DFE01} - System32\Tasks\Opera scheduled Autoupdate 1607941080 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Brak pliku) Task: {DC8A9FCE-0226-4542-BA57-283601A484D8} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1689600 2020-07-09] (Informer Technologies, Inc.) [Brak podpisu cyfrowego] Task: {F6F4E2B8-107D-46A5-B5C8-D741B0B17B31} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2104816 2018-09-28] (NVIDIA Corporation -> ) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b46420dd-c9b7-4679-a9bb-34d4e9f428e9}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{df1e515d-5b1c-4b86-b58f-c635a1f1c718}: [DhcpNameServer] 192.168.0.1 Edge: ======= DownloadDir: C:\Users\user\Downloads Edge HomeButtonPage: HKU\S-1-5-21-1990702335-2584829588-1078921940-1001 -> hxxps://teams.microsoft.com/_#/school//?ctx=teamsGrid Edge Notifications: HKU\S-1-5-21-1990702335-2584829588-1078921940-1001 -> hxxps://teams.microsoft.com Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-14] Edge DownloadDir: Default -> C:\Users\user\Downloads Edge Notifications: Default -> hxxps://teams.microsoft.com Edge Extension: (Outlook) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-12-19] Edge Extension: (Word) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-12-19] Edge Extension: (Excel) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-12-19] Edge Extension: (PowerPoint) - C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-12-19] FireFox: ======== FF DefaultProfile: js1lc5qn.default FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\js1lc5qn.default [2020-12-17] FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\r30al5ra.default-release [2021-05-13] FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-18] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-18] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2022-11-23] CHR Notifications: Default -> hxxps://aternos.org; hxxps://teams.microsoft.com; hxxps://wholeniceblog.com; hxxps://www.facebook.com CHR Extension: (Adblock dla Youtube™) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-11-18] CHR Extension: (alerabat.com | kupony i cashback) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacdinoicboceafielngnmjjplncljhj [2022-11-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-02-26] CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-02-26] CHR Extension: (Prezentacje) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-12] CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-12] CHR Extension: (Dysk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-12] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-12] CHR Extension: (Arkusze) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-12] CHR Extension: (McAfee® WebAdvisor) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-02-23] CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-22] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-12] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-12] CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-26] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] Opera: ======= OPR Profile: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable [2020-12-14] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} StartMenuInternet: (HKU\S-1-5-21-1990702335-2584829588-1078921940-1001) Opera GXStable - "C:\Users\user\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539032 2022-11-14] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-03-04] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-10] (Epic Games Inc. -> Epic Games, Inc.) S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [5810832 2021-09-09] (Int3 Software AB -> Int3 Software AB) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [860640 2022-11-12] (McAfee, LLC -> McAfee, LLC) R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [4716288 2018-09-28] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts) R2 rsClientSvc; C:\Program Files\RAVAntivirus\rsClientSvc.exe [384392 2021-03-12] (Reason Software Company, Inc -> Reason Software Company Inc.) R2 rsEngineSvc; C:\Program Files\RAVAntivirus\rsEngineSvc.exe [388544 2021-03-12] (Reason Software Company, Inc -> Reason Software Company Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 VidocScrobbler; C:\Program Files (x86)\Vidoc\Scrobbler\VidocScrobbler.exe [3268608 2022-01-24] () [Brak podpisu cyfrowego] S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1058504 2021-08-07] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382504 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-11-01] (Avast Software s.r.o. -> AVAST Software) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.) S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-09-10] (Int3 Software AB -> ) R1 rsKernelEngine; C:\WINDOWS\System32\DRIVERS\rsKernelEngine.sys [47496 2021-03-12] (Reason Software Company Inc. -> Windows (R) Win 7 DDK provider) R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> ) R1 TASANTIVIRUSKD; C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [85480 2020-12-14] (Digital Communications Inc -> Corp DCom) <==== UWAGA R3 wbfcvusbdrv; C:\WINDOWS\System32\Drivers\wbfcvusbdrv.sys [20064 2016-08-30] (Broadcom Corporation -> Broadcom Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-11-23 21:01 - 2022-11-23 21:04 - 000027732 _____ C:\Users\user\Downloads\FRST.txt 2022-11-23 20:59 - 2022-11-23 21:03 - 000000000 ____D C:\FRST 2022-11-23 20:58 - 2022-11-23 20:59 - 002375680 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2022-11-23 20:20 - 2022-11-23 20:20 - 000000421 _____ C:\Users\user\Desktop\zadanie3sprawdzian.ini 2022-11-23 20:13 - 2022-11-23 20:13 - 000000995 _____ C:\Users\user\Downloads\WiÅ_niewski.zip 2022-11-23 20:02 - 2022-11-23 20:15 - 000000253 _____ C:\Users\user\Desktop\123.py 2022-11-20 09:26 - 2022-11-20 09:26 - 000027048 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_288181567783.dll 2022-11-17 14:51 - 2022-11-23 20:14 - 000000421 _____ C:\Users\user\Desktop\zadanie3sprawdzian.py 2022-11-16 21:40 - 2022-11-16 21:40 - 000022921 _____ C:\Users\user\Downloads\2z_sprawdzian.xlsx 2022-11-15 19:46 - 2022-11-15 19:46 - 000001213 _____ C:\Users\user\Desktop\Program.cs 2022-11-14 21:48 - 2022-11-14 21:52 - 000022128 _____ C:\Users\user\Desktop\2z_ćwiczenie_licz_jeżeli.xlsx 2022-11-14 21:16 - 2022-11-14 21:16 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-11-14 21:16 - 2022-11-14 21:16 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll 2022-11-14 21:16 - 2022-11-14 21:16 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-11-14 21:15 - 2022-11-14 21:15 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-11-14 21:05 - 2022-11-14 21:05 - 000000000 ___HD C:\$WinREAgent 2022-11-12 17:23 - 2022-11-12 17:23 - 031623121 _____ C:\Users\user\Desktop\War Thunder - W bitwie 2022-11-12 17-23-25.mp4 2022-11-07 21:30 - 2022-11-07 21:30 - 000005586 _____ C:\Users\user\Desktop\aPKonZeZd1_Wojciech_Wisniewski.zip 2022-11-06 11:02 - 2022-11-06 11:02 - 000000000 _____ C:\Users\user\Desktop\Untitled-1.py 2022-11-02 21:18 - 2022-11-02 21:18 - 000005375 _____ C:\Users\user\Desktop\programy do korewy.zip 2022-11-02 21:11 - 2022-11-02 21:17 - 000001526 _____ C:\Users\user\Desktop\programy do korewy.7z 2022-11-02 20:20 - 2022-11-02 20:20 - 000000860 _____ C:\Users\user\Desktop\Zadanie.2.cs 2022-11-02 20:18 - 2022-11-07 21:26 - 000000000 ____D C:\Users\user\Desktop\aPKonZeZd1_Wojciech_Wisniewski 2022-11-02 20:13 - 2022-11-02 20:13 - 000000000 ____D C:\Users\user\AppData\LocalLow\Temp 2022-11-02 19:53 - 2022-11-02 19:53 - 000001758 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\3082 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\2052 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1055 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1049 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1046 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1045 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1042 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1041 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1040 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1036 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1033 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1031 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1029 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\1028 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\3082 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\2052 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1055 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1049 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1046 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1045 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1042 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1041 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1040 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1036 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1033 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1031 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1029 2022-11-02 19:53 - 2022-11-02 19:53 - 000000000 ____D C:\WINDOWS\system32\1028 2022-11-02 19:50 - 2022-11-02 19:50 - 000000000 ___HD C:\Users\user\Downloads\.vs 2022-11-02 19:49 - 2022-11-02 19:49 - 000001161 _____ C:\Users\user\Downloads\zestaw_1_sebastian_zdanowicz.sln 2022-11-02 19:43 - 2022-11-02 19:43 - 000000000 ____D C:\Users\user\AppData\Roaming\NuGet 2022-11-02 19:43 - 2022-11-02 19:43 - 000000000 ____D C:\Users\user\AppData\Local\Xamarin 2022-11-02 19:40 - 2022-11-02 19:40 - 000000000 ____D C:\Users\user\source 2022-11-02 19:39 - 2022-11-02 19:39 - 000000000 ____D C:\Users\user\AppData\Local\IdentityNexusIntegration 2022-11-02 19:38 - 2022-11-02 19:38 - 000000000 ____D C:\Users\user\AppData\Local\ServiceHub 2022-11-02 19:38 - 2022-11-02 19:38 - 000000000 ____D C:\Users\user\.templateengine 2022-11-02 19:37 - 2022-11-02 20:47 - 000000000 ____D C:\Users\user\Documents\Visual Studio 2022 2022-11-02 19:37 - 2022-11-02 19:46 - 000000000 ____D C:\Users\user\AppData\Local\.IdentityService 2022-11-02 19:37 - 2022-11-02 19:37 - 000000000 ____D C:\Users\user\AppData\Local\Microsoft SDKs 2022-11-02 19:35 - 2022-11-02 19:35 - 000000000 ____D C:\Program Files (x86)\Xamarin 2022-11-02 19:28 - 2022-11-02 19:28 - 000135696 _____ C:\Users\user\Downloads\parentsConsent-9986f1e58dcdbed214af91ca85ca8071.pdf 2022-11-02 19:28 - 2022-11-02 19:28 - 000000000 ____D C:\Program Files (x86)\Android 2022-11-02 19:24 - 2022-11-02 19:24 - 000000000 ____D C:\Program Files\Android 2022-11-02 19:18 - 2022-11-02 19:18 - 000000000 ____D C:\Program Files (x86)\NuGet 2022-11-02 19:15 - 2022-11-02 19:15 - 000000000 ____D C:\Users\user\.dotnet 2022-11-02 19:13 - 2022-11-02 19:18 - 000000000 ____D C:\Program Files\dotnet 2022-11-02 19:13 - 2022-11-02 19:13 - 000000000 ____D C:\Program Files (x86)\dotnet 2022-11-02 19:12 - 2022-11-02 19:12 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2022-11-02 19:10 - 2022-11-02 19:36 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs 2022-11-02 19:09 - 2022-11-02 19:09 - 000001757 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022.lnk 2022-11-02 19:08 - 2022-11-02 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022 2022-11-02 19:08 - 2022-11-02 19:08 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 2022-11-02 19:07 - 2022-11-02 19:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2022-11-02 19:07 - 2022-11-02 19:07 - 000001433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2022-11-02 19:07 - 2022-11-02 19:07 - 000000000 ____D C:\Users\user\AppData\Roaming\Visual Studio Setup 2022-11-02 19:07 - 2022-11-02 19:07 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio 2022-11-01 22:01 - 2022-11-01 22:01 - 002903328 _____ C:\Users\user\Desktop\Prezentacja11listopada_przesuwa_sie_sama.pptx 2022-11-01 21:20 - 2022-11-01 21:20 - 000015736 _____ C:\Users\user\Downloads\baza_normalizacja1.xlsx 2022-11-01 18:04 - 2022-11-01 18:04 - 004083852 _____ C:\WINDOWS\Minidump\110122-31640-01.dmp 2022-11-01 15:10 - 2022-11-01 15:10 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2022-11-01 15:10 - 2022-11-01 15:10 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2022-11-01 10:52 - 2022-11-01 10:52 - 000025632 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_2713404049631.dll 2022-10-31 18:07 - 2022-10-31 18:07 - 000886932 _____ C:\WINDOWS\Minidump\103122-15281-01.dmp 2022-10-31 13:38 - 2022-10-31 13:38 - 000025632 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_145527282375929.dll 2022-10-30 17:39 - 2022-10-30 17:39 - 000024922 _____ C:\Users\user\AppData\Local\recently-used.xbel 2022-10-28 20:35 - 2022-11-15 17:25 - 000003050 _____ C:\WINDOWS\system32\Tasks\WpsExternal_user_20221028213517 2022-10-28 20:35 - 2022-11-15 17:25 - 000002734 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_user 2022-10-28 18:48 - 2022-10-28 18:48 - 034821043 _____ C:\Users\user\Desktop\War Thunder 2022-10-28 19-48-43.mp4 2022-10-28 17:55 - 2022-10-28 17:55 - 000025632 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_25275477868746.dll 2022-10-28 16:27 - 2022-10-28 16:27 - 036134956 _____ C:\Users\user\Desktop\War Thunder 2022-10-28 17-27-09.mp4 2022-10-27 19:45 - 2022-10-27 19:45 - 000025632 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_53569697458901.dll 2022-10-25 15:53 - 2022-11-20 15:41 - 000000048 _____ C:\Users\user\Desktop\program_XD.py 2022-10-25 15:53 - 2022-10-25 15:53 - 000000000 _____ C:\Users\user\Desktop\program_XD.txt ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-11-23 21:05 - 2021-03-12 10:11 - 000000000 ____D C:\Users\user\AppData\Roaming\rav-antivirus-client 2022-11-23 20:40 - 2020-12-10 13:13 - 000000000 ____D C:\Program Files (x86)\Google 2022-11-23 20:37 - 2020-12-14 11:17 - 000000000 ____D C:\Program Files\ByteFence 2022-11-23 20:36 - 2021-04-09 15:21 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2022-11-23 20:33 - 2021-04-09 15:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-11-23 20:33 - 2021-03-12 10:11 - 000000000 ____D C:\Program Files\RAVAntivirus 2022-11-23 20:33 - 2020-12-10 13:13 - 000000000 ____D C:\ProgramData\Avast Software 2022-11-23 20:33 - 2020-12-10 13:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-11-23 20:33 - 2020-12-10 13:09 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles 2022-11-23 20:33 - 2020-12-10 13:06 - 000000000 ____D C:\ProgramData\NVIDIA 2022-11-23 20:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-11-23 20:32 - 2021-04-09 15:14 - 000008192 ___SH C:\DumpStack.log.tmp 2022-11-23 20:32 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-11-23 20:30 - 2022-09-10 17:53 - 000000000 ____D C:\Users\user\AppData\Roaming\Code 2022-11-23 20:15 - 2020-12-19 00:35 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-11-23 20:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-11-23 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-11-23 20:01 - 2021-04-09 15:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-11-20 21:30 - 2022-10-09 11:14 - 000000000 ____D C:\Program Files (x86)\Steam 2022-11-20 19:35 - 2020-12-13 22:26 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps 2022-11-20 19:33 - 2021-04-09 15:18 - 001768820 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-11-20 19:33 - 2019-12-07 16:09 - 000785792 _____ C:\WINDOWS\system32\perfh015.dat 2022-11-20 19:33 - 2019-12-07 16:09 - 000152652 _____ C:\WINDOWS\system32\perfc015.dat 2022-11-20 19:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-11-20 19:27 - 2021-10-25 17:54 - 000000000 ____D C:\WINDOWS\Minidump 2022-11-20 19:26 - 2020-12-10 13:00 - 001267034 ____N C:\WINDOWS\Minidump\112022-21234-01.dmp 2022-11-19 17:49 - 2022-09-10 17:52 - 000000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2022-11-19 17:30 - 2021-07-30 12:13 - 000000000 ____D C:\Users\user\AppData\Local\Avast Software 2022-11-17 03:01 - 2021-04-09 15:14 - 000290768 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-11-17 03:00 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-11-17 03:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-11-15 18:30 - 2021-10-13 16:00 - 000000000 ____D C:\Users\user\AppData\Roaming\discord 2022-11-15 18:17 - 2022-10-16 11:18 - 000000000 ____D C:\Users\user\AppData\Local\Discord 2022-11-15 17:25 - 2021-04-09 15:21 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-11-15 17:25 - 2021-04-09 15:21 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-11-15 17:25 - 2021-04-09 15:21 - 000003274 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-11-15 17:25 - 2021-04-09 15:21 - 000003270 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-11-15 17:25 - 2021-04-09 15:21 - 000002304 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton 2022-11-15 17:25 - 2021-04-09 15:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2022-11-15 02:41 - 2021-12-02 17:47 - 000000000 ____D C:\Program Files (x86)\Origin 2022-11-14 22:02 - 2020-12-10 13:14 - 000382504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2022-11-14 21:21 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-11-14 21:15 - 2021-04-09 15:14 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-11-12 18:34 - 2020-12-15 23:44 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-11-12 18:23 - 2020-12-15 23:43 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-11-12 09:10 - 2020-12-10 13:13 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-11-12 09:10 - 2020-12-10 13:13 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-11-07 21:14 - 2020-12-13 22:20 - 000002363 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2022-11-07 21:14 - 2020-12-13 22:20 - 000002355 _____ C:\Users\user\Desktop\Microsoft Teams.lnk 2022-11-06 21:01 - 2021-03-27 15:00 - 000000000 ____D C:\Users\user\Documents\MPC Beats 2022-11-05 18:02 - 2020-12-10 13:07 - 000000000 ____D C:\Users\user\AppData\Local\PlaceholderTileLogoFolder 2022-11-02 20:20 - 2021-04-17 16:39 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache 2022-11-02 19:49 - 2020-12-10 13:02 - 000000000 ____D C:\Users\user\AppData\Local\Packages 2022-11-02 19:10 - 2022-10-21 15:06 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2022-11-02 19:10 - 2022-07-24 14:15 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-11-02 19:10 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-11-01 18:04 - 2021-11-08 18:40 - 2877094893 _____ C:\WINDOWS\MEMORY.DMP 2022-11-01 15:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-11-01 15:10 - 2020-12-10 13:14 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2022-11-01 15:10 - 2020-12-10 13:14 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2022-11-01 15:10 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-10-31 08:58 - 2021-01-06 14:20 - 000000000 ____D C:\Users\user\AppData\Local\babl-0.1 2022-10-30 17:39 - 2021-01-06 16:42 - 000000000 ____D C:\Users\user\AppData\Local\gtk-2.0 2022-10-28 20:35 - 2021-11-02 22:45 - 000002533 _____ C:\Users\user\Desktop\WPS PDF.lnk 2022-10-25 17:36 - 2022-08-22 12:42 - 000001895 _____ C:\Users\user\Desktop\Crystal Launcher.lnk 2022-10-25 16:09 - 2021-12-24 21:46 - 000000000 ____D C:\Users\user\AppData\Roaming\mpk-mini-software-manager 2022-10-25 15:17 - 2021-02-12 18:11 - 000000000 ____D C:\Users\user\AppData\Roaming\Minecraft_Note_Block_Studio ==================== Pliki w katalogu głównym wybranych folderów ======== 2022-08-22 12:42 - 2022-08-22 12:42 - 000000046 _____ () C:\Users\user\AppData\Roaming\.crystalinst 2020-12-17 07:53 - 2020-12-17 07:53 - 000000000 _____ () C:\Users\user\AppData\Local\BIT37F3.tmp 2021-01-14 08:21 - 2021-01-14 08:21 - 000000000 _____ () C:\Users\user\AppData\Local\BIT47AA.tmp 2021-10-21 16:23 - 2021-10-21 16:23 - 000000000 _____ () C:\Users\user\AppData\Local\BIT85BC.tmp 2021-10-21 16:23 - 2021-10-21 16:23 - 000000000 _____ () C:\Users\user\AppData\Local\BIT85CC.tmp 2020-12-17 07:53 - 2020-12-17 07:53 - 000000000 _____ () C:\Users\user\AppData\Local\BITCBB.tmp 2021-12-13 18:47 - 2021-12-13 18:47 - 000000000 _____ () C:\Users\user\AppData\Local\BITD29A.tmp 2022-09-18 13:39 - 2022-09-18 13:39 - 000000000 _____ () C:\Users\user\AppData\Local\BITE863.tmp 2020-12-14 10:13 - 2021-03-12 13:49 - 000016438 _____ () C:\Users\user\AppData\Local\partner.bmp 2022-10-30 17:39 - 2022-10-30 17:39 - 000024922 _____ () C:\Users\user\AppData\Local\recently-used.xbel 2021-12-02 14:52 - 2021-12-02 14:52 - 000000017 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg 2021-04-17 08:37 - 2021-04-17 08:37 - 000000000 _____ () C:\Users\user\AppData\Local\{216BF51F-53F8-45DA-8B0C-406B3BD2D621} 2021-04-13 07:30 - 2021-04-13 07:30 - 000000000 _____ () C:\Users\user\AppData\Local\{4D69447F-D045-4582-9676-61866F95A99B} 2021-05-27 19:27 - 2021-05-27 19:27 - 000000000 _____ () C:\Users\user\AppData\Local\{50A077CA-3E56-4574-B217-A8724CC76AB0} 2021-02-04 22:23 - 2021-02-04 22:23 - 000000000 _____ () C:\Users\user\AppData\Local\{6A2B26C9-010E-428B-94A2-F29E9A3F3162} 2022-01-04 10:41 - 2022-01-04 10:41 - 000000000 _____ () C:\Users\user\AppData\Local\{BA750F1E-50A0-4D52-AF4B-64F517888484} ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================