Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 27.01.2024 01 Uruchomiony przez Tomaszu (administrator) DESKTOP-0RDJH3N (03-02-2024 05:43:34) Uruchomiony z C:\Users\Tomaszu\Desktop\FRST64.exe Załadowane profile: Tomaszu Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.3693 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Winamp274\winampa.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4> (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Users\Tomaszu\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Tomaszu\AppData\Local\Programs\Opera\106.0.4998.66\opera_crashreporter.exe (cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (DriverStore\FileRepository\u0386458.inf_amd64_e0283e9e7966f704\B386218\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0386458.inf_amd64_e0283e9e7966f704\B386218\atieclxx.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (VENEA.NET) [Brak podpisu cyfrowego] C:\Program Files (x86)\NetTraffic\NetTraffic.exe (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Opera Norway AS -> Opera Software) C:\Users\Tomaszu\AppData\Local\Programs\Opera\opera.exe <20> (services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0386458.inf_amd64_e0283e9e7966f704\B386218\atiesrxx.exe (services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe (services.exe ->) (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\Kingston FURY\FuryCTRL_SDK\FuryControllerService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2> (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Tomaszu\AppData\Local\Microsoft\OneDrive\24.010.0114.0001\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2265096 2022-10-10] (voidtools -> voidtools) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [417176 2024-02-01] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [454072 2024-02-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp274\Winampa.exe [7680 2001-01-11] () [Brak podpisu cyfrowego] HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2089536 2023-07-10] (Famatech Corp. -> Famatech Corp.) HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\...\Run: [NetTraffic] => C:\Program Files (x86)\NetTraffic\NetTraffic.exe [387072 2020-01-04] (VENEA.NET) [Brak podpisu cyfrowego] HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\...\Run: [SteamServerBrowser] => C:\Users\Tomaszu\AppData\Roaming\SteamServerBrowser\SteamServerBrowser.exe [289304 2023-09-23] (Lyrha Software Technologies Inc. -> ) HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\...\Run: [MicrosoftEdgeAutoLaunch_A1F9BF9CD77677678FEB0C85ACBD97E5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\...\Run: [Opera Browser Assistant] => C:\Users\Tomaszu\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3746208 2023-12-19] (Opera Norway AS -> Opera Software) HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [997520 2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2023-10-14] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {80E88F0A-FF0B-465D-8134-41C95B4FE4BE} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {C3724BEE-390E-42AD-A5A9-35392CF8C385} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {42A0C5BD-82D0-4921-92C1-A0A45F5FBAB0} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183224 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {AA63A276-F786-4A73-BC33-9A48D32E0370} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5131712 2024-02-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {DCCA266C-2A32-4A27-ABBC-8FACEE44810B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5094808 2024-02-01] (Avast Software s.r.o. -> AVAST Software) Task: {DBEAA4BA-ECD8-4E4B-9348-DF5D86973FAA} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [7523256 2023-12-05] (AVG Technologies USA, LLC -> AVG Technologies) Task: {7B418CD3-4A8E-423A-88BB-7E0C3D61AE81} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-01-18] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {969DD5E2-C471-4117-885C-90F2E7788074} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-18] (Mozilla Corporation -> Mozilla Foundation) Task: {4560FF65-D33F-4545-8C45-D106C34888F7} - System32\Tasks\Opera scheduled assistant Autoupdate 1672765287 => C:\Users\Tomaszu\AppData\Local\Programs\Opera\launcher.exe [2350496 2024-01-25] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Tomaszu\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {DB6713B2-BD49-458E-A955-A1299F2F74DA} - System32\Tasks\Opera scheduled Autoupdate 1672765285 => C:\Users\Tomaszu\AppData\Local\Programs\Opera\launcher.exe [2350496 2024-01-25] (Opera Norway AS -> Opera Software) Task: {8808ECC4-890B-41BD-B5C6-A0325668D300} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56760 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {22609E7C-65B5-4522-8083-127D74B7C455} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{213e30ac-f4fd-40ba-bef8-9b3003aecd4d}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge Profile: C:\Users\Tomaszu\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-03] Edge Extension: (Dokumenty Google offline) - C:\Users\Tomaszu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-23] Edge Extension: (Edge relevant text changes) - C:\Users\Tomaszu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] FireFox: ======== FF DefaultProfile: lhunu906.default FF ProfilePath: C:\Users\Tomaszu\AppData\Roaming\Mozilla\Firefox\Profiles\lhunu906.default [2024-02-01] FF ProfilePath: C:\Users\Tomaszu\AppData\Roaming\Mozilla\Firefox\Profiles\b2mgr7qm.default-release [2024-02-02] FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2312281861-1873309523-1155339195-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2312281861-1873309523-1155339195-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2312281861-1873309523-1155339195-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR Profile: C:\Users\Tomaszu\AppData\Local\Google\Chrome\User Data\Default [2024-02-01] CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Extension: (Dokumenty Google offline) - C:\Users\Tomaszu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-20] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Tomaszu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-26] Opera: ======= OPR DefaultProfile: Default ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5216584 2024-01-30] (AnyDesk Software GmbH -> AnyDesk Software GmbH) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9065880 2024-02-01] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [753048 2024-02-01] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1157528 2024-02-01] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-02-01] (Avast Software s.r.o. -> AVAST Software) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [789952 2024-02-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [1194424 2024-02-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [9090496 2024-02-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2024-02-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-05-01] (Epic Games Inc. -> Epic Games, Inc.) R2 Everything; C:\Program Files\Everything\Everything.exe [2265096 2022-10-10] (voidtools -> voidtools) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2438128 2023-11-11] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 FuryContorller_Service; C:\Program Files (x86)\Kingston FURY\FuryCTRL_SDK\FuryControllerService.exe [140392 2023-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-01] (Malwarebytes Inc. -> Malwarebytes) R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1179712 2023-07-10] (Famatech Corp. -> Famatech Corp.) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20738360 2023-07-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2022-11-30] (Advanced Micro Devices INC. -> Advanced Micro Devices) R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0386458.inf_amd64_e0283e9e7966f704\B386218\amdkmdag.sys [94464432 2022-12-07] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31528 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [243136 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [394008 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297984 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [96064 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [26616 2024-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39752 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276848 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [561888 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105352 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80528 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [952856 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [711664 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [213296 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319672 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [31568 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [243176 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [394048 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [298024 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [96616 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [26096 2024-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.) S3 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [39792 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [276888 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [561928 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [105392 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [80568 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [952896 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [711696 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [213336 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [319712 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [122656 2024-02-02] (Hans Roes -> Multi Theft Auto) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-02-02] (Malwarebytes Inc. -> Malwarebytes) R3 NTIOLib_KSFX; C:\Program Files (x86)\Kingston FURY\FuryCTRL_SDK\NTIOLib_X64.sys [28504 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [58288 2023-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Famatech Corp.) U3 {2aee2da0-2ada-0da0-5ada-5e2d5ee6c624}; C:\WINDOWS\TEMP\{2aee2da0-2ada-0da0-5ada-5e2d5ee6c624}.sys [243176 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) <==== UWAGA U4 MsSecFlt; Brak ImagePath U4 Sense; Brak ImagePath U4 SgrmAgent; Brak ImagePath U4 SgrmBroker; Brak ImagePath U4 WdBoot; Brak ImagePath U4 WdFilter; Brak ImagePath U4 WdNisDrv; Brak ImagePath U4 WdNisSvc; Brak ImagePath U4 WinDefend; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-02-03 05:43 - 2024-02-03 05:44 - 000027086 _____ C:\Users\Tomaszu\Desktop\FRST.txt 2024-02-03 05:43 - 2024-02-03 05:43 - 002389504 _____ (Farbar) C:\Users\Tomaszu\Desktop\FRST64.exe 2024-02-02 16:56 - 2024-02-02 17:42 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2024-02-02 16:55 - 2024-02-03 05:43 - 000000000 ____D C:\FRST 2024-02-02 16:51 - 2024-02-02 16:51 - 000000000 ___HD C:\$WinREAgent 2024-02-01 20:12 - 2024-02-01 20:12 - 000000000 ____D C:\KPRM 2024-02-01 18:30 - 2024-02-01 18:30 - 000000008 _____ C:\ProgramData\ntuser.pol 2024-02-01 16:05 - 2024-02-01 16:05 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\CrashDumps 2024-02-01 15:26 - 2024-02-02 17:43 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\Malwarebytes 2024-02-01 15:26 - 2024-02-01 15:26 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-02-01 15:26 - 2024-02-01 15:26 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\mbam 2024-02-01 15:26 - 2024-02-01 15:26 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-02-01 15:26 - 2024-02-01 15:26 - 000000000 ____D C:\Program Files\Malwarebytes 2024-02-01 09:49 - 2024-02-01 09:49 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\AVG 2024-02-01 09:48 - 2024-02-03 05:41 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update 2024-02-01 09:48 - 2024-02-01 18:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG 2024-02-01 09:48 - 2024-02-01 15:26 - 000000000 ____D C:\WINDOWS\ELAMBKUP 2024-02-01 09:48 - 2024-02-01 09:48 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus Free.lnk 2024-02-01 09:48 - 2024-02-01 09:48 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\AVG 2024-02-01 09:48 - 2024-02-01 09:47 - 000314304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2024-02-01 09:47 - 2024-02-01 21:18 - 000000000 ____D C:\ProgramData\AVG 2024-02-01 09:47 - 2024-02-01 09:47 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll 2024-02-01 09:47 - 2024-02-01 09:47 - 000050048 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe 2024-02-01 09:47 - 2024-02-01 09:47 - 000000000 ____D C:\Program Files\Common Files\AVG 2024-02-01 09:47 - 2024-02-01 09:47 - 000000000 ____D C:\Program Files\AVG 2024-02-01 09:42 - 2024-02-03 05:41 - 000003248 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2024-02-01 09:42 - 2024-02-03 05:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2024-02-01 09:42 - 2024-02-01 09:44 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\Avast Software 2024-02-01 09:42 - 2024-02-01 09:42 - 000314264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2024-02-01 09:42 - 2024-02-01 09:42 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2024-02-01 09:42 - 2024-02-01 09:42 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2024-02-01 09:42 - 2024-02-01 09:42 - 000000004 ____H C:\ProgramData\rc61.dat 2024-02-01 09:42 - 2024-02-01 09:42 - 000000000 ___HD C:\$AV_ASW 2024-02-01 09:42 - 2024-02-01 09:42 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Avast Software 2024-02-01 09:42 - 2024-02-01 09:42 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2024-02-01 09:41 - 2024-02-01 21:18 - 000000000 ____D C:\ProgramData\Avast Software 2024-02-01 09:41 - 2024-02-01 09:41 - 000000000 ____D C:\Program Files\Avast Software 2024-02-01 09:40 - 2024-02-01 15:29 - 000000000 ___HD C:\Users\Tomaszu\AppData\Roaming\configurationValue 2024-02-01 09:40 - 2024-02-01 15:29 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\006700e5a2ab05 2024-02-01 09:40 - 2024-02-01 15:29 - 000000000 ____D C:\ProgramData\hlkwogclqprr 2024-02-01 09:40 - 2024-02-01 15:29 - 000000000 ____D C:\ProgramData\eyfisgalqlbk 2024-02-01 09:40 - 2024-02-01 09:40 - 000003656 _____ C:\WINDOWS\system32\Tasks\wKEKgIUaS9j6d0zzSepX9miM.exe 2024-02-01 09:40 - 2024-02-01 09:40 - 000003604 _____ C:\WINDOWS\system32\Tasks\MalayamaraUpdate 2024-02-01 09:40 - 2024-02-01 09:40 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Temp 2024-02-01 09:40 - 2024-02-01 09:40 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SumatraPDF 2024-02-01 09:40 - 2024-02-01 09:40 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\daLeA4jU 2024-02-01 09:40 - 2024-02-01 09:40 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\SystemCache 2024-02-01 09:40 - 2024-02-01 09:40 - 000000000 ____D C:\SystemID 2024-02-01 09:40 - 2024-02-01 09:40 - 000000000 ____D C:\Program Files (x86)\ClocX 2024-02-01 09:40 - 2024-02-01 09:40 - 000000000 _____ C:\Users\Tomaszu\0.pdf 2024-02-01 09:39 - 2024-02-01 15:29 - 000000000 ____D C:\Users\Tomaszu\Documents\GuardFox 2024-02-01 09:39 - 2024-02-01 15:29 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\RageMP131 2024-02-01 09:39 - 2024-02-01 15:29 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\RageMP1 2024-02-01 09:39 - 2024-02-01 15:29 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\Key Signatures verification 2024-02-01 09:39 - 2024-02-01 15:29 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\ExtreamFanV5 2024-02-01 09:39 - 2024-02-01 15:29 - 000000000 ____D C:\ProgramData\DeliveryStatusFields_66 2024-02-01 09:39 - 2024-02-01 14:39 - 000000000 ____D C:\ProgramData\MPGPH1 2024-02-01 09:39 - 2024-02-01 09:44 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\010cefd5-452a-4a80-909c-01c153fd902d 2024-02-01 09:39 - 2024-02-01 09:43 - 000000000 ____D C:\ProgramData\WinTrackerSP 2024-02-01 09:39 - 2024-02-01 09:43 - 000000000 ____D C:\ProgramData\MPGPH131 2024-02-01 09:39 - 2024-02-01 09:39 - 000000000 ____D C:\Program Files (x86)\360 2024-01-31 18:35 - 2024-01-31 18:42 - 000000000 ____D C:\Users\Tomaszu\Desktop\Sample, loopy i vst 2024-01-31 17:18 - 2024-01-31 17:18 - 000000000 ____D C:\ProgramData\Roland Cloud 2024-01-31 17:16 - 2024-01-31 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roland Cloud 2024-01-31 17:15 - 2024-01-31 17:16 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\Roland Cloud 2024-01-31 12:47 - 2024-01-31 12:47 - 000000054 _____ C:\Users\Tomaszu\Desktop\VENGEANCE ESSENTIALS.txt 2024-01-30 16:01 - 2024-01-30 16:01 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModManager 2024-01-29 21:16 - 2024-01-29 21:16 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chatango 2024-01-29 21:16 - 2024-01-29 21:16 - 000000000 ____D C:\Program Files (x86)\Chatango 2024-01-29 11:54 - 2024-01-29 11:54 - 007199238 _____ C:\Users\Tomaszu\Desktop\unnamed.mp4 2024-01-29 11:53 - 2024-01-29 11:53 - 126501760 _____ C:\Users\Tomaszu\Desktop\Aqua-Clip_media-downloader.exe 2024-01-29 11:53 - 2024-01-29 11:53 - 000000812 _____ C:\Users\Tomaszu\Desktop\Aqua Clip.lnk 2024-01-29 11:53 - 2024-01-29 11:53 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aqua Clip 2024-01-29 11:53 - 2024-01-29 11:53 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\AquaClip 2024-01-29 11:53 - 2024-01-29 11:53 - 000000000 ____D C:\Program Files (x86)\Aqua Clip 2024-01-28 14:00 - 2024-01-28 14:00 - 000000072 _____ C:\Users\Tomaszu\Desktop\PRESETS NEX.txt 2024-01-28 13:13 - 2024-01-28 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX 2024-01-28 12:48 - 2024-01-29 12:01 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-01-28 12:48 - 2024-01-28 12:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2024-01-28 12:48 - 2024-01-28 12:48 - 000002036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox — tryb prywatny.lnk 2024-01-28 12:48 - 2024-01-28 12:48 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-01-28 12:48 - 2024-01-28 12:48 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\Mozilla 2024-01-28 12:48 - 2024-01-28 12:48 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-01-28 12:48 - 2024-01-28 12:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-01-28 12:24 - 2010-01-16 23:27 - 002440704 _____ (AD © 2010) C:\WINDOWS\SysWOW64\SYNSOEMU.DLL 2024-01-27 23:16 - 2024-01-27 23:16 - 000000128 ____H C:\ProgramData\resource-b.dat 2024-01-27 23:16 - 2024-01-27 23:16 - 000000128 ____H C:\ProgramData\resource-a.dat 2024-01-27 23:16 - 2024-01-27 23:16 - 000000008 ____H C:\ProgramData\ts61.dat 2024-01-27 23:15 - 2024-02-01 15:29 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\DP 2024-01-27 23:15 - 2024-02-01 15:29 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\Python Numeric abstract base classes 2024-01-27 23:15 - 2024-02-01 15:29 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\DP 2024-01-27 23:15 - 2024-02-01 09:42 - 000000000 ____D C:\ProgramData\GeoLocationMap61 2024-01-27 23:15 - 2024-01-27 23:15 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DP 2024-01-26 16:37 - 2024-01-26 16:52 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\NFS Underground 2 2024-01-26 16:36 - 2024-01-26 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES 2024-01-22 09:16 - 2024-01-22 09:16 - 000001518 _____ C:\Users\Tomaszu\Desktop\Screenshots.lnk 2024-01-14 17:51 - 2024-01-14 17:52 - 000000000 ____D C:\Users\Tomaszu\Documents\Deluxe Ski Jump 4 2024-01-14 17:49 - 2024-01-14 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4 2024-01-14 12:56 - 2024-01-14 12:56 - 000000000 ____D C:\Users\Public\Foxit Software 2024-01-14 12:55 - 2024-01-14 12:55 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Foxit Software 2024-01-14 12:55 - 2024-01-14 12:55 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Foxit AgentInformation 2024-01-14 12:55 - 2024-01-14 12:55 - 000000000 ____D C:\ProgramData\Foxit Software 2024-01-14 12:55 - 2024-01-14 12:55 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform 2024-01-14 12:55 - 2024-01-14 12:55 - 000000000 ____D C:\Program Files (x86)\Foxit Software ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-02-03 05:41 - 2023-12-09 06:44 - 000003874 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1672765287 2024-02-03 05:41 - 2023-12-09 06:44 - 000003658 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1672765285 2024-02-03 05:41 - 2023-12-09 06:44 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-02-03 05:41 - 2023-12-09 06:44 - 000003270 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-02-03 05:41 - 2023-12-09 06:44 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2312281861-1873309523-1155339195-1001 2024-02-03 05:41 - 2023-12-09 06:44 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2312281861-1873309523-1155339195-1001 2024-02-03 05:41 - 2023-12-09 06:44 - 000002518 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2024-02-03 05:41 - 2023-12-09 06:44 - 000002420 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate 2024-02-03 05:41 - 2023-12-09 06:44 - 000002404 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask 2024-02-03 05:41 - 2023-12-09 06:44 - 000002194 _____ C:\WINDOWS\system32\Tasks\StartCN 2024-02-03 05:41 - 2023-12-09 06:44 - 000002114 _____ C:\WINDOWS\system32\Tasks\StartDVR 2024-02-03 05:41 - 2023-12-09 06:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-02-03 05:31 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-02-03 00:34 - 2023-12-09 06:35 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-02-02 19:33 - 2023-01-05 19:44 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Mumble 2024-02-02 18:07 - 2023-03-23 20:55 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\foobar2000 2024-02-02 17:39 - 2023-03-26 14:17 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2024-02-02 17:33 - 2023-01-04 23:43 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Everything 2024-02-02 17:31 - 2023-12-09 07:16 - 002001858 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-02-02 17:31 - 2019-12-07 16:09 - 000855904 _____ C:\WINDOWS\system32\perfh015.dat 2024-02-02 17:31 - 2019-12-07 16:09 - 000181914 _____ C:\WINDOWS\system32\perfc015.dat 2024-02-02 17:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-02-02 17:24 - 2023-12-09 06:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-02-02 17:24 - 2023-12-09 06:40 - 000000000 ____D C:\Users\Tomaszu 2024-02-02 17:24 - 2023-04-15 09:19 - 000000000 ____D C:\Program Files\TeamViewer 2024-02-02 17:24 - 2023-01-04 07:08 - 000008192 ___SH C:\DumpStack.log.tmp 2024-02-02 17:23 - 2023-07-06 21:18 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\Discord 2024-02-02 17:21 - 2023-03-26 14:17 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\discord 2024-02-02 16:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-02-02 14:24 - 2023-01-05 21:34 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\vlc 2024-02-02 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-02-02 12:31 - 2023-01-03 18:03 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\D3DSCache 2024-02-01 21:18 - 2023-01-03 18:03 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2024-02-01 21:18 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2024-02-01 21:17 - 2023-01-05 06:45 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\Everything 2024-02-01 19:30 - 2023-01-05 22:09 - 000000000 ____D C:\ProgramData\MTA San Andreas All 2024-02-01 19:30 - 2023-01-05 19:58 - 000000000 ____D C:\Users\Tomaszu\Documents\GTA San Andreas User Files 2024-02-01 18:27 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2024-02-01 15:29 - 2023-12-22 20:05 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\utorrent 2024-02-01 09:46 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-02-01 09:43 - 2023-01-05 22:05 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\Updates 2024-02-01 09:42 - 2023-12-09 06:40 - 000000000 ____D C:\Users\DefaultAppPool 2024-02-01 09:39 - 2023-04-08 21:42 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\Steam 2024-02-01 09:39 - 2023-01-03 17:59 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Opera Software 2024-01-31 18:57 - 2023-01-10 22:19 - 000000132 _____ C:\WINDOWS\winamp.ini 2024-01-31 18:48 - 2023-01-05 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2024-01-31 17:16 - 2023-01-10 22:23 - 000000000 ____D C:\Program Files\Common Files\VST3 2024-01-30 16:27 - 2023-08-06 17:40 - 000000000 ____D C:\Program Files (x86)\Google 2024-01-30 09:28 - 2023-12-09 06:40 - 000002433 _____ C:\Users\Tomaszu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-01-30 04:55 - 2023-08-11 21:57 - 000000000 ____D C:\Program Files (x86)\AnyDesk 2024-01-29 11:53 - 2023-01-05 19:26 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\cache 2024-01-29 11:39 - 2023-01-06 00:31 - 000000000 ____D C:\Users\Tomaszu\Documents\Image-Line 2024-01-29 11:29 - 2023-01-06 00:31 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2024-01-29 11:29 - 2023-01-06 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line 2024-01-29 08:46 - 2023-01-03 18:01 - 000001415 _____ C:\Users\Tomaszu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2024-01-28 12:48 - 2023-01-20 20:40 - 000000000 ____D C:\Users\Tomaszu\AppData\Roaming\Mozilla 2024-01-27 18:37 - 2023-01-14 13:26 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\modloader 2024-01-27 18:37 - 2023-01-14 13:26 - 000000000 ____D C:\ProgramData\modloader 2024-01-27 12:09 - 2023-01-04 07:08 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-01-27 11:32 - 2023-01-05 19:26 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\AMD_Common 2024-01-25 06:12 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-01-25 05:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-01-12 15:29 - 2023-01-04 03:18 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-01-12 15:26 - 2023-01-04 03:18 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-01-11 17:18 - 2023-12-22 20:07 - 000000000 ____D C:\Users\Tomaszu\AppData\Local\BitTorrentHelper ==================== Pliki w katalogu głównym wybranych folderów ======== 2024-02-01 09:42 - 2024-02-01 09:42 - 000000004 ____H () C:\ProgramData\rc61.dat 2024-01-27 23:16 - 2024-01-27 23:16 - 000000128 ____H () C:\ProgramData\resource-a.dat 2024-01-27 23:16 - 2024-01-27 23:16 - 000000128 ____H () C:\ProgramData\resource-b.dat 2024-01-27 23:16 - 2024-01-27 23:16 - 000000008 ____H () C:\ProgramData\ts61.dat 2023-11-18 18:46 - 2023-11-18 18:46 - 000007605 _____ () C:\Users\Tomaszu\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================