Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17-02-2021 01 Uruchomiony przez Patryk (administrator) DESKTOP-L5VBRHS (Micro-Star International Co., Ltd. MS-7C09) (18-02-2021 13:16:11) Uruchomiony z C:\Users\User\Downloads Załadowane profile: Patryk Platform: Windows 10 Home Wersja 2004 19041.804 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (G DATA Software AG -> G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G DATA Software AG -> G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G DATA Software AG -> G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\WebProtection\NativeMessagingWP.exe (G DATA Software AG -> G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKWCtlx64.exe (G DATA Software AG -> G DATA Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <36> (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10111.5575.0_x64__8wekyb3d8bbwe\WhiteboardWRT.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.740_none_e752aa59261f271f\TiWorker.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\NVDisplay.Container.exe <2> (Overwolf Ltd -> Overwolf LTD) C:\Moje aplikacje programy\Porofessor GG\Overwolf\0.165.0.28\OverwolfBrowser.exe <5> (Overwolf Ltd -> Overwolf LTD) C:\Moje aplikacje programy\Porofessor GG\Overwolf\Overwolf.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.165.0.28\OverwolfHelper.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.165.0.28\OverwolfHelper64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKU\S-1-5-21-1398935820-3195646932-3189488621-1001\...\Run: [Gaijin.Net Updater] => C:\Users\User\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2350824 2020-07-14] (Gaijin Network LTD -> Gaijin Entertainment) HKU\S-1-5-21-1398935820-3195646932-3189488621-1001\...\Run: [Overwolf] => C:\Moje aplikacje programy\Porofessor GG\Overwolf\OverwolfLauncher.exe [1752920 2021-01-24] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-1398935820-3195646932-3189488621-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1398935820-3195646932-3189488621-1001\...\Run: [Steam] => C:\Moje aplikacje programy\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation) HKU\S-1-5-21-1398935820-3195646932-3189488621-1001\...\Run: [Opera Browser Assistant] => C:\Users\User\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software) HKU\S-1-5-21-1398935820-3195646932-3189488621-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-1398935820-3195646932-3189488621-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_pepper.exe [1498680 2020-12-02] (Adobe Inc. -> Adobe) HKU\S-1-5-21-1398935820-3195646932-3189488621-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [4708328 2021-01-14] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-05] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {072236C8-699D-4CA0-8946-04ACEE03712F} - System32\Tasks\Overwolf Updater Task => C:\Moje aplikacje programy\Porofessor GG\Overwolf\OverwolfUpdater.exe [2489176 2021-01-24] (Overwolf Ltd -> Overwolf LTD) Task: {2173C7CC-7D5D-45A9-9337-2487700487CD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_pepper.exe [1498680 2020-12-02] (Adobe Inc. -> Adobe) Task: {300B3B82-3755-4B4F-AADA-F13CCEFAE078} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-31] (Google LLC -> Google LLC) Task: {344EC6AC-D959-4C64-8C43-7648478B5DC3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {376FC166-865B-45E3-A178-67F8B3AA40A9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {436812B0-7758-46E4-A038-C48F0E1D55B5} - System32\Tasks\Opera scheduled assistant Autoupdate 1588246057 => C:\Users\User\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\User\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {511AC376-83D2-4508-AD4F-786231B84940} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {62736DC5-E5FC-43EA-81EC-D1E10947F1BE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {634D0458-D942-4905-8845-9FF202567F78} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {69C13D8D-81DA-4256-8DA7-D20A46AFCB7C} - System32\Tasks\Opera scheduled Autoupdate 1588246056 => C:\Users\User\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) Task: {6E8F8C50-F2D1-4715-B3CD-86B316AEB597} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {749ED071-AE88-470C-93E8-00100EA55E2B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9CE96E72-C6F0-4A8C-9F0C-BC9DA4B9EA8F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {A3423E96-CDD9-4A4D-9103-413DD037BE53} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B9EA736D-3AF6-4609-BBCA-CAEFE3DCDAA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-31] (Google LLC -> Google LLC) Task: {E32802F3-C691-4A8C-B59A-755A0FC4B448} - System32\Tasks\Opera GX scheduled Autoupdate 1612216817 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe [1720472 2021-02-09] (Opera Software AS -> Opera Software) Task: {F5BF4D45-1345-4153-A4F5-56DDF8623C33} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FAFB4CFE-1B28-4483-8715-E8720AEE5E6F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{56953c08-e582-48ef-a5ab-2bcecad34cc4}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{83993b96-c78b-47ed-a825-25356cd35847}: [DhcpNameServer] 192.168.0.1 Edge: ======= DownloadDir: C:\Users\User\Downloads Edge DefaultProfile: Default Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-31] Edge DownloadDir: C:\Users\User\Downloads Edge StartupUrls: Default -> "hxxp://google.pl/" Edge Extension: (G DATA WebProtection) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pehnahjhohlhchmcpcjcfnafkebenbgn [2020-08-25] FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-02-12] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-02-18] CHR Notifications: Default -> hxxps://meet.google.com; hxxps://teams.microsoft.com; hxxps://www-szybkiezwroty-pl.pushpushgo.com; hxxps://www.netflix.com CHR StartupUrls: Default -> "hxxps://forum.pclab.pl/topic/1202054-jak-usunac-wirusa-ktory-sam-otwiera-nowe-karty-w-chrome/" CHR Extension: (Prezentacje) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-03] CHR Extension: (BetterTTV) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-12-18] CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-03] CHR Extension: (Dysk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-03] CHR Extension: (Better BTTV) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmfeooimdhjkcoiohoodihbccehncajo [2021-01-15] CHR Extension: (FrankerFaceZ) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-10-09] CHR Extension: (Arkusze) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-03] CHR Extension: (McAfee® WebAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-02-10] CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-12] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-14] CHR Extension: (Kopiowanie i wklejanie w aplikacjach Office Online) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2020-10-28] CHR Extension: (G DATA WebProtection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokapgenfjiafbmphhhcgmgkobiiomcp [2020-10-27] CHR Extension: (CDA Downloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjimfkhkcjoadjpldapeomibodflgdpa [2020-11-28] CHR Extension: (Safe Torrent Scanner) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\makcojoppodhcgmmchohadhpkicoafka [2020-08-26] CHR Extension: (PowerPoint Online) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2020-05-31] CHR Extension: (Milky Way Stars over Pine Valley, Utah) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\memcphligehabnghadofahejdodcfnnb [2020-03-10] CHR Extension: (T-Rex Dino Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nabjdccbcfponlofkobmigcgfaddnkll [2021-01-30] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Office) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdlmjhbenodhlknglojajgokahchlkk [2020-04-01] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-26] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka] Opera: ======= OPR Profile: C:\Users\User\AppData\Roaming\Opera Software\Opera Stable [2021-02-18] OPR Notifications: Opera Stable -> hxxps://meet.google.com; hxxps://www.youtube.com OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-09] OPR Extension: (Kopiowanie i wklejanie w aplikacjach Office Online) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2020-10-30] OPR Extension: (Zainstaluj rozszerzenia Chrome) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-10-30] StartMenuInternet: (HKU\S-1-5-21-1398935820-3195646932-3189488621-1001) Opera GXStable - "C:\Users\User\AppData\Local\Programs\Opera GX\Launcher.exe" StartMenuInternet: (HKU\S-1-5-21-1398935820-3195646932-3189488621-1001) OperaStable - "C:\Users\User\AppData\Local\Programs\Opera\Launcher.exe" ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [6297456 2020-06-07] (G DATA Software AG -> G DATA Software AG) R2 AVKWCtl; C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKWCtlx64.exe [3528416 2020-06-07] (G DATA Software AG -> G Data Software AG) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-05-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2001176 2020-06-07] (G DATA Software AG -> G DATA Software AG) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-06] (Malwarebytes Inc -> Malwarebytes) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-12] (McAfee, LLC -> McAfee, LLC) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-02-04] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-02-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S3 Rockstar Service; "C:\Moje aplikacje programy\RockstarGames\Launcher\RockstarService.exe" [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-06] (Malwarebytes Corporation -> Malwarebytes) S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [203192 2019-11-28] (Microsoft Windows Early Launch Anti-malware Publisher -> G DATA CyberDefense AG) R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [49808 2020-07-03] (G DATA Software AG -> G DATA Software AG) R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [38984 2020-02-03] (G DATA Software AG -> G DATA Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [585408 2020-07-03] (G DATA Software AG -> G Data Software AG) R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [94856 2020-07-03] (G DATA Software AG -> G DATA Software AG) S3 GRD; C:\Windows\system32\drivers\GRD.sys [125640 2021-01-30] (G DATA Software AG -> G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [293464 2020-07-03] (G DATA Software AG -> G Data Software AG) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-13] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-13] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-13] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-13] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-02-13] (Malwarebytes Inc -> Malwarebytes) R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174536 2020-10-16] (Oracle Corporation -> Oracle Corporation) S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2020-12-16] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-02-04] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-02-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-02-18 13:12 - 2021-02-18 13:16 - 000000000 ____D C:\FRST 2021-02-18 13:12 - 2021-02-18 13:12 - 002298368 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2021-02-18 11:48 - 2021-02-18 13:16 - 000023757 _____ C:\Users\User\Downloads\FRST.txt 2021-02-17 11:12 - 2021-02-17 11:12 - 000015932 _____ C:\Users\User\Downloads\recenzje -plik do pracy .xlsx 2021-02-13 17:20 - 2021-02-13 17:27 - 037167512 _____ C:\Users\User\Downloads\Bloody7_V2020.1229_MUI.exe 2021-02-13 10:23 - 2021-02-13 12:38 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-02-13 10:23 - 2021-02-13 12:38 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-02-13 10:22 - 2021-02-13 12:38 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-02-10 08:21 - 2021-02-10 08:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-02-10 08:20 - 2021-02-10 08:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-02-10 08:20 - 2021-02-10 08:20 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-02-10 08:20 - 2021-02-10 08:20 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-02-10 08:20 - 2021-02-10 08:20 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-02-09 20:29 - 2021-02-09 20:29 - 000867241 _____ C:\Users\User\Downloads\GSAutoClicker.exe 2021-02-08 17:08 - 2021-02-08 17:08 - 000002021 _____ C:\ProgramData\Pulpit\Active Presenter.lnk 2021-02-08 17:08 - 2021-02-08 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePresenter 2021-02-08 17:08 - 2021-02-08 17:08 - 000000000 ____D C:\Program Files\ATOMI 2021-02-08 14:04 - 2021-02-08 14:05 - 058092624 _____ (Atomi Systems, Inc. ) C:\Users\User\Downloads\ActivePresenter_v8.3.2_setup (1).exe 2021-02-08 13:53 - 2021-02-08 13:54 - 037865181 _____ C:\Users\User\Downloads\VID_20210208_134824.mp4 2021-02-08 13:47 - 2021-02-08 18:49 - 000000000 ____D C:\Users\User\OneDrive\Dokumenty\ActivePresenter Templates 2021-02-08 13:47 - 2021-02-08 18:49 - 000000000 ____D C:\Users\User\AppData\Roaming\ActivePresenter 2021-02-08 13:47 - 2021-02-08 17:22 - 000000000 ____D C:\Users\User\OneDrive\Dokumenty\ActivePresenter 2021-02-08 13:44 - 2021-02-08 13:45 - 058092624 _____ (Atomi Systems, Inc. ) C:\Users\User\Downloads\ActivePresenter_v8.3.2_setup.exe 2021-02-08 11:12 - 2021-02-08 11:12 - 000188297 _____ C:\Users\User\Downloads\54431-136778-1-PB.pdf 2021-02-07 20:01 - 2021-02-13 12:38 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-02-06 11:23 - 2021-02-06 11:23 - 000012809 _____ C:\Users\User\Downloads\PARI-105659-01-2021-ECOM.pdf 2021-02-06 02:44 - 2021-02-13 12:38 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-02-06 02:44 - 2021-02-06 02:44 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-02-06 02:44 - 2021-02-06 02:44 - 000002021 _____ C:\ProgramData\Pulpit\Malwarebytes.lnk 2021-02-06 02:44 - 2021-02-06 02:44 - 000000000 ____D C:\Users\User\AppData\Local\mbam 2021-02-06 02:44 - 2021-02-06 02:43 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-02-06 02:44 - 2021-02-06 02:43 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-02-06 02:43 - 2021-02-06 02:43 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-02-06 02:42 - 2021-02-06 02:42 - 000000000 ____D C:\Program Files\Malwarebytes 2021-02-06 02:41 - 2021-02-06 02:41 - 002086424 _____ (Malwarebytes) C:\Users\User\Downloads\MBSetup.exe 2021-02-03 11:30 - 2021-02-03 11:30 - 000016139 _____ C:\Users\User\Downloads\kraje.xlsx 2021-02-03 11:29 - 2021-02-03 11:29 - 000017635 _____ C:\Users\User\Downloads\sklepik.xlsx 2021-02-01 23:00 - 2021-02-12 23:01 - 000004264 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1612216817 2021-02-01 23:00 - 2021-02-12 23:01 - 000001435 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera GX.lnk 2021-01-31 12:08 - 2021-02-05 00:19 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-01-31 12:08 - 2021-02-05 00:19 - 000002212 _____ C:\ProgramData\Pulpit\Google Chrome.lnk 2021-01-31 12:08 - 2021-01-31 12:08 - 000000000 ____D C:\Program Files\Google 2021-01-31 12:06 - 2021-02-05 10:13 - 000003568 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-01-31 12:06 - 2021-02-05 10:13 - 000003444 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-01-31 02:07 - 2021-01-31 02:07 - 008457584 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_8.0.9.1.exe 2021-01-31 02:05 - 2021-01-31 02:06 - 000000000 ____D C:\AdwCleaner 2021-01-30 23:34 - 2021-01-30 23:34 - 008447152 _____ (Malwarebytes) C:\Users\User\Downloads\AdwCleaner.exe 2021-01-27 23:23 - 2021-01-27 23:23 - 000000000 ____D C:\WINDOWS\Panther 2021-01-26 11:03 - 2021-01-26 11:04 - 066597552 _____ (Blitz, Inc.) C:\Users\User\Downloads\Blitz-1.13.83.exe 2021-01-20 18:50 - 2021-01-22 01:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Overwolf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-02-18 13:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-02-18 12:50 - 2020-10-04 20:37 - 001767980 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-02-18 12:50 - 2019-12-07 16:08 - 000784172 _____ C:\WINDOWS\system32\perfh015.dat 2021-02-18 12:50 - 2019-12-07 16:08 - 000152068 _____ C:\WINDOWS\system32\perfc015.dat 2021-02-18 12:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-02-18 12:41 - 2020-02-04 21:42 - 000000000 ____D C:\ProgramData\Riot Games 2021-02-18 12:25 - 2020-02-04 15:45 - 000000000 ____D C:\ProgramData\NVIDIA 2021-02-18 12:09 - 2020-08-27 19:47 - 000000000 ____D C:\Users\User\OneDrive\Dokumenty\BeamNG.drive 2021-02-18 11:16 - 2020-11-18 08:57 - 000000000 ____D C:\Users\User\.VirtualBox 2021-02-18 09:57 - 2020-11-18 08:57 - 000000000 ____D C:\ProgramData\VirtualBox 2021-02-18 09:49 - 2020-10-04 20:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-02-17 23:37 - 2020-04-05 12:05 - 000000000 ____D C:\Users\User\AppData\Roaming\Blitz 2021-02-17 18:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-02-17 18:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-02-17 14:52 - 2020-11-26 08:41 - 000000000 ____D C:\Users\User\AppData\Roaming\discord 2021-02-17 09:37 - 2020-10-27 13:42 - 000002363 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2021-02-16 23:49 - 2020-02-04 18:31 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache 2021-02-16 21:45 - 2020-05-01 11:38 - 000000000 ____D C:\Users\User\AppData\Roaming\.minecraft 2021-02-15 14:47 - 2020-02-22 00:01 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps 2021-02-15 11:25 - 2020-10-04 20:33 - 000004252 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1588246056 2021-02-15 11:25 - 2020-04-30 12:27 - 000001406 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2021-02-15 11:16 - 2020-05-31 13:37 - 000000000 ____D C:\Users\User\AppData\Local\log 2021-02-14 12:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-02-13 12:47 - 2020-03-13 19:40 - 000000252 _____ C:\Users\User\AppData\LocalLow\rbxcsettings.rbx 2021-02-13 12:46 - 2020-11-20 21:01 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2021-02-13 10:23 - 2020-02-19 10:35 - 000000000 ____D C:\Users\User\AppData\Local\Overwolf 2021-02-13 10:22 - 2020-10-04 20:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-02-13 10:22 - 2020-10-04 20:28 - 000008192 ___SH C:\DumpStack.log.tmp 2021-02-13 09:48 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-02-12 18:59 - 2020-06-05 10:47 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-02-12 18:59 - 2020-06-05 10:47 - 000002269 _____ C:\ProgramData\Pulpit\Microsoft Edge.lnk 2021-02-11 02:25 - 2020-10-04 20:28 - 000290232 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-02-11 02:24 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-02-11 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2021-02-11 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-02-11 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-02-11 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords 2021-02-11 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-02-11 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-02-11 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-02-11 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-02-11 02:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-02-10 08:22 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-02-10 07:59 - 2020-02-04 18:06 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-02-10 07:58 - 2020-02-04 18:06 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-02-09 22:55 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-02-09 04:09 - 2020-10-04 20:33 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-02-09 04:09 - 2020-10-04 20:33 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-02-08 18:40 - 2020-02-03 16:27 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder 2021-02-08 18:40 - 2020-02-03 16:23 - 000000000 ____D C:\Users\User\AppData\Local\Packages 2021-02-06 02:44 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-02-05 00:53 - 2020-03-20 21:11 - 000000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics 2021-02-04 00:23 - 2020-02-03 16:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-02-04 00:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-02-01 23:00 - 2020-04-30 12:27 - 000000000 ____D C:\Users\User\AppData\Local\Opera Software 2021-02-01 22:58 - 2020-04-30 12:26 - 000000000 ____D C:\Users\User\AppData\Roaming\Opera Software 2021-01-31 17:43 - 2020-03-13 19:40 - 000000000 ____D C:\Users\User\AppData\Local\Roblox 2021-01-31 12:06 - 2020-02-03 16:28 - 000000000 ____D C:\Program Files (x86)\Google 2021-01-30 13:24 - 2020-02-24 14:51 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys 2021-01-26 20:03 - 2020-02-04 15:39 - 000000000 ____D C:\Moje aplikacje programy 2021-01-26 20:01 - 2020-05-09 20:41 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2021-01-26 20:01 - 2020-02-04 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2021-01-24 12:03 - 2020-02-05 19:36 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA 2021-01-22 00:18 - 2020-02-19 10:38 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2021-01-20 18:41 - 2020-02-04 15:56 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-11-20 08:45 - 2020-11-20 09:39 - 000000236 _____ () C:\Users\User\AppData\Roaming\debug.log 2020-02-03 16:36 - 2020-02-03 16:36 - 000000779 _____ () C:\Users\User\AppData\Roaming\gdscan.log 2020-08-21 13:22 - 2020-08-21 13:22 - 000000218 _____ () C:\Users\User\AppData\Local\recently-used.xbel 2020-11-20 17:01 - 2020-11-22 19:10 - 000007601 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================