Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 13-03-2021 Uruchomiony przez Filip (administrator) DESKTOP-2OJ50D7 (14-03-2021 10:22:40) Uruchomiony z F:\Pobrane z Chrome Załadowane profile: Filip Platform: Windows 10 Pro Wersja 1909 18363.1440 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <35> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (LogMeIn, Inc. -> LogMeIn Inc.) G:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (LogMeIn, Inc. -> LogMeIn, Inc.) G:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe\GamingServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\NVDisplay.Container.exe <2> (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.166.1.13\OverwolfHelper.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.166.1.13\OverwolfHelper64.exe (Overwolf Ltd -> Overwolf LTD) C:\Users\Filip\AppData\Local\Overwolf\ProcessCache\0.166.1.13\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe (Overwolf Ltd -> Overwolf LTD) D:\mc\Overwolf\0.166.1.13\OverwolfBrowser.exe <3> (Overwolf Ltd -> Overwolf LTD) D:\mc\Overwolf\Overwolf.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe <5> (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-07-10] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353400 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [746440 2019-02-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [598200 2018-09-28] (Razer USA Ltd. -> Razer Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Genshin Impact_Launcher] => [X] HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-12-05] (Adobe Inc. -> ) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => G:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [1961344 2021-03-03] (Famatech Corp. -> Famatech Corp.) HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [Gaijin.Net Updater] => C:\Users\Filip\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-12-01] (Gaijin Network LTD -> Gaijin Entertainment) HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [com.squirrel.Shift.Shift] => C:\Users\Filip\AppData\Local\Shift\Update.exe [1825792 2020-05-15] (GitHub) [Brak podpisu cyfrowego] HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [Filip] => cmd.exe /c start www.dinoraptzor.org HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [com.blitz.app] => C:\Users\Filip\AppData\Local\Programs\Blitz\Blitz.exe [109893896 2021-03-09] (Swift Media Entertainment, Inc. -> Blitz, Inc.) HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [AvastBrowserAutoLaunch_A8AA2AE63066897F290B137CDE2B196A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2192896 2021-02-23] (Avast Software s.r.o. -> AVAST Software) HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50011008 2021-01-20] (Google LLC -> ) HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Filip\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-02-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [Overwolf] => D:\mc\Overwolf\OverwolfLauncher.exe [1746776 2021-02-15] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\Run: [Opera GX Browser Assistant] => G:\Program Files (x86)\opera gx\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\...\MountPoints2: {3a27a408-2ed4-11e9-8e6c-7085c288ff01} - "H:\setup.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-13] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.2.8247.193\Installer\chrmstp.exe [2021-03-09] (Avast Software s.r.o. -> AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2021-03-04] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {007FEE4A-F750-430B-8DF6-37A9F6B573E0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3260083469-3894035557-3918043402-1001 => C:\Users\Filip\AppData\Local\MEGAsync\MEGAupdater.exe [1818360 2021-02-25] (Mega Limited -> Mega Limited) Task: {0217614D-8DF5-4751-B8E5-1268D174116B} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1613655113 => G:\Program Files (x86)\opera gx\launcher.exe [1720472 2021-03-10] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="G:\Program Files (x86)\opera gx\assistant" $(Arg0) Task: {02D95D6A-154D-4766-B8A0-B7A938D73E55} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {05ACD0B1-5022-46CA-88A1-9787F916E5A3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {1976F678-6923-44A8-A7E9-9F48A2A8839F} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software) Task: {2272EF4E-5563-4224-A56C-02D73B68A0E6} - System32\Tasks\Driver Easy Scheduled Scan => d:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3617760 2019-07-05] (Easeware Technology Limited -> Easeware) Task: {24F8B59A-76E8-44B1-A9CE-3F744BD150A0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {3092DBD3-E4AF-4074-9D70-8113133C5A74} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {397EE65C-CFE6-43D0-B289-A232E262718A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.) Task: {3D897C64-1067-49F0-A2C9-34C4CF73E0E3} - System32\Tasks\Opera GX scheduled Autoupdate 1579370536 => G:\Program Files (x86)\opera gx\launcher.exe [1720472 2021-03-10] (Opera Software AS -> Opera Software) Task: {4778ED37-A0D3-45B5-947A-653E321B1644} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {51ADA701-290E-4735-BE5F-D3598810881F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {51C03D6D-183B-4F9D-B96B-7AA0BAE5E23F} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation) Task: {5D065369-2EE3-42F2-9366-E5F40313D85A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5EDEA2F2-ACC0-4C0C-90FE-8144C6755957} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6044C8F9-901B-4601-A655-9DA6A4028B64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.) Task: {6793AB75-5544-415B-8A9F-B43C457CD706} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {78CC07F1-0CB2-41E1-8D47-3EC2915B34BF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2192896 2021-02-23] (Avast Software s.r.o. -> AVAST Software) Task: {7CA2BE5D-A350-4312-A7A9-6EB1A0A1DCE4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {91C0E467-2196-4955-BFC3-83C6B6E02A28} - System32\Tasks\Overwolf Updater Task => D:\mc\Overwolf\OverwolfUpdater.exe [2491736 2021-02-15] (Overwolf Ltd -> Overwolf LTD) Task: {A19D6EB8-44C6-4A92-9AE4-5706D6961E7F} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software) Task: {B24A7C65-76AE-4D93-B1D1-861F9F82ACE3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B462C1C2-E2C3-446A-98B7-DD23E58DA892} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BB3F49DF-A42E-424F-8470-172C331EDA8E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BC629945-8589-489E-921E-277212509B06} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {D61DC3FE-379F-4780-A362-D5E02685A05F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D62772AC-BAE3-4606-A628-DD53F1E3F367} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform) Task: {E8CBAE90-9663-4AF4-B785-849F7B79B2F7} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2192896 2021-02-23] (Avast Software s.r.o. -> AVAST Software) Task: {E8DADFA7-3BDF-48F4-9597-0919A4E0FAB4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {EC74F2DD-1A3A-42F7-975B-DB0CF5AAB516} - System32\Tasks\Filip => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Filip /t REG_SZ /d "cmd.exe /c start www.dinoraptzor.org" Task: {F613D232-DD9A-40CA-B218-BE4CF7D99432} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => d:\Program Files\Easeware\DriverEasy\DriverEasy.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b2f55284-3931-4ad0-a028-3cfb34e76678}: [DhcpNameServer] 192.168.1.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA Edge: ======= Edge Profile: C:\Users\Filip\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-08] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [Brak pliku] FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [Brak pliku] FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-03] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-03] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default [2021-03-14] CHR DownloadDir: F:\Pobrane z Chrome CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.facebook.com; hxxps://www.faceit.com; hxxps://www.instagram.com; hxxps://www.netflix.com; hxxps://www.youtube.com CHR HomePage: Default -> hxxps://www.google.pl/ CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1402061031&from=cor&uid=ST3250310AS_9RY2N68NXXXX9RY2N68N","hxxp://www.sweet-page.com/?type=hppp&ts=1402252816&from=cor&uid=ST3250310AS_9RY2N68NXXXX9RY2N68N","hxxp://www.sweet-page.com/?type=hppp&ts=1402575589&from=cor&uid=ST3250310AS_9RY2N68NXXXX9RY2N68N","hxxp://www.sweet-page.com/?type=hppp&ts=1402596290&from=cor&uid=ST3250310AS_9RY2N68NXXXX9RY2N68N","hxxp://www.sweet-page.com/?type=hppp&ts=1402604977&from=cor&uid=ST3250310AS_9RY2N68NXXXX9RY2N68N","hxxp://www.istartsurf.com/?type=hp&ts=1435583789&z=472c7becc305590576e3bc7gcz1c2w1w5b8c7mcb3t&from=obw&uid=ST3250310AS_9RY2N68NXXXX9RY2N68N" CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Prezentacje) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-12] CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-02-18] CHR Extension: (Dokumenty) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-12] CHR Extension: (Dysk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22] CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-12] CHR Extension: (YouTube Music) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2020-08-27] CHR Extension: (BlockSite - Stay Focused & Control Your Time) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2021-02-24] CHR Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-09] CHR Extension: (Arkusze) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-12] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-27] CHR Extension: (Avast Online Security) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17] CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (Chrome Media Router) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-13] CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-11-25] CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-25] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKU\S-1-5-21-3260083469-3894035557-3918043402-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-3260083469-3894035557-3918043402-1001) Opera GXStable - "G:\Program Files (x86)\opera gx\Launcher.exe" ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.2.8247.193\elevation_service.exe [1456376 2021-02-23] (Avast Software s.r.o. -> AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-01-30] (BattlEye Innovations e.K. -> ) S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (Shanghai Comet Network Technology -> www.BitComet.com) S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [75776 2021-03-11] (Microsoft Windows -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2021-01-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.) S3 FACEITService; d:\Program Files\FACEIT AC\faceitservice.exe [18575712 2020-10-27] (FACE IT LIMITED -> ) S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA) S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2020-12-26] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-12-08] (GOG Sp. z o.o. -> GOG.com) R2 Hamachi2Svc; G:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-12] (McAfee, LLC -> McAfee, LLC) S3 mracsvc; C:\Windows\System32\mracsvc.exe [18997912 2019-12-08] (Mail.Ru LLC -> LLC Mail.Ru) S3 Origin Client Service; G:\Origin\OriginClientService.exe [2533952 2021-02-23] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; G:\Origin\OriginWebHelperService.exe [3479624 2021-02-23] (Electronic Arts, Inc. -> Electronic Arts) S3 OverwolfUpdater; D:\mc\Overwolf\OverwolfUpdater.exe [2491736 2021-02-15] (Overwolf Ltd -> Overwolf LTD) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2020-05-06] (Even Balance, Inc. -> ) R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) S3 Rockstar Service; d:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1631360 2020-12-02] (Rockstar Games, Inc. -> Rockstar Games) R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1005440 2021-03-03] (Famatech Corp. -> Famatech Corp.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6477936 2021-03-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32912 2021-03-03] (SteelSeries ApS -> ) R2 TeamViewer; d:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-10-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10091440 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ZeroTierOneService; C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe [1788400 2019-09-04] (ZeroTier, Inc. -> ) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8e68f77150e57b50\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation) R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [11970944 2020-10-27] (FACE IT LIMITED -> ) R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) R3 MpKsl9da2bdd5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BADDC35B-9C12-4F6F-A0E3-E2AB48DEB74A}\MpKslDrv.sys [90360 2021-03-13] (Microsoft Windows -> Microsoft Corporation) S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [18234792 2019-12-08] (Mail.Ru LLC -> LLC Mail.Ru) R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2020-05-27] (Famatech Corp. -> Famatech Corp.) R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-08-17] (Razer USA Ltd. -> Razer Inc) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS) R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [57440 2020-11-02] (SteelSeries ApS -> SteelSeries ApS) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider) R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-10-18] (Vincent Burel -> Windows (R) Win 7 DDK provider) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5782360 2021-01-22] (Riot Games, Inc. -> Riot Games, Inc.) S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\Windows\xhunter1.sys [74552 2020-08-04] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R3 zttap300; C:\WINDOWS\System32\drivers\zttap300.sys [30488 2018-03-16] (ZeroTier Networks LLC -> ZeroTier Networks LLC) S3 RTCore64; \??\D:\Program Files (x86)\MSI Afterburner\RTCore64.sys [X] S3 VOICEMOD_Driver; \SystemRoot\system32\drivers\vmdrv.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-03-14 10:22 - 2021-03-14 10:22 - 000000000 ____D C:\FRST 2021-03-13 12:26 - 2021-03-13 14:17 - 000000000 ____D C:\Users\Filip\AppData\Local\TurmoilSteam 2021-03-12 22:00 - 2021-03-12 22:00 - 000000000 ____D C:\Users\Filip\Documents\RealWelders 2021-03-12 22:00 - 2021-03-12 22:00 - 000000000 ____D C:\Users\Filip\AppData\LocalLow\RealWelders 2021-03-12 12:03 - 2021-03-12 12:03 - 000000000 ____D C:\Users\Filip\AppData\LocalLow\Cookie Engine 2021-03-12 08:12 - 2021-03-12 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin VPN 2021-03-12 08:12 - 2021-03-12 08:12 - 000000000 ____D C:\Program Files (x86)\Radmin VPN 2021-03-12 08:12 - 2021-03-12 08:12 - 000000000 ____D C:\Program Files (x86)\Radmin Viewer 3 2021-03-11 09:16 - 2021-03-11 09:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-03-11 09:16 - 2021-03-11 09:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-03-11 09:16 - 2021-03-11 09:16 - 001757632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-03-11 09:16 - 2021-03-11 09:16 - 001365640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-03-11 09:16 - 2021-03-11 09:16 - 001282360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-03-11 09:16 - 2021-03-11 09:16 - 000861696 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-03-11 09:16 - 2021-03-11 09:16 - 000515584 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2021-03-11 09:16 - 2021-03-11 09:16 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth19.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2021-03-11 09:16 - 2021-03-11 09:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2021-03-09 08:06 - 2021-03-09 08:07 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Macro Recorder 2021-03-09 08:06 - 2021-03-09 08:06 - 018794840 _____ (Bartels Media GmbH ) C:\Users\Filip\Documents\MacroRecorderSetup.exe 2021-03-09 08:06 - 2021-03-09 08:06 - 000000000 ____D C:\Users\Filip\Documents\Macro Recorder 2021-03-04 09:58 - 2021-03-04 09:58 - 000007546 _____ C:\Users\Filip\Documents\pobrany plik.jpeg 2021-03-01 09:06 - 2021-03-14 10:04 - 000001787 _____ C:\Users\Filip\Desktop\R6 Tracker.lnk 2021-02-28 00:16 - 2021-02-28 00:16 - 030222121 _____ C:\Users\Filip\minecraft_server.1.12.2.jar 2021-02-28 00:16 - 2021-02-28 00:16 - 004897687 _____ C:\Users\Filip\FTBserver-1.12.2-14.23.5.2846-universal.jar 2021-02-28 00:16 - 2021-02-28 00:16 - 000001861 _____ C:\Users\Filip\ServerStart.bat 2021-02-28 00:16 - 2021-02-28 00:16 - 000001737 _____ C:\Users\Filip\ServerStart.sh 2021-02-28 00:16 - 2021-02-28 00:16 - 000001132 _____ C:\Users\Filip\settings.sh 2021-02-28 00:16 - 2021-02-28 00:16 - 000000748 _____ C:\Users\Filip\FTBInstall.sh 2021-02-28 00:16 - 2021-02-28 00:16 - 000000532 _____ C:\Users\Filip\usercache.json 2021-02-28 00:16 - 2021-02-28 00:16 - 000000492 _____ C:\Users\Filip\settings.bat 2021-02-28 00:16 - 2021-02-28 00:16 - 000000368 _____ C:\Users\Filip\FTBInstall.bat 2021-02-28 00:16 - 2021-02-28 00:16 - 000000222 _____ C:\Users\Filip\usernamecache.json 2021-02-28 00:16 - 2021-02-28 00:16 - 000000136 _____ C:\Users\Filip\ops.json 2021-02-28 00:16 - 2021-02-28 00:16 - 000000130 _____ C:\Users\Filip\version.json 2021-02-28 00:16 - 2021-02-28 00:16 - 000000016 _____ C:\Users\Filip\options.txt 2021-02-28 00:16 - 2021-02-28 00:16 - 000000002 _____ C:\Users\Filip\whitelist.json 2021-02-28 00:16 - 2021-02-28 00:16 - 000000002 _____ C:\Users\Filip\pregenData.json 2021-02-28 00:16 - 2021-02-28 00:16 - 000000002 _____ C:\Users\Filip\banned-players.json 2021-02-28 00:16 - 2021-02-28 00:16 - 000000002 _____ C:\Users\Filip\banned-ips.json 2021-02-28 00:16 - 2021-02-28 00:16 - 000000000 ____D C:\Users\Filip\backups 2021-02-27 23:09 - 2021-02-27 23:09 - 000000766 _____ C:\Users\Filip\Desktop\Transport Fever 2.lnk 2021-02-27 23:09 - 2021-02-27 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transport Fever 2 2021-02-27 10:57 - 2021-02-27 10:57 - 000000000 ____D C:\Users\Filip\AppData\LocalLow\Eggcode 2021-02-26 10:28 - 2021-02-26 10:28 - 000000000 ____D C:\Users\Filip\AppData\Local\Madness 2021-02-26 10:07 - 2021-03-12 12:07 - 000000000 ____D C:\Users\Filip\AppData\Roaming\EasyAntiCheat 2021-02-25 13:37 - 2021-02-25 13:37 - 000000000 ____D C:\Users\Filip\AppData\Roaming\RenPy 2021-02-23 13:30 - 2021-02-23 13:30 - 000000000 ____D C:\Users\Filip\AppData\LocalLow\Funselektor Labs Inc_ 2021-02-21 12:50 - 2021-02-21 12:50 - 000000880 _____ C:\Users\Filip\Desktop\Farming Simulator 19.lnk 2021-02-21 12:50 - 2021-02-21 12:50 - 000000789 _____ C:\Users\Filip\Desktop\language Setting Farming Simulator 19.lnk 2021-02-21 12:50 - 2021-02-21 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2021-02-21 12:50 - 2021-02-21 12:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab 2021-02-18 21:36 - 2021-02-18 21:36 - 000000000 ____D C:\WINDOWS\Panther 2021-02-18 17:47 - 2021-02-18 17:47 - 000002687 _____ C:\Users\Filip\Desktop\YouTube.lnk 2021-02-18 17:47 - 2021-02-18 17:47 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome 2021-02-18 14:31 - 2021-02-18 21:35 - 000003726 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1613655113 2021-02-17 19:11 - 2021-03-11 22:21 - 000000000 ____D C:\Users\Filip\AppData\Roaming\.minecraft 2021-02-16 19:40 - 2021-02-16 19:40 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Overwolf 2021-02-16 18:54 - 2021-03-14 10:04 - 000001787 _____ C:\Users\Filip\Desktop\Outplayed.lnk 2021-02-15 20:56 - 2021-02-15 20:56 - 000000538 _____ C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk 2021-02-13 13:38 - 2021-02-13 13:38 - 000232752 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-02-12 10:40 - 2021-03-11 16:08 - 000000942 _____ C:\Users\Filip\Desktop\Crystal Launcher.lnk ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-03-14 10:22 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2021-03-14 10:18 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-03-14 10:07 - 2020-05-03 13:15 - 000000000 ____D C:\Program Files\CCleaner 2021-03-14 10:06 - 2019-02-12 15:30 - 000000000 ____D C:\ProgramData\NVIDIA 2021-03-14 10:04 - 2021-01-21 17:56 - 000001787 _____ C:\Users\Filip\Desktop\CurseForge.lnk 2021-03-14 10:04 - 2020-11-24 13:20 - 000000000 ____D C:\Users\Filip\AppData\Local\Overwolf 2021-03-14 10:04 - 2019-02-15 18:06 - 000000000 ____D C:\Users\Filip\AppData\Local\CrashDumps 2021-03-13 23:17 - 2019-07-16 08:53 - 000000000 ____D C:\ProgramData\Riot Games 2021-03-13 23:17 - 2019-02-27 19:01 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Discord 2021-03-13 22:58 - 2019-02-17 17:57 - 000000000 ____D C:\Users\Filip\AppData\Roaming\TS3Client 2021-03-13 22:57 - 2019-08-02 23:42 - 000000000 ____D C:\Users\Filip\AppData\Local\DayZ 2021-03-13 21:29 - 2020-08-30 10:34 - 000000000 ____D C:\Users\Filip\Documents\dzsalauncher 2021-03-13 20:55 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-03-13 20:54 - 2019-02-12 15:26 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-03-13 14:17 - 2020-01-20 23:07 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Blitz 2021-03-13 14:17 - 2019-02-13 19:17 - 000000000 ____D C:\Users\Filip\AppData\Roaming\BitComet 2021-03-12 21:47 - 2020-08-29 14:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-03-12 19:12 - 2019-02-18 15:38 - 000000000 ____D C:\Users\Filip\AppData\Local\ElevatedDiagnostics 2021-03-12 18:56 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-03-12 14:33 - 2020-08-29 14:24 - 000004230 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1579370536 2021-03-12 14:33 - 2020-01-18 19:02 - 000000940 _____ C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera GX.lnk 2021-03-12 12:07 - 2019-02-12 20:35 - 000000000 ____D C:\Users\Filip\Documents\My Games 2021-03-12 08:12 - 2020-10-03 08:50 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-03-11 17:19 - 2019-04-05 14:40 - 000000000 ____D C:\Users\Filip\AppData\Roaming\FileZilla 2021-03-11 17:17 - 2020-08-29 14:25 - 001770340 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-03-11 17:17 - 2019-03-19 13:24 - 000784514 _____ C:\WINDOWS\system32\perfh015.dat 2021-03-11 17:17 - 2019-03-19 13:24 - 000152312 _____ C:\WINDOWS\system32\perfc015.dat 2021-03-11 17:14 - 2020-04-07 23:13 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2021-03-11 17:12 - 2019-02-12 15:20 - 000000000 ___RD C:\Users\Filip\3D Objects 2021-03-11 17:11 - 2020-08-29 14:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-03-11 17:11 - 2020-08-29 14:15 - 000398520 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-03-11 17:10 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-03-11 17:09 - 2019-03-19 13:26 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-03-11 17:09 - 2019-03-19 13:26 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-03-11 17:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-03-11 16:18 - 2019-04-08 18:32 - 000000000 ____D C:\Users\Filip\.junique 2021-03-11 16:08 - 2019-08-09 11:40 - 000000000 ____D C:\Users\Filip\AppData\Local\CrystalLauncherInstaller 2021-03-11 15:46 - 2020-01-05 13:38 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-03-11 11:14 - 2019-02-12 15:25 - 000000000 ____D C:\Users\Filip\AppData\Local\D3DSCache 2021-03-11 09:21 - 2019-02-12 18:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-03-11 09:18 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-03-11 09:18 - 2019-02-12 18:13 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-03-09 18:02 - 2019-12-18 21:00 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2021-03-06 18:43 - 2019-02-12 15:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-03-04 08:53 - 2020-10-03 08:50 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-03-04 08:53 - 2020-10-03 08:50 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-03-01 09:06 - 2021-01-21 17:56 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2021-03-01 08:48 - 2019-02-12 20:32 - 000000000 ____D C:\Users\Filip\AppData\Local\Ubisoft Game Launcher 2021-02-28 20:29 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-02-28 00:16 - 2020-08-29 14:17 - 000000000 ____D C:\Users\Filip 2021-02-28 00:16 - 2019-04-05 14:40 - 000000000 ____D C:\Users\Filip\AppData\Local\FileZilla 2021-02-26 09:28 - 2019-02-12 16:14 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2021-02-25 22:35 - 2019-02-12 16:02 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Origin 2021-02-25 22:35 - 2019-02-12 16:02 - 000000000 ____D C:\ProgramData\Origin 2021-02-25 22:01 - 2021-01-26 14:14 - 000000000 ____D C:\Users\Filip\AppData\Local\LogMeIn Hamachi 2021-02-25 21:57 - 2019-02-12 16:02 - 000000000 ____D C:\Users\Filip\AppData\Local\Origin 2021-02-25 18:48 - 2019-12-18 20:58 - 000000000 ____D C:\ProgramData\AVAST Software 2021-02-25 11:43 - 2020-05-15 12:58 - 000000000 ____D C:\Users\Filip\AppData\Local\MEGAsync 2021-02-24 13:16 - 2020-10-19 06:29 - 000002368 _____ C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2021-02-24 13:16 - 2020-10-19 06:29 - 000002360 _____ C:\Users\Filip\Desktop\Microsoft Teams.lnk 2021-02-23 20:53 - 2021-01-14 19:01 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller 2021-02-20 20:57 - 2020-08-29 14:24 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-02-20 14:04 - 2020-09-19 23:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-02-18 22:15 - 2019-02-12 18:12 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-02-18 21:56 - 2020-01-20 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2021-02-18 21:35 - 2021-01-21 17:56 - 000003176 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task 2021-02-18 21:35 - 2020-12-12 20:42 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-02-18 21:35 - 2020-12-12 20:42 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-02-18 21:35 - 2020-12-12 20:42 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-02-18 21:35 - 2020-12-12 20:42 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-02-18 21:35 - 2020-12-12 20:42 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-02-18 21:35 - 2020-12-12 20:42 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-02-18 21:35 - 2020-12-12 20:42 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-02-18 21:35 - 2020-12-12 20:42 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-02-18 21:35 - 2020-12-12 20:42 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-02-18 21:35 - 2020-12-12 20:42 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-02-18 21:35 - 2020-12-04 19:01 - 000002440 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore 2021-02-18 21:35 - 2020-08-29 14:24 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-02-18 21:35 - 2020-08-29 14:24 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-02-18 21:35 - 2020-08-29 14:24 - 000003272 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-02-18 21:35 - 2020-08-29 14:24 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-02-18 18:07 - 2019-10-22 13:46 - 000000000 ____D C:\Users\Filip\AppData\Roaming\launcher-main 2021-02-15 20:56 - 2020-01-29 21:03 - 000000538 _____ C:\Users\Filip\Desktop\osu!.lnk 2021-02-13 23:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-02-13 23:40 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System 2021-02-13 20:48 - 2020-11-04 18:35 - 001615824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2021-02-13 20:48 - 2020-11-04 18:35 - 000198088 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2021-02-13 20:48 - 2020-11-04 18:35 - 000167368 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2021-02-13 20:48 - 2020-11-04 18:35 - 000159176 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2021-02-13 20:48 - 2020-11-04 18:35 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2021-02-13 20:48 - 2020-11-04 18:35 - 000038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2021-02-13 13:41 - 2019-03-19 13:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-02-13 13:41 - 2019-03-19 13:26 - 000019469 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2021-02-12 10:40 - 2019-04-08 18:32 - 000000037 _____ C:\Users\Filip\AppData\Roaming\.crystalinst ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-02-28 00:16 - 2021-02-28 00:16 - 000000368 _____ () C:\Users\Filip\FTBInstall.bat 2021-02-28 00:16 - 2021-02-28 00:16 - 000001861 _____ () C:\Users\Filip\ServerStart.bat 2021-02-28 00:16 - 2021-02-28 00:16 - 000000492 _____ () C:\Users\Filip\settings.bat 2020-05-13 07:19 - 2020-05-13 07:19 - 024166400 _____ () C:\Program Files (x86)\GUT6ED1.tmp 2020-05-12 15:05 - 2020-05-12 15:05 - 024166400 _____ () C:\Program Files (x86)\GUT9C9B.tmp 2020-05-12 20:05 - 2020-05-12 20:05 - 024166400 _____ () C:\Program Files (x86)\GUTA27D.tmp 2019-04-08 18:32 - 2021-02-12 10:40 - 000000037 _____ () C:\Users\Filip\AppData\Roaming\.crystalinst 2020-10-18 15:40 - 2020-11-20 10:04 - 000004705 _____ () C:\Users\Filip\AppData\Roaming\VoiceMeeterDefault.xml 2019-10-07 20:59 - 2019-10-07 21:04 - 000003251 _____ () C:\Users\Filip\AppData\Local\AcStag.ini 2019-10-07 21:01 - 2019-10-07 21:04 - 000006278 _____ () C:\Users\Filip\AppData\Local\AcStag.lyt 2019-02-12 15:25 - 2019-11-04 13:15 - 000007608 _____ () C:\Users\Filip\AppData\Local\resmon.resmoncfg 2020-05-07 10:13 - 2020-05-07 10:38 - 000000019 _____ () C:\Users\Filip\AppData\Local\tkeys.txt 2019-03-24 11:41 - 2019-03-31 13:41 - 005142796 _____ () C:\Users\Filip\AppData\Local\~upnp2~mapper ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================