Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 13-12-2020 Uruchomiony przez 48532 (administrator) DESKTOP-H26KQ44 (14-12-2020 15:33:00) Uruchomiony z C:\Users\48532\Desktop\frst Załadowane profile: 48532 Platform: Windows 10 Pro Wersja 1909 18363.1256 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe (Discord Inc. -> Discord Inc.) C:\Users\48532\AppData\Local\Discord\app-0.0.308\Discord.exe <7> (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <3> (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Globalhop Ltd -> Walliant) C:\Users\48532\AppData\Local\Programs\Walliant\walliant.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Users\48532\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.47.10001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\Creative.UWPRPCService.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (The Chromium Authors) [Brak podpisu cyfrowego] C:\Users\48532\AppData\Local\chromium\Application\chrome.exe <9> (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8> (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM-x32\...\Run: [RazerCortex] => "C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe" -autorun HKU\S-1-5-21-1154788345-2746808576-321370114-1001\...\Run: [Chromium] => "c:\users\48532\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-1154788345-2746808576-321370114-1001\...\Run: [GoogleChromeAutoLaunch_46191CD235EC4D7E02B216AF306F9963] => "C:\Users\48532\AppData\Local\chromium\Application\chrome.exe" --no-startup-window /prefetch:5 HKU\S-1-5-21-1154788345-2746808576-321370114-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3421984 2020-12-07] (Valve -> Valve Corporation) HKU\S-1-5-21-1154788345-2746808576-321370114-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32711056 2020-12-12] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1154788345-2746808576-321370114-1001\...\Run: [Discord] => C:\Users\48532\AppData\Local\Discord\app-0.0.308\Discord.exe [91023672 2020-09-10] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-1154788345-2746808576-321370114-1001\...\Run: [Walliant] => C:\Users\48532\AppData\Local\Programs\Walliant\walliant.exe [263272 2020-08-19] (Globalhop Ltd -> Walliant) HKU\S-1-5-21-1154788345-2746808576-321370114-1001\...\RunOnce: [Application Restart #1] => C:\Users\48532\AppData\Local\chromium\Application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session --flag-switches-begin --flag-switches-end --origin-trial-disab (dane wartości zawierają 109 znaków więcej). HKU\S-1-5-21-1154788345-2746808576-321370114-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\SilverSpeedup\SilverSpeedup.exe -startup /RestartByRestartManager:220D94E7-C4BF-47fc-87C8-C7EACF578B1E /RestartByRestartManager:433BE8BD-27B0-4ccd-9102-A71AF3D6897F /RestartByRe (dane wartości zawierają 111 znaków więcej). HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0C5A5887-2A48-4120-9D03-050275CE05BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2BA73742-E256-482E-9AAD-BBFD45DEAFDC} - System32\Tasks\ChromiumUpdateTaskMachineCore => C:\Program Files (x86)\Chromium\Update\ChromiumUpdate.exe [100352 2020-07-04] (Chromium.) [Brak podpisu cyfrowego] <==== UWAGA Task: {4B11EC13-21B9-47BE-9D5F-CEF464D2EC86} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-04] (Mozilla Corporation -> Mozilla Foundation) Task: {881D3370-8856-47B4-8710-87BFDFF3C5F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8E05E9CD-2DA7-414F-8702-0EDD0F7A04A2} - System32\Tasks\ChromiumUpdateTaskMachineUA => C:\Program Files (x86)\Chromium\Update\ChromiumUpdate.exe [100352 2020-07-04] (Chromium.) [Brak podpisu cyfrowego] <==== UWAGA Task: {93DDE989-6E38-43AC-BB96-39D5C9591778} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-06] (Google LLC -> Google LLC) Task: {BFC13AF1-B0AE-4FDC-9ED7-F7D84347E174} - System32\Tasks\Opera GX scheduled Autoupdate 1593428344 => C:\Users\48532\AppData\Local\Programs\Opera GX\launcher.exe [1654808 2020-12-10] (Opera Software AS -> Opera Software) Task: {CB1BBC0F-C783-49D1-9832-A7C0BB0AB7C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-06] (Google LLC -> Google LLC) Task: {CD3FD3A7-6B34-455C-A694-0A3B6835ADE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D25D8099-28B3-4D09-8F24-F566DB5FF8FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 217.113.224.135 217.113.224.36 Tcpip\..\Interfaces\{31aeb93f-8a20-45d4-aa45-f32d2be6a5ad}: [DhcpNameServer] 217.113.224.135 217.113.224.36 Edge: ====== Edge DefaultProfile: Default Edge Profile: C:\Users\48532\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-11] FireFox: ======== FF DefaultProfile: zcbks160.default FF ProfilePath: C:\Users\48532\AppData\Roaming\Mozilla\Firefox\Profiles\zcbks160.default [2020-12-14] FF Extension: (Search Manager) - C:\Users\48532\AppData\Roaming\Mozilla\Firefox\Profiles\zcbks160.default\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23}.xpi [2020-07-04] [UpdateUrl:hxxps://qupotomu.com/update?x=restype=ffjson] FF ProfilePath: C:\Users\48532\AppData\Roaming\Mozilla\Firefox\Profiles\6w4hdhn4.default-release [2020-12-14] FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [2020-07-04] (Chromium.) [Brak podpisu cyfrowego] FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [2020-07-04] (Chromium.) [Brak podpisu cyfrowego] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default [2020-12-14] CHR Notifications: Default -> hxxps://dogry.pl; hxxps://poczta.onet.pl; hxxps://www.facebook.com; hxxps://www.onet.pl CHR Extension: (Prezentacje) - C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-06] CHR Extension: (Dokumenty) - C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-06] CHR Extension: (Dysk Google) - C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (YouTube) - C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-06] CHR Extension: (Arkusze) - C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-06] CHR Extension: (Dokumenty Google offline) - C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-12] CHR Extension: (Usługa zwrotu gotówki LetyShops) - C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default\Extensions\lphicbbhfmllgmomkkhjfkpbdlncafbn [2020-12-11] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-06] CHR Extension: (Gmail) - C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\48532\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-20] CHR Profile: C:\Users\48532\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-14] Opera: ======= OPR Extension: (Rich Hints Agent) - C:\Users\48532\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-29] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-24] (BattlEye Innovations e.K. -> ) S2 chromium; C:\Program Files (x86)\Chromium\Update\ChromiumUpdate.exe [100352 2020-07-04] (Chromium.) [Brak podpisu cyfrowego] <==== UWAGA S3 chromiumm; C:\Program Files (x86)\Chromium\Update\ChromiumUpdate.exe [100352 2020-07-04] (Chromium.) [Brak podpisu cyfrowego] <==== UWAGA S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-11-24] (EasyAntiCheat Oy -> Epic Games, Inc) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-11-23] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-11-23] (Electronic Arts, Inc. -> Electronic Arts) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1631360 2020-12-11] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264152 2020-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 UWPService; C:\Windows\SysWOW64\Creative.UWPRPCService.exe [363968 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [43456 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.) S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-12-14 15:21 - 2020-12-14 15:21 - 000000000 _____ C:\Users\48532\AppData\Local\BIT6EE6.tmp 2020-12-13 22:21 - 2020-12-13 22:21 - 000001443 _____ C:\Users\48532\Desktop\Subnautica.lnk 2020-12-13 21:57 - 2020-12-13 21:57 - 000000000 ____D C:\ProgramData\Unknown Worlds 2020-12-13 21:56 - 2020-12-13 21:56 - 000000000 ____D C:\Users\48532\AppData\LocalLow\Unknown Worlds 2020-12-13 21:24 - 2020-12-13 21:24 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2020-12-13 21:24 - 2020-12-13 21:24 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2020-12-13 21:24 - 2020-12-13 21:24 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput 2020-12-13 12:38 - 2020-12-13 12:38 - 000000000 ____D C:\Users\defaultuser100000.DESKTOP-H26KQ44.000\AppData\Roaming\segurazoclient 2020-12-13 12:38 - 2020-12-13 12:38 - 000000000 ____D C:\Users\defaultuser100000.DESKTOP-H26KQ44.000\AppData\Local\ConnectedDevicesPlatform 2020-12-13 12:38 - 2020-12-13 12:38 - 000000000 ____D C:\Users\defaultuser100000.DESKTOP-H26KQ44.000 2020-12-12 19:56 - 2020-12-14 15:33 - 000000000 ____D C:\FRST 2020-12-12 19:55 - 2020-12-14 15:30 - 000000000 ____D C:\Users\48532\Desktop\frst 2020-12-11 19:22 - 2020-12-11 19:22 - 000000000 _____ C:\Users\48532\AppData\Local\BITCCD8.tmp 2020-12-11 10:19 - 2020-12-14 15:30 - 073662464 _____ C:\Windows\system32\config\SOFTWARE 2020-12-11 10:14 - 2020-12-11 10:19 - 000000000 ____D C:\Windows\Microsoft Antimalware 2020-12-10 14:19 - 2020-12-10 14:19 - 000220784 _____ (AVAST Software) C:\Users\48532\Downloads\avast_free_antivirus_setup_online.exe 2020-12-10 14:12 - 2020-12-10 14:12 - 000000000 ____D C:\Program Files (x86)\7-Zip 2020-12-10 14:11 - 2020-12-10 14:11 - 000000000 ____D C:\Users\48532\AppData\Roaming\BreezyMoluccella 2020-12-10 08:11 - 2020-12-10 08:11 - 000000000 _____ C:\Users\48532\AppData\Local\BIT1F13.tmp 2020-12-09 09:18 - 2020-12-09 09:18 - 000000000 _____ C:\Users\48532\Downloads\Niepotwierdzony 643911.crdownload 2020-12-08 23:58 - 2020-12-08 23:58 - 002045952 _____ C:\Windows\system32\rdpnano.dll 2020-12-08 23:58 - 2020-12-08 23:58 - 001756600 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2020-12-08 23:58 - 2020-12-08 23:58 - 001366144 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2020-12-08 23:58 - 2020-12-08 23:58 - 000171008 _____ C:\Windows\system32\FsNVSDeviceSource.dll 2020-12-08 23:58 - 2020-12-08 23:58 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl 2020-12-08 23:58 - 2020-12-08 23:58 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl 2020-12-08 23:58 - 2020-12-08 23:58 - 000059392 _____ C:\Windows\system32\runexehelper.exe 2020-12-08 23:58 - 2020-12-08 23:58 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt 2020-12-08 23:58 - 2020-12-08 23:58 - 000000357 _____ C:\Windows\system32\DrtmAuth14.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000357 _____ C:\Windows\system32\DrtmAuth13.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin 2020-12-08 23:58 - 2020-12-08 23:58 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin 2020-12-08 22:59 - 2020-12-08 22:59 - 001130915 _____ C:\Users\48532\Downloads\EZFNLauncher.zip 2020-12-07 10:03 - 2020-12-07 10:03 - 000016733 _____ C:\Users\48532\Documents\Bez tytułu 2.odt 2020-12-06 01:42 - 2020-12-06 01:42 - 002572254 _____ C:\Users\48532\Downloads\wezwanie.pdf 2020-12-05 23:39 - 2020-12-05 23:39 - 001114229 _____ C:\Users\48532\Downloads\Wyciag PKO 01.02.2012-11.01.2017.pdf 2020-12-05 22:57 - 2020-12-05 22:57 - 000051885 _____ C:\Users\48532\Downloads\pa-21441-2018-n.pdf 2020-12-05 22:52 - 2020-12-05 22:52 - 000249922 _____ C:\Users\48532\Downloads\formatex_logo_fekvo.eps 2020-12-05 22:40 - 2020-12-05 22:40 - 004938722 _____ C:\Users\48532\Downloads\CCF_000011.pdf 2020-12-03 09:01 - 2020-12-03 09:01 - 058427933 _____ C:\Users\48532\Desktop\20201203_084555_40250446934171.mp4 2020-12-03 09:00 - 2020-12-03 09:01 - 058427933 _____ C:\Users\48532\Downloads\20201203_084555_40250446934171.mp4 2020-11-30 22:01 - 2020-11-30 22:01 - 000000000 ____D C:\Users\defaultuser100000.DESKTOP-H26KQ44\AppData\Roaming\segurazoclient 2020-11-30 22:01 - 2020-11-30 22:01 - 000000000 ____D C:\Users\defaultuser100000.DESKTOP-H26KQ44\AppData\Local\ConnectedDevicesPlatform 2020-11-30 22:01 - 2020-11-30 22:01 - 000000000 ____D C:\Users\defaultuser100000.DESKTOP-H26KQ44 2020-11-30 12:12 - 2020-11-30 12:12 - 000000000 ____D C:\Users\48532\AppData\Local\HelloNeighborReborn 2020-11-25 09:25 - 2020-11-25 09:25 - 000000000 ___SH C:\Users\Public\Shared Files 2020-11-25 09:19 - 2020-11-25 11:46 - 000000000 ____D C:\Users\48532\AppData\Local\NVIDIA Corporation 2020-11-25 09:19 - 2020-11-25 09:19 - 000000000 ____D C:\Users\48532\AppData\Roaming\EasyAntiCheat 2020-11-25 09:19 - 2020-11-25 09:19 - 000000000 ____D C:\Users\48532\AppData\Local\FortniteGame 2020-11-25 09:19 - 2020-11-25 09:19 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2020-11-24 14:25 - 2020-11-27 08:41 - 000000000 ____D C:\Program Files\Epic Games 2020-11-24 14:14 - 2020-11-24 14:14 - 000001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2020-11-24 14:14 - 2020-11-24 14:14 - 000001278 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk 2020-11-24 14:12 - 2020-11-24 14:13 - 044568576 _____ C:\Users\48532\Downloads\EpicInstaller-10.19.2.msi 2020-11-24 06:50 - 2020-11-24 06:50 - 000000000 _____ C:\Users\48532\AppData\Local\BITC3AC.tmp 2020-11-22 20:38 - 2020-11-22 20:38 - 000000000 _____ C:\Users\48532\AppData\Local\{9997F09F-6588-42EA-A50D-5FEE7626E700} 2020-11-22 14:57 - 2020-11-22 14:57 - 000013086 _____ C:\Users\48532\Documents\Bez tytułu 4.odt 2020-11-22 11:58 - 2020-11-22 11:58 - 083364488 _____ (Oracle Corporation) C:\Users\48532\Downloads\jre-8u271-windows-x64.exe 2020-11-22 11:42 - 2020-11-22 16:27 - 009888107 _____ C:\Users\48532\Documents\Bez tytułu 1.odt 2020-11-21 13:15 - 2020-12-14 10:12 - 000000000 ____D C:\Users\48532\AppData\Local\CrashDumps 2020-11-21 13:10 - 2020-11-21 13:12 - 384816720 _____ (Duodian Technology Co. Ltd.) C:\Users\48532\Downloads\nox_setup_v6.6.1.3_full_intl.exe 2020-11-21 13:10 - 2020-11-21 13:12 - 384816720 _____ (Duodian Technology Co. Ltd.) C:\Users\48532\Downloads\nox_setup_v6.6.1.3_full_intl (1).exe 2020-11-20 09:06 - 2020-11-20 09:06 - 000000000 _____ C:\Users\48532\AppData\Local\BIT871E.tmp 2020-11-20 09:06 - 2020-11-20 09:06 - 000000000 _____ C:\Users\48532\AppData\Local\BIT871D.tmp 2020-11-19 14:08 - 2020-11-19 14:08 - 000001931 _____ C:\Users\48532\Desktop\Zoom.lnk 2020-11-19 14:06 - 2020-11-19 14:06 - 014570328 _____ (Zoom Video Communications, Inc.) C:\Users\48532\Downloads\ZoomInstaller (5).exe 2020-11-19 14:06 - 2020-11-19 14:06 - 014570328 _____ (Zoom Video Communications, Inc.) C:\Users\48532\Downloads\ZoomInstaller (4).exe 2020-11-19 14:05 - 2020-11-19 14:05 - 014570328 _____ (Zoom Video Communications, Inc.) C:\Users\48532\Downloads\ZoomInstaller (3).exe 2020-11-19 14:05 - 2020-11-19 14:05 - 014570328 _____ (Zoom Video Communications, Inc.) C:\Users\48532\Downloads\ZoomInstaller (2).exe 2020-11-19 13:15 - 2020-11-19 13:15 - 000000000 ____D C:\Users\48532\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2020-11-16 08:01 - 2020-11-16 08:01 - 000000000 _____ C:\Users\48532\AppData\Local\BIT3688.tmp 2020-11-15 15:30 - 2020-11-15 15:30 - 004075097 _____ C:\Users\48532\Downloads\b.eml 2020-11-14 19:48 - 2020-11-14 19:48 - 016245304 _____ (Proton Technologies AG) C:\Users\48532\Downloads\ProtonVPN_win_v1.17.5.exe ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-12-14 15:32 - 2020-10-14 19:11 - 000000000 ____D C:\Users\48532\AppData\Roaming\discord 2020-12-14 15:32 - 2020-07-08 12:51 - 000000000 ____D C:\Program Files (x86)\Steam 2020-12-14 15:31 - 2020-06-29 19:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-12-14 15:31 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-14 15:30 - 2020-10-04 09:53 - 000000000 ____D C:\Users\48532\AppData\LocalLow\Temp 2020-12-14 15:30 - 2020-06-29 11:30 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2020-12-14 15:30 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI 2020-12-14 15:29 - 2020-08-24 17:20 - 000000000 ____D C:\Users\48532\Documents\Euro Truck Simulator 2 2020-12-14 15:27 - 2020-06-29 11:28 - 001678738 _____ C:\Windows\system32\PerfStringBackup.INI 2020-12-14 15:27 - 2019-03-19 13:24 - 000747884 _____ C:\Windows\system32\perfh015.dat 2020-12-14 15:27 - 2019-03-19 13:24 - 000144532 _____ C:\Windows\system32\perfc015.dat 2020-12-14 13:11 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness 2020-12-14 11:17 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF 2020-12-14 09:49 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\LiveKernelReports 2020-12-13 23:19 - 2020-07-26 13:03 - 000000000 ____D C:\Users\48532\AppData\Roaming\Origin 2020-12-13 23:19 - 2020-06-29 11:31 - 000000000 ____D C:\Users\48532 2020-12-13 23:09 - 2020-06-29 11:38 - 000000000 ____D C:\Users\48532\AppData\Local\PlaceholderTileLogoFolder 2020-12-13 23:08 - 2020-06-29 19:02 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-12-13 21:56 - 2020-06-29 11:53 - 000000000 ____D C:\ProgramData\Packages 2020-12-13 21:56 - 2020-06-29 11:37 - 000000000 ____D C:\Users\48532\AppData\Local\Packages 2020-12-13 21:56 - 2020-06-29 11:37 - 000000000 ____D C:\Users\48532\AppData\Local\D3DSCache 2020-12-13 21:56 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-13 20:49 - 2020-08-31 12:59 - 000000000 ____D C:\Program Files (x86)\Origin Games 2020-12-13 20:49 - 2020-07-26 13:03 - 000000000 ____D C:\Users\48532\AppData\Local\Origin 2020-12-13 20:49 - 2020-07-26 13:03 - 000000000 ____D C:\ProgramData\Origin 2020-12-11 23:16 - 2020-07-11 13:07 - 000000000 ____D C:\Users\48532\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2020-12-11 19:29 - 2020-08-25 08:38 - 000001421 _____ C:\Users\48532\Desktop\Roblox Player.lnk 2020-12-11 19:29 - 2020-06-29 12:14 - 000000000 ____D C:\Users\48532\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2020-12-11 14:25 - 2020-09-19 20:44 - 000001434 _____ C:\Users\48532\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera GX.lnk 2020-12-11 14:25 - 2020-06-29 11:59 - 000004260 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1593428344 2020-12-10 22:11 - 2020-07-18 17:17 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-10 22:11 - 2020-07-18 17:17 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2020-12-10 14:12 - 2020-10-29 20:31 - 000016438 _____ C:\Users\48532\AppData\Local\partner.bmp 2020-12-09 08:08 - 2020-06-29 11:37 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-12-09 08:08 - 2020-06-29 11:37 - 000000000 ___RD C:\Users\48532\3D Objects 2020-12-09 08:07 - 2020-06-29 19:02 - 000470224 _____ C:\Windows\system32\FNTCACHE.DAT 2020-12-09 00:02 - 2019-03-19 13:26 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-12-09 00:02 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2020-12-09 00:02 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Dism 2020-12-09 00:02 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources 2020-12-09 00:02 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe 2020-12-09 00:02 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Dism 2020-12-09 00:02 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences 2020-12-09 00:02 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\PolicyDefinitions 2020-12-09 00:02 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr 2020-12-09 00:02 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender 2020-12-09 00:02 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2020-12-09 00:01 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp 2020-12-08 17:06 - 2020-06-29 11:37 - 000000000 ____D C:\Users\48532\AppData\Local\ConnectedDevicesPlatform 2020-12-08 16:26 - 2020-11-01 20:49 - 000001443 _____ C:\Users\Public\Desktop\The Sims 4.lnk 2020-12-08 07:43 - 2020-08-29 20:29 - 000000000 ____D C:\Users\48532\AppData\Local\ElevatedDiagnostics 2020-12-07 23:47 - 2020-10-14 19:11 - 000002227 _____ C:\Users\48532\Desktop\Discord.lnk 2020-12-07 23:47 - 2020-10-14 19:11 - 000000000 ____D C:\Users\48532\AppData\Local\Discord 2020-12-04 20:51 - 2020-09-01 11:05 - 000000000 ____D C:\Program Files\Rockstar Games 2020-12-04 20:51 - 2020-09-01 11:05 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2020-12-04 19:56 - 2020-06-29 19:02 - 000000000 ____D C:\Windows\system32\Drivers\wd 2020-12-04 14:02 - 2020-07-06 18:44 - 000003568 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-12-04 14:02 - 2020-07-06 18:44 - 000003444 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-12-03 14:14 - 2020-10-06 21:21 - 000002407 _____ C:\Users\48532\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-12-03 14:14 - 2020-06-29 11:38 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1154788345-2746808576-321370114-1001 2020-12-03 08:44 - 2020-07-26 13:04 - 000000000 ____D C:\Program Files (x86)\Origin 2020-12-03 08:01 - 2020-07-06 18:44 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-12-03 08:01 - 2020-07-06 18:44 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-12-01 11:20 - 2020-10-25 17:57 - 000000000 ____D C:\Users\48532\Documents\Zoom 2020-11-30 12:12 - 2020-08-24 09:44 - 000000000 ____D C:\Users\48532\AppData\Local\UnrealEngine 2020-11-30 08:41 - 2020-07-18 17:17 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-30 08:41 - 2020-07-18 17:17 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-25 15:01 - 2020-08-23 13:36 - 000000000 ____D C:\Users\48532\AppData\Roaming\MMFApplications 2020-11-25 11:59 - 2020-06-29 13:39 - 000000000 ____D C:\Program Files (x86)\Nox 2020-11-25 10:59 - 2020-06-29 13:39 - 000000000 ____D C:\Users\48532\AppData\Local\Nox 2020-11-25 09:25 - 2019-03-19 05:52 - 000000000 __SHD C:\Users\Public\Libraries 2020-11-24 14:48 - 2020-06-29 13:43 - 000000295 _____ C:\Users\48532\d4ac4633ebd6440fa397b84f1bc94a3c.7z 2020-11-24 14:26 - 2020-06-29 13:40 - 000000000 ____D C:\Users\48532\vmlogs 2020-11-24 14:26 - 2020-06-29 13:40 - 000000000 ____D C:\Users\48532\AppData\Local\NoxSrv 2020-11-24 14:26 - 2020-06-29 13:40 - 000000000 ____D C:\Users\48532\.android 2020-11-24 14:14 - 2020-08-24 09:44 - 000000000 ____D C:\Program Files (x86)\Epic Games 2020-11-21 13:48 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Registration 2020-11-20 19:35 - 2020-10-03 19:04 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2020-11-20 19:27 - 2020-06-29 14:44 - 000000000 ____D C:\Users\48532\AppData\Roaming\.minecraft 2020-11-19 13:15 - 2020-10-25 09:00 - 000000000 ____D C:\Users\48532\AppData\Roaming\Zoom ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-07-04 16:06 - 2020-07-04 16:08 - 000130204 _____ () C:\Program Files (x86)\Common Files\KUDA-Shaders_v6.1_Legacy.zip 2020-12-10 08:11 - 2020-12-10 08:11 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT1F13.tmp 2020-11-12 21:06 - 2020-11-12 21:06 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT22EF.tmp 2020-11-12 21:06 - 2020-11-12 21:06 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT2300.tmp 2020-11-12 21:06 - 2020-11-12 21:06 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT2312.tmp 2020-11-16 08:01 - 2020-11-16 08:01 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT3688.tmp 2020-10-14 22:01 - 2020-10-14 22:01 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT4DC9.tmp 2020-12-14 15:21 - 2020-12-14 15:21 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT6EE6.tmp 2020-11-20 09:06 - 2020-11-20 09:06 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT871D.tmp 2020-11-20 09:06 - 2020-11-20 09:06 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT871E.tmp 2020-09-03 19:43 - 2020-09-03 19:43 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT8AE2.tmp 2020-07-21 09:20 - 2020-07-21 09:20 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT9094.tmp 2020-07-21 09:20 - 2020-07-21 09:20 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT90A5.tmp 2020-10-27 20:19 - 2020-10-27 20:19 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT9EDD.tmp 2020-10-09 22:02 - 2020-10-09 22:02 - 000000000 _____ () C:\Users\48532\AppData\Local\BIT9F0F.tmp 2020-11-24 06:50 - 2020-11-24 06:50 - 000000000 _____ () C:\Users\48532\AppData\Local\BITC3AC.tmp 2020-12-11 19:22 - 2020-12-11 19:22 - 000000000 _____ () C:\Users\48532\AppData\Local\BITCCD8.tmp 2020-10-29 08:11 - 2020-10-29 08:11 - 000000000 _____ () C:\Users\48532\AppData\Local\BITD1F7.tmp 2020-09-06 09:11 - 2020-09-06 09:11 - 000000000 _____ () C:\Users\48532\AppData\Local\BITF32A.tmp 2020-09-06 09:11 - 2020-09-06 09:11 - 000000000 _____ () C:\Users\48532\AppData\Local\BITF32B.tmp 2020-10-29 20:31 - 2020-12-10 14:12 - 000016438 _____ () C:\Users\48532\AppData\Local\partner.bmp 2020-10-23 20:38 - 2020-10-23 20:38 - 000000000 _____ () C:\Users\48532\AppData\Local\{13E98EC6-AB47-4D44-9407-E9448816264F} 2020-11-22 20:38 - 2020-11-22 20:38 - 000000000 _____ () C:\Users\48532\AppData\Local\{9997F09F-6588-42EA-A50D-5FEE7626E700} ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================