Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-02-2022 Uruchomiony przez Mariusz (administrator) DESKTOP-NTSVTFK (Micro-Star International Co., Ltd. MS-7B89) (09-02-2022 12:46:57) Uruchomiony z C:\Users\Mariusz\AppData\Local\Temp\scoped_dir23520_1977696229 Załadowane profile: Mariusz Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.1466 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\altera\13.0sp1\quartus\bin64\jtagserver.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe (Discord Inc. -> Discord Inc.) C:\Users\Mariusz\AppData\Local\Discord\app-1.0.9003\Discord.exe <6> (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2> (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (JetBrains s.r.o. -> JetBrains s.r.o) C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.Etw.Collector.Host.exe (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe (LG Electronics Inc. -> LG Electronics Inc.) C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreen Control.exe (LG Electronics Inc. -> LG Electronics Inc.) C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OSCApplicationManager.exe (LG Electronics Inc. -> LG Electronics Inc.) C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\ScreenSplitterHook64App.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_422d4a8d182d8330\Display.NvContainer\NVDisplay.Container.exe <2> (Opera Software AS -> Opera Software) C:\Program Files\Opera\83.0.4254.27\opera_crashreporter.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\opera.exe <38> (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe <2> (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Mariusz\AppData\Roaming\Telegram Desktop\Telegram.exe (TunnelBear Inc -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1820568 2020-10-19] (LG Electronics Inc. -> LG Electronics Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [82973864 2021-11-10] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3610575030-2036697386-529325907-1001\...\Run: [Discord] => C:\Users\Mariusz\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-3610575030-2036697386-529325907-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3610575030-2036697386-529325907-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13926752 2021-10-10] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-3610575030-2036697386-529325907-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33637856 2022-02-07] (Epic Games Inc. -> Epic Games, Inc.) HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0BB8365D-5D36-498E-85AF-42C2ECE6D15B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1CFAF574-68AC-438F-BB0E-C96438F2A128} - System32\Tasks\Opera scheduled Autoupdate 1628017390 => C:\Program Files\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software) Task: {252F7572-1894-4601-BDB4-1B60BEE0FA91} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {25AFEFD0-9A20-47A0-B752-F71E01528827} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6469008 2022-01-27] (Microsoft Corporation -> Microsoft Corporation) Task: {2BF5D6C5-1EC3-4274-9E79-69A2125157FB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108904 2022-01-27] (Microsoft Corporation -> Microsoft Corporation) Task: {3E32BE0C-AF28-41FC-85CD-AD896C6CF4E8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {481294E2-0C1F-4B40-AF94-DD5FFB6919AE} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709344 2021-04-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {48ED06E4-2B21-443E-AF21-468FE27EA993} - System32\Tasks\update-S-1-5-21-3610575030-2036697386-529325907-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {649DB43D-21BC-4405-BFAD-1A54A19A8D60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {65CB08BB-3775-4A48-A4FF-2EC72BC4B5C8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108904 2022-01-27] (Microsoft Corporation -> Microsoft Corporation) Task: {7D7A13AB-0478-4362-A4B0-97ECE645A9EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6469008 2022-01-27] (Microsoft Corporation -> Microsoft Corporation) Task: {7FAEF428-D4A0-4661-8173-F0965ADA2847} - System32\Tasks\Opera scheduled assistant Autoupdate 1628017392 => C:\Program Files\Opera\launcher.exe [2333904 2022-01-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0) Task: {80669807-C0C6-4F77-B026-A518A742C510} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-01-27] (Microsoft Corporation -> Microsoft Corporation) Task: {8FE02CD9-C4E6-4046-96B8-5A62E18E128A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BFF6390E-C12D-4B9C-98BD-27C12994CB8B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-01-27] (Microsoft Corporation -> Microsoft Corporation) Task: {CD2CCF27-028C-43F0-96B3-3F591CF78D8E} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667832 2021-07-16] (Advanced Micro Devices INC. -> ) Task: {D682D1DA-A1F5-46AD-8882-88E959FEAEE1} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [66472 2021-11-16] (Microsoft Corporation -> Microsoft) Task: {D722903C-E4F6-4678-AF3F-8CFB17CC48E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {DF652D6A-ED6D-4746-ACE6-AB1E14B57A54} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [792120 2021-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) Task: {EA4E23A7-2748-45EB-96CF-8073248F69D0} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [429776 2021-04-05] (Alexey Nicolaychuk -> ) Task: {F6C2B205-C757-4E0E-9253-DFFB42F721CF} - System32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe [5133296 2020-04-08] (NVIDIA Corporation -> Nvidia Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\update-S-1-5-21-3610575030-2036697386-529325907-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 185.228.169.168 Tcpip\..\Interfaces\{8104e056-05cd-468d-8a7a-967aff485de3}: [DhcpNameServer] 1.1.1.1 185.228.169.168 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Mariusz\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-09] Edge Extension: (Redaktor Microsoft: sprawdzanie pisowni i gramatyki) - C:\Users\Mariusz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2022-02-07] Edge Extension: (uBlock Origin) - C:\Users\Mariusz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-01-26] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-09-18] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-09-18] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) Opera: ======= OPR Profile: C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable [2022-02-09] OPR Notifications: Opera Stable -> hxxps://inpost.pl; hxxps://shopee.pl OPR DefaultSearchURL: Opera Stable -> hxxps://cashback.getdify.com OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Tłumacz Google) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-01-24] OPR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhbkkedmelfmalgjpkngiaoifpdfcnl [2021-09-05] OPR Extension: (Search by Image) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnojnbdhbhnkbcieeekonklommdnndci [2022-01-09] OPR Extension: (alerabat.com | kupony i kody rabatowe) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\dacdinoicboceafielngnmjjplncljhj [2021-12-05] OPR Extension: (Rich Hints Agent) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-02-01] OPR Extension: (HTTPS Everywhere) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2021-08-05] OPR Extension: (Redaktor Microsoft: sprawdzanie pisowni i gramatyki) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2022-01-24] OPR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2022-02-05] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-03] OPR Extension: (uBlock Origin) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2022-01-24] OPR Extension: (Zainstaluj rozszerzenia Chrome) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2021-08-05] OPR Extension: (Save to Pocket) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2022-01-24] OPR Extension: (Save Image As PNG) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\nkokmeaibnajheohncaamjggkanfbphi [2021-08-10] OPR Extension: (Dify Cashback) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\nooloojkiejfplbmfiflikencpiaapoi [2022-01-24] OPR Extension: (JetBrains Toolbox Extension) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\offnedcbhjldheanlbojaefbfbllddna [2022-01-11] OPR Extension: (TunnelBear VPN) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2021-09-04] OPR Extension: (Netflix Party is now Teleparty) - C:\Users\Mariusz\AppData\Roaming\Opera Software\Opera Stable\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2022-02-09] StartMenuInternet: (HKU\S-1-5-21-3610575030-2036697386-529325907-1001) Opera Neon.7XOW54T5IL3GVRVY6SN4X5JBIU - "C:\Users\Mariusz\AppData\Local\Opera Software\Opera Neon\Application\neon.exe" ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-01-27] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-02-01] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [588264 2021-11-02] (EasyAntiCheat Oy -> Epic Games, Inc.) S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1990496 2021-10-10] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-07-16] (GOG Sp. z o.o. -> GOG.com) R2 JetBrainsEtwHost; C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.Etw.Collector.Host.exe [1475296 2021-10-08] (JetBrains s.r.o. -> JetBrains s.r.o) R2 JTAGServer; C:\altera\13.0sp1\quartus\bin64\jtagserver.exe [268800 2013-06-13] () [Brak podpisu cyfrowego] S3 LxssManagerUser; C:\Windows\system32\lxss\wslclient.dll [305664 2021-12-05] (Microsoft Windows -> Microsoft Corporation) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-15] (Malwarebytes Inc -> Malwarebytes) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-08-07] (Electronic Arts, Inc. -> Electronic Arts) S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-08-07] (Electronic Arts, Inc. -> Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [135496 2021-07-22] (TunnelBear Inc -> TunnelBear) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746728 2021-07-28] (Oracle Corporation -> Oracle Corporation) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_422d4a8d182d8330\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_422d4a8d182d8330\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210352 2022-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-12-15] (Malwarebytes Inc -> Malwarebytes) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2021-06-17] (TunnelBear, Inc. -> The OpenVPN Project) S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [57768 2021-08-05] (Windscribe Limited -> The OpenVPN Project) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239664 2021-07-28] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249568 2021-07-28] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation) S3 windtun420; C:\Windows\System32\drivers\windtun420.sys [47544 2021-08-05] (Windscribe Limited -> WireGuard LLC) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-02-09 12:46 - 2022-02-09 12:47 - 000000000 ____D C:\FRST 2022-02-09 12:45 - 2022-02-09 12:45 - 002311680 _____ (Farbar) C:\Users\Mariusz\Desktop\FRST64.exe 2022-02-09 12:36 - 2022-02-09 12:36 - 000000000 ___HD C:\$WinREAgent 2022-02-07 23:37 - 2022-02-07 23:38 - 155376536 _____ (RubyInstaller Team ) C:\Users\Mariusz\Desktop\rubyinstaller-devkit-3.1.0-1-x64.exe 2022-02-07 22:23 - 2022-02-07 22:23 - 000000000 ____D C:\Users\Mariusz\Downloads\ptc-hot 2022-02-07 22:22 - 2022-02-07 22:22 - 005335746 _____ C:\Users\Mariusz\Downloads\ptc-hot.zip 2022-02-07 22:10 - 2022-02-07 22:10 - 004866403 _____ C:\Users\Mariusz\Downloads\Prezentacje z ćwiczeń-20220207.zip 2022-02-07 22:10 - 2022-02-07 22:10 - 000000000 ____D C:\Users\Mariusz\Downloads\Prezentacje z ćwiczeń-20220207 2022-02-06 18:45 - 2022-02-06 18:45 - 000000168 _____ C:\Users\Mariusz\Desktop\Układ PLA.txt 2022-02-06 16:23 - 2022-02-06 16:23 - 002587311 _____ C:\Users\Mariusz\Downloads\Kompendium do części 3 PTC - część egzaminacyjna - Backup 2019-01-29.pdf 2022-02-06 16:17 - 2022-02-06 16:17 - 015833304 _____ C:\Users\Mariusz\Downloads\ptc_3w_druga_część-combined.pdf 2022-02-06 16:16 - 2022-02-06 16:16 - 014482916 _____ C:\Users\Mariusz\Downloads\Pliki materiałów wykładowych-20220206.zip 2022-02-06 16:16 - 2022-02-06 16:16 - 000000000 ____D C:\Users\Mariusz\Downloads\Pliki materiałów wykładowych-20220206 2022-02-06 16:12 - 2022-02-06 18:46 - 002279907 _____ C:\Users\Mariusz\Downloads\ptc_przepisane2021.docx.pdf 2022-02-06 14:35 - 2022-02-06 14:35 - 000791109 _____ C:\Users\Mariusz\Downloads\Untitled.html 2022-02-06 14:34 - 2022-02-06 14:35 - 000195558 _____ C:\Users\Mariusz\Untitled.ipynb 2022-02-06 14:34 - 2022-02-06 14:34 - 000000000 ____D C:\Users\Mariusz\.ipynb_checkpoints 2022-02-05 23:32 - 2022-02-05 23:32 - 000000000 ____D C:\Users\Mariusz\source 2022-02-03 16:53 - 2022-02-03 17:26 - 000000312 _____ C:\Users\Mariusz\knapsack_second.csv 2022-02-02 14:37 - 2022-02-04 15:36 - 000000000 ____D C:\Users\Mariusz\Desktop\STUDIA DO UPORZĄDKOWANIA 2022-02-01 15:32 - 2022-02-01 15:38 - 000006313 _____ C:\Users\Mariusz\Downloads\szkic-rozliczenia.ods 2022-01-30 17:07 - 2022-01-30 17:07 - 000052034 _____ C:\Users\Mariusz\Downloads\Faktura_O_155_1_2022.pdf 2022-01-29 19:14 - 2022-01-29 19:25 - 000003083 _____ C:\Users\Mariusz\mikolaj.c 2022-01-29 16:48 - 2022-01-29 16:48 - 000104008 _____ C:\Users\Mariusz\Downloads\faktura_635-1-2022-P.pdf 2022-01-29 16:46 - 2022-01-29 16:46 - 000103997 _____ C:\Users\Mariusz\Downloads\Faktura.pdf 2022-01-27 11:00 - 2022-01-27 11:00 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2022-01-25 14:03 - 2022-01-25 14:03 - 000000000 ____D C:\Users\Mariusz\Desktop\kubek 2022-01-25 14:02 - 2022-02-05 18:40 - 000000000 ____D C:\Users\Mariusz\Desktop\machabeusz 2022-01-13 22:04 - 2022-01-13 22:04 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe 2022-01-13 22:03 - 2022-01-13 22:03 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe 2022-01-13 22:03 - 2022-01-13 22:03 - 000011797 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-01-11 22:09 - 2022-01-11 22:09 - 000000773 _____ C:\Users\Public\Desktop\DataSpell 2021.3.1.lnk 2022-01-11 21:31 - 2022-01-11 21:31 - 000210352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-02-09 12:47 - 2021-08-03 20:09 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\discord 2022-02-09 12:44 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2022-02-09 12:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-02-09 12:39 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2022-02-09 12:36 - 2021-08-03 19:36 - 000000000 ____D C:\Windows\system32\MRT 2022-02-09 12:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-02-09 12:34 - 2021-08-04 13:53 - 000000000 ____D C:\Program Files (x86)\Steam 2022-02-09 12:32 - 2021-08-03 19:36 - 149611728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-02-09 11:53 - 2021-11-10 18:52 - 000000000 ____D C:\Users\Mariusz\AppData\Local\Discord 2022-02-09 11:27 - 2021-08-03 20:11 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Telegram Desktop 2022-02-09 11:21 - 2021-08-28 22:45 - 000000280 _____ C:\Users\Public\Documents\OSCFile.txt 2022-02-09 11:21 - 2021-08-03 19:19 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-02-07 23:27 - 2021-08-04 13:59 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2022-02-07 23:27 - 2021-08-03 19:31 - 000000000 ____D C:\Users\Mariusz\AppData\Local\D3DSCache 2022-02-07 23:20 - 2021-11-08 21:51 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Signal 2022-02-06 20:09 - 2021-09-05 14:05 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\vlc 2022-02-06 20:02 - 2021-08-20 11:25 - 000000000 ____D C:\Users\Mariusz\Downloads\Telegram Desktop 2022-02-06 14:47 - 2021-09-08 16:10 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Code 2022-02-06 14:35 - 2022-01-09 16:02 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\jupyter 2022-02-06 14:35 - 2021-08-03 19:23 - 000000000 ____D C:\Users\Mariusz 2022-02-06 14:33 - 2021-11-10 18:26 - 000000000 ____D C:\Users\Mariusz\.julia 2022-02-05 23:35 - 2021-08-03 19:24 - 000000000 ____D C:\Users\Mariusz\AppData\Local\Packages 2022-02-05 23:31 - 2021-11-17 21:42 - 000000000 ____D C:\Users\Mariusz\Desktop\chat 2022-02-05 13:34 - 2021-08-03 19:24 - 001768508 _____ C:\Windows\system32\PerfStringBackup.INI 2022-02-05 13:34 - 2021-08-03 19:19 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-02-05 13:34 - 2019-12-07 16:09 - 000784464 _____ C:\Windows\system32\perfh015.dat 2022-02-05 13:34 - 2019-12-07 16:09 - 000152360 _____ C:\Windows\system32\perfc015.dat 2022-02-05 13:34 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2022-02-05 13:32 - 2021-10-26 18:17 - 000000524 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2022-02-05 13:30 - 2021-08-03 20:07 - 000000000 ____D C:\ProgramData\NVIDIA 2022-02-05 13:30 - 2021-08-03 20:03 - 000000000 ____D C:\Program Files\Opera 2022-02-05 13:30 - 2021-08-03 19:19 - 000008192 ___SH C:\DumpStack.log.tmp 2022-02-05 13:30 - 2021-08-03 19:19 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-02-05 00:31 - 2021-08-22 21:35 - 000003146 _____ C:\Windows\system32\Tasks\MSIAfterburner 2022-02-03 21:23 - 2021-08-03 20:13 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2022-02-01 11:56 - 2021-08-03 20:03 - 000004000 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1628017390 2022-02-01 11:56 - 2021-08-03 20:03 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2022-01-30 19:36 - 2021-09-28 19:34 - 000000000 ____D C:\Users\Mariusz\Desktop\rn8t 2022-01-30 19:34 - 2020-10-14 21:43 - 000000000 ___RD C:\Users\Mariusz\Desktop\Avensis 2022-01-30 17:55 - 2021-10-29 13:44 - 000042449 _____ C:\Users\Mariusz\quartus2.qreg 2022-01-28 23:00 - 2021-09-21 23:25 - 000001634 __RSH C:\ProgramData\ntuser.pol 2022-01-27 19:00 - 2021-08-23 18:36 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\slobs-client 2022-01-27 17:15 - 2021-08-07 23:36 - 000003130 _____ C:\Windows\system32\Tasks\RTSS 2022-01-27 17:06 - 2021-08-23 18:36 - 000000000 ____D C:\Program Files\Streamlabs OBS 2022-01-27 11:00 - 2021-10-15 08:39 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\Zoom 2022-01-27 10:32 - 2021-08-04 13:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-01-27 00:16 - 2021-12-13 20:48 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3610575030-2036697386-529325907-1001 2022-01-27 00:16 - 2021-08-03 19:25 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3610575030-2036697386-529325907-1001 2022-01-27 00:16 - 2021-08-03 19:23 - 000002429 _____ C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-01-26 23:47 - 2021-09-28 00:03 - 000000000 ____D C:\Users\Mariusz\AppData\Local\CrashDumps 2022-01-26 21:22 - 2021-12-01 19:14 - 000008978 _____ C:\Users\Mariusz\Desktop\koszty.xlsx 2022-01-26 21:02 - 2021-08-05 00:02 - 000000000 ____D C:\Users\Mariusz\Downloads\akt 2022-01-26 11:08 - 2021-08-03 19:19 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-26 11:08 - 2021-08-03 19:19 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-01-23 19:21 - 2021-08-04 01:11 - 000000000 ____D C:\Users\Mariusz\AppData\Local\Adobe 2022-01-15 16:12 - 2021-11-25 00:41 - 000902320 _____ C:\Windows\system32\FNTCACHE.DAT 2022-01-15 16:12 - 2021-10-26 18:11 - 000000000 ____D C:\Program Files\Hyper-V 2022-01-15 16:12 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-01-15 16:12 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2022-01-15 16:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-01-15 16:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2022-01-15 16:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2022-01-15 16:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe 2022-01-15 16:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism 2022-01-15 16:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2022-01-15 16:12 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI 2022-01-12 23:55 - 2021-08-04 13:55 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2022-01-12 23:55 - 2021-08-04 13:55 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-01-11 22:13 - 2021-08-17 18:53 - 000000000 ____D C:\Users\Mariusz\AppData\Roaming\JetBrains 2022-01-11 22:13 - 2021-08-17 18:53 - 000000000 ____D C:\Users\Mariusz\AppData\Local\JetBrains 2022-01-11 22:11 - 2021-08-03 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains 2022-01-11 22:09 - 2021-08-03 20:19 - 000000000 ____D C:\Program Files\JetBrains 2022-01-11 10:48 - 2021-10-29 13:57 - 000000078 _____ C:\Users\Mariusz\quartus2.ini ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-11-15 16:11 - 2021-12-29 16:12 - 000004402 _____ () C:\Users\Mariusz\AppData\Roaming\LTspiceXVII.ini 2021-11-20 00:36 - 2021-12-23 18:30 - 000000128 _____ () C:\Users\Mariusz\AppData\Roaming\winscp.rnd 2022-01-01 23:14 - 2022-01-01 23:14 - 000006188 _____ () C:\Users\Mariusz\AppData\Local\recently-used.xbel 2021-08-04 15:54 - 2021-08-04 15:54 - 000000003 _____ () C:\Users\Mariusz\AppData\Local\updater.log 2021-08-04 15:54 - 2021-08-04 15:54 - 000000424 _____ () C:\Users\Mariusz\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================