Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 26-11-2021 Uruchomiony przez ARTUR (administrator) DESKTOP-0VFR1AF (Micro-Star International Co., Ltd. GL65 9SD) (27-11-2021 00:53:47) Uruchomiony z C:\Users\ARTUR\Desktop\Nowy folder (6) Załadowane profile: ARTUR Platform: Microsoft Windows 10 Pro Wersja 21H1 19043.1348 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Users\ARTUR\AppData\Roaming\toc\F73y.exe () [Brak podpisu cyfrowego] C:\Users\ARTUR\AppData\Roaming\toc\JCwgy.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (A-Volute SAS -> A-Volute) C:\Users\ARTUR\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe (DVJ LIMITED -> DVJ LIMITED) C:\Users\ARTUR\AppData\Roaming\ProductAuthenticationService\pas.exe (ESET, spol. s r.o. -> ESET) C:\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\ESET\ESET Security\ekrn.exe (ESET, spol. s r.o. -> ESET) C:\ESET\ESET Security\eOppFrame.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10> (Google LLC -> Google LLC) C:\Users\ARTUR\AppData\Roaming\toc\Chrome\Application\chrome.exe <35> (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_4ea4d8037d4ef09c\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f162aa0e5e56c27a\RtkAudUService64.exe <2> (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) D:\SUPERAntiSpyware\SASCore64.exe (Support.com Inc -> SUPERAntiSpyware) D:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f162aa0e5e56c27a\RtkAudUService64.exe [1272160 2021-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [egui] => C:\ESET\ESET Security\ecmds.exe [167496 2021-11-24] (ESET, spol. s r.o. -> ESET) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1484694994-384001750-1397144298-1001\...\Run: [ProductAuthenticationService] => C:\Users\ARTUR\AppData\Roaming\ProductAuthenticationService\pas.exe [1003024 2021-11-23] (DVJ LIMITED -> DVJ LIMITED) HKU\S-1-5-21-1484694994-384001750-1397144298-1001\...\Run: [toc] => C:\Users\ARTUR\AppData\Roaming\toc\F73y.exe [78336 2021-11-22] () [Brak podpisu cyfrowego] HKU\S-1-5-21-1484694994-384001750-1397144298-1001\...\Run: [SUPERAntiSpyware] => d:\SUPERAntiSpyware\SUPERAntiSpyware.exe [11224432 2021-11-26] (Support.com Inc -> SUPERAntiSpyware) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-24] (Google LLC -> Google LLC) Startup: C:\Users\ARTUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2021-07-23] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> E:\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {2FE055C3-B265-4A0F-BD77-50196D3F809F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-24] (Google LLC -> Google LLC) Task: {6F8034F7-C8F3-4E22-B8CA-5A4ADEFF3377} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7E4B6912-2C78-405D-BF38-2C26900391C0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {823B67ED-BE20-43B3-8756-90F3F03A503B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {9AF3BE23-6CC0-49A7-AFFE-3E97D76A5FEB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => E:\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {AC749026-3CA1-428D-873D-97CCE6013C2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd) Task: {BBEBEE6D-2013-42F4-9B2E-E3209CB9849F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {E0B29ABF-3409-41A7-A94A-F51E7AFE6073} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform) Task: {E4987939-7654-4B81-B6B4-1096E927386B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-24] (Google LLC -> Google LLC) Task: {F12D00BA-70BF-4D42-A385-D8EB0F993A31} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => E:\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 195.130.130.4 195.130.131.4 Tcpip\..\Interfaces\{36685112-d7bd-45fb-ab50-822389815e89}: [DhcpNameServer] 195.130.130.4 195.130.131.4 Tcpip\..\Interfaces\{cd58dce2-81b4-4f24-b946-c6fb44698ac0}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{dc830c34-ff84-4c99-a11c-ae7daf30020d}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\ARTUR\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-26] Edge Extension: (ImTranslator: Tłumacz, Słownik, Głos) - C:\Users\ARTUR\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2021-11-01] Edge HKLM-x32\...\Edge\Extension: [odbmjgikedenicicookngdckhkjbebpd] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> E:\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default [2021-11-27] CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Extension: (Prezentacje) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-01] CHR Extension: (Dokumenty) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-01] CHR Extension: (Dysk Google) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19] CHR Extension: (YouTube) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-01] CHR Extension: (Arkusze) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-01] CHR Extension: (Adblocker for Youtube™) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gakekacnalcpkgkogmbmknlcdikjghba [2021-11-23] [UpdateUrl:hxxps://clients19.google.com/service/update2/crx] <==== UWAGA CHR Extension: (Dokumenty Google offline) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-24] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (ImTranslator: Tłumacz, Słownik, Głos) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2021-10-28] CHR Extension: (Gmail) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Profile: C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-26] CHR Notifications: System Profile -> hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://mail-notification.info; hxxps://mnthor.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://supertopfreegames.com; hxxps://zarabotok-online.xyz CHR HomePage: System Profile -> hxxps://www.google.com/ CHR StartupUrls: System Profile -> "hxxps://www.google.com/" CHR Extension: (Adblocker for Youtube™) - C:\Users\ARTUR\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gakekacnalcpkgkogmbmknlcdikjghba [2021-11-23] [UpdateUrl:hxxps://clients52.google.com/service/update2/crx] <==== UWAGA ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 !SASCORE; d:\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 ekrn; C:\ESET\ESET Security\ekrn.exe [3139904 2021-11-24] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\ESET\ESET Security\ekrn.exe [3139904 2021-11-24] (ESET, spol. s r.o. -> ESET) S3 MBAMService; e:\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-13] (Malwarebytes Inc -> Malwarebytes) R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675392 2021-05-27] (A-Volute SAS -> Nahimic) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1629312 2020-10-10] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_4ea4d8037d4ef09c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_4ea4d8037d4ef09c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BTWDPAN; C:\WINDOWS\System32\drivers\btwdpan.sys [84008 2020-05-21] (Broadcom Corporation -> Broadcom Corporation.) S3 DPIDEFil; C:\WINDOWS\System32\drivers\DPIDEFil.sys [53608 2020-05-01] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183408 2021-11-05] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [124496 2021-11-05] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-05-04] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [201984 2021-11-05] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43920 2021-11-05] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [69736 2021-11-05] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-11-05] (ESET, spol. s r.o. -> ESET) S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2020-05-01] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-13] (Malwarebytes Inc -> Malwarebytes) R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider) R1 SASDIFSV; d:\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; d:\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-02] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-02] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-11-27 00:15 - 2021-11-27 00:15 - 000000000 ____D C:\AdwCleaner 2021-11-26 18:27 - 2021-11-26 18:27 - 000000745 _____ C:\Users\ARTUR\Desktop\SUPERAntiSpyware Free Edition.lnk 2021-11-26 18:27 - 2021-11-26 18:27 - 000000000 ____D C:\Users\ARTUR\AppData\Roaming\SUPERAntiSpyware.com 2021-11-26 18:27 - 2021-11-26 18:27 - 000000000 ____D C:\Users\ARTUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2021-11-26 18:27 - 2021-11-26 18:27 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2021-11-26 17:57 - 2021-11-26 17:57 - 008540344 _____ (Malwarebytes) C:\Users\ARTUR\Desktop\adwcleaner_8.3.1.exe 2021-11-26 16:51 - 2021-11-27 00:53 - 000000000 ____D C:\Users\ARTUR\Desktop\Nowy folder (6) 2021-11-26 16:48 - 2021-11-27 00:53 - 000000000 ____D C:\FRST 2021-11-26 15:30 - 2021-11-26 16:44 - 000000255 _____ C:\DelFix.txt 2021-11-24 23:49 - 2021-11-24 23:49 - 000000203 _____ C:\Users\ARTUR\Desktop\Farming Simulator 22.url 2021-11-24 23:24 - 2021-11-26 18:38 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-11-24 23:24 - 2021-11-24 23:24 - 000000000 ____D C:\Program Files\Google 2021-11-24 23:23 - 2021-11-24 23:23 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-11-24 23:23 - 2021-11-24 23:23 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-11-24 19:27 - 2021-11-24 19:27 - 000000000 ____D C:\Users\ARTUR\AppData\Local\GIANTS Editor 64bit 8.2.2 2021-11-24 18:28 - 2021-11-24 18:28 - 000000000 ____D C:\Users\ARTUR\AppData\Local\GIANTSPackageRegistry 2021-11-24 18:28 - 2021-11-24 18:28 - 000000000 ____D C:\Users\ARTUR\AppData\Local\GIANTS Editor 64bit 8.2.1 2021-11-23 16:42 - 2021-11-23 16:42 - 000000100 _____ C:\Users\ARTUR\Desktop\Wiadomości - Allegro Lokalnie.url 2021-11-23 13:25 - 2021-11-23 13:28 - 000000000 ____D C:\Program Files (x86)\yJFxZgeFU 2021-11-23 13:25 - 2021-11-23 13:28 - 000000000 ____D C:\Program Files (x86)\wPSqXYyiJepU2 2021-11-23 13:25 - 2021-11-23 13:28 - 000000000 ____D C:\Program Files (x86)\wbBneiHMexWWiHmETTR 2021-11-23 13:25 - 2021-11-23 13:28 - 000000000 ____D C:\Program Files (x86)\EhCAWWzncZtBC 2021-11-23 13:25 - 2021-11-23 13:25 - 000000000 ____D C:\Program Files (x86)\DoVsnxxzSHUn 2021-11-23 13:24 - 2021-11-27 00:54 - 000000000 ____D C:\Users\ARTUR\AppData\Roaming\toc 2021-11-23 13:24 - 2018-08-29 15:48 - 000027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys 2021-11-23 13:23 - 2021-11-23 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IJViewer 2021-11-23 13:23 - 2021-11-23 13:30 - 000000000 ____D C:\Program Files (x86)\IJViewer 2021-11-23 11:17 - 2021-11-23 11:17 - 000000000 ____D C:\Users\ARTUR\AppData\Roaming\ProductAuthenticationService 2021-11-23 08:41 - 2021-11-23 08:42 - 000000000 ____D C:\Users\ARTUR\AppData\Local\Overwolf 2021-11-19 15:50 - 2021-11-19 15:51 - 000000049 _____ C:\Users\ARTUR\Desktop\Nowy dokument tekstowy (2).txt 2021-11-19 15:41 - 2021-11-19 15:41 - 000000050 _____ C:\Users\ARTUR\Desktop\WebTv Player.url 2021-11-17 17:07 - 2021-11-17 17:07 - 000000082 _____ C:\Users\ARTUR\Desktop\Rejestracja.url 2021-11-14 23:13 - 2021-11-17 12:41 - 000000000 ____D C:\Users\ARTUR\Desktop\Rachunki za prad PDF 2021-11-14 05:29 - 2021-11-14 05:29 - 000000087 _____ C:\Users\ARTUR\Desktop\Playing with Precum and Cum during a Handjob.url 2021-11-11 23:11 - 2021-11-14 23:10 - 000000000 ____D C:\Users\ARTUR\Desktop\Rachunki za prad 2021-11-11 23:08 - 2021-11-11 23:08 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-11-11 23:08 - 2021-11-11 23:08 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-11-11 23:08 - 2021-11-11 23:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-11 23:08 - 2021-11-11 23:08 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-11 23:04 - 2021-11-11 23:04 - 000000000 ___HD C:\$WinREAgent 2021-11-11 07:18 - 2021-11-11 07:19 - 000000092 _____ C:\Users\ARTUR\Desktop\ADRES Wtorek.txt 2021-11-11 03:33 - 2021-11-11 03:33 - 000002661 _____ C:\Users\ARTUR\Desktop\TikTok.lnk 2021-11-08 05:38 - 2021-11-08 05:38 - 001857684 _____ C:\WINDOWS\Minidump\110821-28953-01.dmp 2021-11-07 15:18 - 2021-11-07 15:18 - 000000120 _____ C:\Users\ARTUR\Desktop\Trójkąt z dwoma chudymi gorącymi laskami po mistrzostwach świata - xHamster.url 2021-11-04 10:59 - 2021-11-04 10:59 - 000000069 _____ C:\Users\ARTUR\Desktop\Commander Skills Update with Midway - YouTube.url 2021-11-04 10:54 - 2021-11-04 10:54 - 000000069 _____ C:\Users\ARTUR\Desktop\World of Warships- Manfred von Richthofen Overconfidence [WIP] — YouTube.url 2021-11-03 05:55 - 2021-11-03 05:55 - 000000150 _____ C:\Users\ARTUR\Desktop\Voyeur House TV 🔥 – #1 FREE Source for hidden real life cams.url 2021-11-02 22:34 - 2021-11-02 22:34 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-02 22:34 - 2021-11-02 22:34 - 000000000 ____D C:\Program Files\PCHealthCheck ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-11-27 00:31 - 2021-02-10 02:39 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-11-27 00:31 - 2019-12-07 16:09 - 000785594 _____ C:\WINDOWS\system32\perfh015.dat 2021-11-27 00:31 - 2019-12-07 16:09 - 000152454 _____ C:\WINDOWS\system32\perfc015.dat 2021-11-27 00:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-11-27 00:29 - 2021-05-25 17:08 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-27 00:29 - 2020-05-05 13:21 - 000000000 ____D C:\Program Files\CCleaner 2021-11-27 00:27 - 2021-02-10 02:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-11-27 00:27 - 2020-05-01 14:59 - 000000000 __SHD C:\Users\ARTUR\IntelGraphicsProfiles 2021-11-27 00:27 - 2020-05-01 14:59 - 000000000 ____D C:\Intel 2021-11-27 00:27 - 2020-05-01 14:52 - 000000000 ____D C:\ProgramData\NVIDIA 2021-11-27 00:27 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-27 00:27 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-11-27 00:04 - 2021-02-10 02:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-26 16:53 - 2020-06-26 10:45 - 000000000 ____D C:\Users\ARTUR\AppData\LocalLow\Temp 2021-11-26 04:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-25 16:33 - 2020-06-08 03:33 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-11-25 16:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-24 23:49 - 2020-05-27 17:48 - 000000000 ____D C:\Users\ARTUR\Documents\My Games 2021-11-24 18:28 - 2021-02-11 05:15 - 000000000 ____D C:\Users\ARTUR\AppData\Local\NVIDIA 2021-11-24 18:20 - 2020-09-02 18:16 - 000001272 _____ C:\Users\ARTUR\Desktop\ESET Online Scanner.lnk 2021-11-24 18:20 - 2020-09-02 18:15 - 000001378 _____ C:\Users\ARTUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-11-24 17:28 - 2020-05-02 18:38 - 000000266 __RSH C:\ProgramData\ntuser.pol 2021-11-23 18:27 - 2020-05-01 15:11 - 000000000 ____D C:\Users\ARTUR\AppData\Local\D3DSCache 2021-11-23 18:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-11-23 13:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2021-11-23 12:39 - 2020-11-01 18:25 - 000000000 ____D C:\Users\ARTUR\Documents\Euro Truck Simulator 2 2021-11-23 00:07 - 2020-12-27 07:19 - 000000000 ____D C:\ProgramData\TruckersMP 2021-11-21 19:16 - 2021-10-09 10:12 - 000000000 ____D C:\Users\ARTUR\Desktop\Nowy folder (2) 2021-11-21 03:01 - 2020-05-01 14:54 - 000000000 ____D C:\ProgramData\Packages 2021-11-18 13:01 - 2021-02-10 00:53 - 000000000 ____D C:\Users\ARTUR 2021-11-18 07:05 - 2021-02-10 02:35 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-11-18 07:05 - 2021-02-10 02:35 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-11-17 21:53 - 2020-05-01 14:50 - 000000000 ____D C:\ProgramData\Package Cache 2021-11-16 20:56 - 2021-02-10 02:35 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-11-15 22:29 - 2020-05-01 14:43 - 000000000 ____D C:\Users\ARTUR\AppData\Local\ConnectedDevicesPlatform 2021-11-12 16:09 - 2020-05-01 14:43 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-11-12 16:01 - 2021-02-10 02:31 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK 2021-11-12 05:39 - 2021-02-10 02:31 - 000448968 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-12 05:38 - 2019-12-07 16:12 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-11-12 05:38 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-11-12 05:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-12 05:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-11 23:10 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-11 03:33 - 2020-12-07 22:48 - 000000000 ____D C:\Users\ARTUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome 2021-11-10 15:35 - 2020-05-02 00:21 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-10 15:34 - 2020-05-02 00:21 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-11-08 05:38 - 2021-08-11 05:08 - 000000000 ____D C:\WINDOWS\Minidump 2021-11-08 05:38 - 2021-08-11 05:07 - 1335727460 ____N C:\WINDOWS\MEMORY.DMP 2021-11-05 04:37 - 2021-05-04 12:13 - 000201984 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys 2021-11-05 04:37 - 2021-05-04 12:13 - 000183408 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys 2021-11-05 04:37 - 2021-05-04 12:13 - 000124496 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys 2021-11-05 04:37 - 2021-05-04 12:13 - 000107456 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2021-11-05 04:37 - 2021-05-04 12:13 - 000069736 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys 2021-11-05 04:37 - 2021-05-04 12:13 - 000043920 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys 2021-10-30 07:14 - 2020-05-01 14:43 - 000000000 ____D C:\Users\ARTUR\AppData\Local\Packages ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-11-01 15:36 - 2020-11-01 15:36 - 000016438 _____ () C:\Users\ARTUR\AppData\Local\partner.bmp 2020-05-01 17:55 - 2020-05-01 17:55 - 000000017 _____ () C:\Users\ARTUR\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================