Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19-12-2024 01 Uruchomiony przez Seba (administrator) DESKTOP-IDJNH3U (Gigabyte Technology Co., Ltd. X38-DS5) (20-12-2024 14:06:57) Uruchomiony z C:\Users\Seba\Desktop\FRST64.exe Załadowane profile: Seba Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.5131 (X64) Język: Polski (Polska) Domyślna przeglądarka: "E:\FireFOx\firefox.exe" -osint -url "%1" Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\avp.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\avpui.exe (explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\Seba\AppData\Local\FluxSoftware\Flux\flux.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\avp.exe <2> (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKU\S-1-5-21-1118339537-3062276718-3520447335-1001\...\Run: [f.lux] => C:\Users\Seba\AppData\Local\FluxSoftware\Flux\flux.exe [1528952 2024-02-21] (F.lux Software LLC -> f.lux Software LLC) AlternateShell: <==== UWAGA GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {6F74EFE3-BB72-4BDC-87B1-98C08AC0F80E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{E217BBEF-1B07-419F-A21A-54C38A707AE4} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [166424 2024-05-14] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {437FEA61-FCD1-4FE0-81FB-776ACB12C759} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{440B2AB6-DF61-4DE2-88DD-F3B40A3EEEE7} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [166424 2024-05-14] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {45154E94-AE31-4510-9712-B5B0B28E5477} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{606E657E-3AD2-48F4-A07B-49132C692391} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC) Task: {B1ABAE75-DD6F-4819-9E69-F26FCAC999F3} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1118339537-3062276718-3520447335-1001 E4674EA2533419F4 => E:\FireFOx\firefox.exe [671808 2024-12-11] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E4674EA2533419F4\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E4674EA2533419F4\backgroundupdate.moz_log --backgroundtask background (dane wartości zawierają 6 znaków więcej). Task: {C184B29A-A5F0-4C4F-94C9-0D8EF87AC346} - System32\Tasks\Mozilla\Firefox Default Browser Agent E4674EA2533419F4 => E:\FireFOx\default-browser-agent.exe [34368 2024-12-11] (Mozilla Corporation -> Mozilla Foundation) <==== UWAGA Task: {86C7EF01-6CD3-4DF2-83C3-FEC87D70DF02} - System32\Tasks\Opera scheduled Autoupdate 1656938251 => C:\Users\Seba\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5812120 2024-11-12] (Opera Norway AS -> Opera Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 178.235.153.33 178.235.153.32 Tcpip\..\Interfaces\{d503ae16-613f-40c9-b2e2-21c0f8fd2fac}: [NameServer] 9.9.9.9 Tcpip\..\Interfaces\{d503ae16-613f-40c9-b2e2-21c0f8fd2fac}: [DhcpNameServer] 178.235.153.33 178.235.153.32 Tcpip\..\Interfaces\{d503ae16-613f-40c9-b2e2-21c0f8fd2fac}: [DhcpDomain] mmp.pl Edge: ======= Edge Profile: C:\Users\Seba\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-25] Edge Extension: (Dokumenty Google offline) - C:\Users\Seba\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-12] Edge Extension: (Edge relevant text changes) - C:\Users\Seba\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-09] FireFox: ======== FF DefaultProfile: ju41unde.default-release FF ProfilePath: C:\Users\Seba\AppData\Roaming\Mozilla\Firefox\Profiles\ju41unde.default-release [2024-12-20] FF DownloadDir: C:\Users\Seba\Desktop FF Homepage: Mozilla\Firefox\Profiles\ju41unde.default-release -> hxxps://www.google.com/ FF Extension: (I still don't care about cookies) - C:\Users\Seba\AppData\Roaming\Mozilla\Firefox\Profiles\ju41unde.default-release\Extensions\idcac-pub@guus.ninja.xpi [2024-01-05] FF Extension: (uBlock Origin) - C:\Users\Seba\AppData\Roaming\Mozilla\Firefox\Profiles\ju41unde.default-release\Extensions\uBlock0@raymondhill.net.xpi [2024-11-26] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Seba\AppData\Roaming\Mozilla\Firefox\Profiles\ju41unde.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2024-05-02] StartMenuInternet: Firefox-E4674EA2533419F4 - E:\FireFOx\firefox.exe Chrome: ======= CHR Profile: C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default [2024-11-29] CHR Extension: (Dokumenty Google offline) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-22] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Seba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-11-22] Opera: ======= OPR DefaultProfile: Default Brave: ======= BRA Profile: C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-11-25] BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-07-19] BRA Extension: (Brave Local Data Files Updater) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-07-19] BRA Extension: (Brave NTP background images) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-05-14] BRA Extension: (Brave Ad Block Updater (Oficjalne Polskie Filtry Przeciwko Alertom o Adblocku (plaintext))) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\beeceepafhbchnbfdkfalfipoancnjkm [2024-07-19] BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-07-19] BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-07-19] BRA Extension: (Brave Ads Resources) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\feeklcgpaolphdiamjaolkkcpbeihkbh [2024-07-19] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-07-19] BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-05-14] BRA Extension: (Brave NTP sponsored images) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodhafecfemgejckecbnmpobnhmoaoag [2024-07-19] BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-07-19] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-07-19] BRA Extension: (Brave Ad Block Updater (Oficjalne Polskie Filtry do AdBlocka (plaintext))) - C:\Users\Seba\AppData\Local\BraveSoftware\Brave-Browser\User Data\ngcohbdfildjnmfnicgdipopmlhdcokg [2024-07-19] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVP21.17; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\avp.exe [32008 2024-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9880840 2023-11-17] (BattlEye Innovations e.K. -> ) S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [166424 2024-05-14] (Brave Software, Inc. -> BraveSoftware Inc.) S4 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\124.1.65.132\elevation_service.exe [2680344 2024-05-10] (Brave Software, Inc. -> Brave Software, Inc.) S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [166424 2024-05-14] (Brave Software, Inc. -> BraveSoftware Inc.) S3 klvssbridge64_21.17; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\vssbridge64.exe [550312 2024-04-15] (AO Kaspersky Lab -> AO Kaspersky Lab) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-28] (Microsoft Windows Publisher -> Microsoft Corporation) S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-09-24] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S4 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-09-24] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-13] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [245192 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 klbackupdisk.K4W-21-17; C:\Windows\system32\DRIVERS\K4W-21-17\klbackupdisk.sys [92184 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt.K4W-21-17; C:\Windows\System32\DRIVERS\K4W-21-17\klbackupflt.sys [250304 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk.K4W-21-17; C:\Windows\system32\DRIVERS\K4W-21-17\kldisk.sys [109600 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [53576 2024-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 KLFLT.K4W-21-17; C:\Windows\system32\DRIVERS\K4W-21-17\klflt.sys [653744 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse.K4W-21-17; C:\Windows\System32\DRIVERS\K4W-21-17\klgse.sys [857432 2024-12-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLHK.K4W-21-17; C:\Windows\system32\DRIVERS\K4W-21-17\klhk.sys [2256200 2024-12-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids.K4W-21-17; C:\ProgramData\Kaspersky Lab\AVP21.17\Bases\klids.sys [236440 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF.K4W-21-17; C:\Windows\System32\DRIVERS\K4W-21-17\klif.sys [1432496 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [86040 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klkbdflt.K4W-21-17; C:\Windows\system32\DRIVERS\K4W-21-17\klkbdflt.sys [99352 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt.K4W-21-17; C:\Windows\system32\DRIVERS\K4W-21-17\klmouflt.sys [92608 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd.K4W-21-17; C:\Windows\System32\DRIVERS\K4W-21-17\klpd.sys [58904 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt.K4W-21-17; C:\Windows\system32\DRIVERS\K4W-21-17\klpnpflt.sys [84400 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_K4W-21-17_arkmon; C:\Windows\System32\Drivers\klupd_K4W-21-17_arkmon.sys [398112 2024-11-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_K4W-21-17_klark; C:\Windows\System32\Drivers\klupd_K4W-21-17_klark.sys [362456 2024-11-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_K4W-21-17_klbg; C:\Windows\System32\Drivers\klupd_K4W-21-17_klbg.sys [198728 2024-11-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_K4W-21-17_mark; C:\Windows\System32\Drivers\klupd_K4W-21-17_mark.sys [265816 2024-11-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp.K4W-21-17; C:\Windows\system32\DRIVERS\K4W-21-17\klwtp.sys [522688 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps.K4W-21-17; C:\Windows\system32\DRIVERS\K4W-21-17\kneps.sys [368688 2024-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2023-11-23] (Microsoft Corporation) [Brak podpisu cyfrowego] S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [78216 2020-08-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [430320 2020-08-13] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-13] (Microsoft Windows -> Microsoft Corporation) S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2022-06-04] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Trzy miesiące (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-12-20 14:06 - 2024-12-20 14:10 - 000016394 _____ C:\Users\Seba\Desktop\FRST.txt 2024-12-20 14:02 - 2024-12-20 14:02 - 002403840 _____ (Farbar) C:\Users\Seba\Desktop\FRST64.exe 2024-12-20 11:34 - 2024-12-20 11:35 - 693932449 _____ C:\Users\Seba\Desktop\videoplayback.mp4 2024-12-19 09:55 - 2024-12-19 09:58 - 3205531648 _____ C:\Users\Seba\Desktop\ID16-045.avi 2024-12-19 09:48 - 2024-12-19 10:21 - 545762422 _____ C:\Users\Seba\Desktop\giselle-montes-creampie-gang-bang-720p.mp4 2024-12-19 09:39 - 2024-12-19 09:39 - 030072626 _____ C:\Users\Seba\Desktop\c25a585889c00a4c671f252d36b54685.mp4 2024-12-19 09:32 - 2024-12-19 09:32 - 187543593 _____ C:\Users\Seba\Desktop\2023-08-06 13.21.39.mov 2024-12-18 10:02 - 2024-12-18 10:02 - 067788655 _____ C:\Users\Seba\Desktop\89b13c07b0627e2bfa6f03e4b12e5397.mov 2024-12-17 20:04 - 2024-12-17 20:04 - 785725506 _____ C:\Users\Seba\Desktop\Screen_Recording_20240210_154349_Samsung Internet.mp4 2024-12-16 12:20 - 2024-12-16 12:24 - 2689180362 _____ C:\Users\Seba\Desktop\0gn0zkzvbup8jdfthuucp_source.mp4 2024-12-15 18:01 - 2024-12-15 18:02 - 540551239 _____ C:\Users\Seba\Desktop\anna titfuck.mp4 2024-12-13 08:10 - 2024-12-13 08:10 - 000001933 _____ C:\Users\Seba\Desktop\Discord.exe.lnk 2024-12-09 12:35 - 2024-12-09 12:36 - 226865387 _____ C:\Users\Seba\Desktop\0hh4ds5cwtftjhmbtn1d9_720p.mp4 2024-12-09 12:35 - 2024-12-09 12:35 - 393139090 _____ C:\Users\Seba\Desktop\Screen_Recording_20240110_133943_Samsung Internet.mp4 2024-12-02 11:22 - 2024-12-02 11:23 - 000000000 ____D C:\Users\Seba\Desktop\jimizu 2024-12-01 17:31 - 2024-12-02 20:07 - 000000059 _____ C:\Users\Seba\Desktop\imiona.txt 2024-11-29 16:16 - 2024-12-19 14:43 - 000000355 _____ C:\Users\Seba\Desktop\przybylas.txt 2024-11-28 23:42 - 2024-11-28 23:20 - 000419074 __RSH C:\bootmgr 2024-11-28 23:42 - 2019-12-07 10:08 - 000000001 ___SH C:\BOOTNXT 2024-11-28 22:18 - 2024-11-28 22:18 - 000000000 ___HD C:\$WinREAgent 2024-11-26 21:18 - 2024-11-26 21:20 - 1400663416 _____ C:\Users\Seba\Desktop\The Substance - Substancja (2024) Lektor PL.avi 2024-11-22 20:44 - 2024-11-22 20:44 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-11-22 20:44 - 2024-11-22 20:44 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-11-22 20:44 - 2024-11-22 20:44 - 000000000 ____D C:\Users\Seba\AppData\Local\Google 2024-11-22 20:44 - 2024-11-22 20:44 - 000000000 ____D C:\Program Files\Google 2024-11-22 20:43 - 2024-11-22 20:43 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem 2024-11-22 19:58 - 2024-11-22 20:05 - 000003670 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1656938251 2024-11-22 19:58 - 2024-11-22 19:58 - 000001381 _____ C:\Users\Seba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2024-11-16 12:49 - 2024-11-16 12:49 - 000000000 _____ C:\Recovery.txt 2024-11-12 14:32 - 2024-11-12 14:32 - 000000000 ____D C:\Users\Seba\AppData\Local\ElevatedDiagnostics 2024-11-05 13:45 - 2024-12-20 07:45 - 000008192 ___SH C:\DumpStack.log.tmp 2024-10-26 14:30 - 2024-10-26 14:30 - 000055663 _____ C:\Users\Seba\Desktop\nowy 44.m3u 2024-10-04 10:47 - 2024-10-04 10:47 - 000000198 _____ C:\Users\Seba\Desktop\Counter-Strike.url 2024-10-02 14:45 - 2024-10-02 14:49 - 000000000 ____D C:\Users\Seba\AppData\Local\Steam 2024-10-02 14:45 - 2024-10-02 14:45 - 000000000 ____D C:\Users\Seba\AppData\Local\CEF 2024-10-02 14:43 - 2024-10-02 14:43 - 000000549 _____ C:\Users\Public\Desktop\Steam.lnk 2024-10-02 14:43 - 2024-10-02 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam ==================== Trzy miesiące (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-12-20 14:08 - 2024-08-15 21:57 - 000000000 ____D C:\FRST 2024-12-20 14:04 - 2021-03-18 20:20 - 000000000 ____D C:\Users\Seba\AppData\Roaming\discord 2024-12-20 14:04 - 2020-08-13 17:45 - 000000000 ____D C:\Users\Seba\AppData\Roaming\foobar2000 2024-12-20 13:45 - 2021-01-09 17:46 - 000000000 ____D C:\Users\Seba\medivia 2024-12-20 13:09 - 2022-06-08 13:08 - 000000000 ____D C:\Users\Seba\AppData\Local\Discord 2024-12-20 10:29 - 2020-08-13 15:37 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-12-20 07:46 - 2020-08-13 15:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-12-19 23:49 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI 2024-12-15 13:39 - 2022-10-15 08:19 - 000000000 ____D C:\Users\Seba\Desktop\l 2024-12-14 16:05 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2024-12-11 21:03 - 2021-04-27 19:21 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2024-12-11 13:02 - 2023-03-03 21:54 - 000000000 ____D C:\Users\Seba\AppData\Roaming\vlc 2024-12-09 16:46 - 2024-05-23 14:58 - 000000000 ____D C:\Windows\system32\Drivers\K4W-21-17 2024-12-08 00:01 - 2024-08-30 18:48 - 000000000 ____D C:\Users\Seba\AppData\Roaming\Delta Media Player 2024-12-07 18:04 - 2024-08-25 12:10 - 000000091 _____ C:\Users\Seba\Desktop\deltaplayer.txt 2024-12-04 16:28 - 2020-08-13 15:59 - 001678238 _____ C:\Windows\system32\PerfStringBackup.INI 2024-12-04 16:28 - 2019-12-07 16:09 - 000747710 _____ C:\Windows\system32\perfh015.dat 2024-12-04 16:28 - 2019-12-07 16:09 - 000144456 _____ C:\Windows\system32\perfc015.dat 2024-11-28 23:59 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2024-11-28 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2024-11-28 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-11-28 23:41 - 2020-08-13 15:37 - 000260256 _____ C:\Windows\system32\FNTCACHE.DAT 2024-11-28 23:38 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack 2024-11-28 23:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2024-11-28 23:35 - 2020-08-13 15:59 - 000000000 ____D C:\Users\Seba 2024-11-28 15:44 - 2023-10-18 22:26 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER 2024-11-28 10:01 - 2024-05-30 09:01 - 000198728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_K4W-21-17_klbg.sys 2024-11-28 07:01 - 2020-08-13 16:45 - 000000000 ____D C:\Windows\system32\MRT 2024-11-28 07:00 - 2020-08-13 16:45 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-11-26 21:20 - 2021-04-28 12:51 - 000000000 ____D C:\Users\Seba\AppData\Roaming\MPC-HC 2024-11-25 12:02 - 2022-02-19 14:28 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-11-25 11:56 - 2021-01-05 18:02 - 000000000 ____D C:\Windows\Minidump 2024-11-22 20:46 - 2020-08-13 16:01 - 000000000 ____D C:\Users\Seba\AppData\Local\Packages 2024-11-22 20:44 - 2021-12-31 22:02 - 000000000 ____D C:\Windows\SystemTemp 2024-11-22 20:43 - 2020-12-26 17:49 - 000000000 ____D C:\Program Files (x86)\Google ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-01-08 11:44 - 2022-03-29 18:47 - 000007594 _____ () C:\Users\Seba\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2020-08-13 16:36 - 2013-01-16 16:56 - 000820224 _____ C:\Windows\system32\Cmeau108.exe 2020-08-13 16:36 - 2013-01-16 16:56 - 000359424 _____ C:\Windows\system32\CmiInstallResAll64.dll 2020-08-13 16:36 - 2013-01-16 16:56 - 000143360 _____ C:\Windows\Vmix108.dll 2020-08-13 16:36 - 2013-01-16 16:56 - 008757248 _____ (C-Media Corporation) C:\Windows\SysWOW64\CM108.dll 2020-08-13 16:36 - 2013-01-16 16:56 - 000200704 _____ (C-Media) C:\Windows\SysWOW64\cmpa108.dll 2020-08-13 16:21 - 2010-03-02 09:04 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2020-08-13 15:41 - 2020-08-13 17:03 - 002876416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-12-20 14:02 - 2024-12-20 14:02 - 002403840 _____ (Farbar) C:\Users\Seba\Desktop\FRST64.exe ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=C: description Windows Boot Manager locale pl-PL inherit {globalsettings} default {current} resumeobject {a50912f5-dd7a-11ea-9ad8-8a4b2e8f34d4} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.exe description Windows 10 locale pl-PL inherit {bootloadersettings} recoverysequence {a50912f7-dd7a-11ea-9ad8-8a4b2e8f34d4} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {a50912f5-dd7a-11ea-9ad8-8a4b2e8f34d4} nx OptIn numproc 4 bootmenupolicy Standard quietboot Yes usefirmwarepcisettings No safebootalternateshell No Windows Boot Loader ------------------- identifier {a50912f7-dd7a-11ea-9ad8-8a4b2e8f34d4} device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{a50912f8-dd7a-11ea-9ad8-8a4b2e8f34d4} path \windows\system32\winload.exe description Windows Recovery Environment locale pl-pl inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{a50912f8-dd7a-11ea-9ad8-8a4b2e8f34d4} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {a50912f5-dd7a-11ea-9ad8-8a4b2e8f34d4} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale pl-PL inherit {resumeloadersettings} recoverysequence {a50912f7-dd7a-11ea-9ad8-8a4b2e8f34d4} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=C: path \boot\memtest.exe description Diagnostyka pamięci systemu Windows locale pl-PL inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Local RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} integrityservices Enable Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {a50912f8-dd7a-11ea-9ad8-8a4b2e8f34d4} description Windows Recovery ramdisksdidevice partition=C: ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Koniec FRST.txt ========================