Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 16-12-2023 Uruchomiony przez User (administrator) DESKTOP-FP4OP26 (Default string Default string) (16-12-2023 17:19:29) Uruchomiony z C:\Users\User\Downloads\FRST64.exe Załadowane profile: User Platforma: Microsoft Windows 11 Pro Wersja 23H2 22631.2861 (X64) Język: Niemiecki (Niemcy) -> Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Beijing Duodian Online Science and Technology Co.,Ltd -> ) C:\Program Files (x86)\Nox\bin\nox_adb.exe (C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMSVC.exe ->) (Nox Limited -> Nox Limited Corporation) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe ->) (G DATA CyberDefense AG -> G Data CyberDefense AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\DnsCloudClient.exe (C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe ->) (G DATA CyberDefense AG -> G DATA CyberDefense AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe (C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe ->) (G DATA CyberDefense AG -> G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe (C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe ->) (G DATA Software AG -> G DATA CyberDefense AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (C:\Program Files (x86)\Nox\bin\MultiPlayerManager.exe ->) (Nox Limited -> ) C:\Program Files (x86)\Nox\bin\MultiPlayerCefWing.exe <2> (C:\Program Files (x86)\Nox\bin\MultiPlayerManager.exe ->) (Nox Limited -> Duodian Technology Co. Ltd.) C:\Program Files (x86)\Nox\bin\Nox.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.77\msedgewebview2.exe <6> (C:\Users\User\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\User\AppData\Local\Programs\Opera GX\104.0.4944.85\opera_crashreporter.exe (cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (DriverStore\FileRepository\u0396906.inf_amd64_85a7dd2e12f92c85\B396804\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0396906.inf_amd64_85a7dd2e12f92c85\B396804\atieclxx.exe (explorer.exe ->) (Nox Limited -> ) C:\Program Files (x86)\Nox\bin\MultiPlayerManager.exe (explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe (Opera Norway AS -> Opera Software) C:\Users\User\AppData\Local\Programs\Opera GX\opera.exe <26> (services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0396906.inf_amd64_85a7dd2e12f92c85\B396804\atiesrxx.exe (services.exe ->) (G DATA CyberDefense AG -> G DATA CyberDefense AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe (services.exe ->) (G DATA CyberDefense AG -> G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (services.exe ->) (G DATA CyberDefense AG -> G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (services.exe ->) (G DATA CyberDefense AG -> G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_01de91f5c3258938\RtkAudUService64.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files\COMFAST\WifiAutoInstall\WifiAutoInstallSrv.exe (services.exe ->) (TunnelBear (McAfee Canada ULC) -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe (svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (svchost.exe ->) (Nox Limited -> Nox Limited Corporation) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMSVC.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1767712 2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_01de91f5c3258938\RtkAudUService64.exe [1910072 2023-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [783160 2023-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [5298768 2023-12-06] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [5298768 2023-12-06] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-11-16] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [Opera GX Stable] => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe [2587040 2023-12-03] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2646120 2023-11-28] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2023-12-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\User\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (Brak pliku) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\User\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2023-10-19] (Now.gg, INC -> now.gg, Inc.) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [Windscribe] => C:\Program Files\Windscribe\Windscribe.exe [6062952 2023-11-16] (Windscribe Limited -> Windscribe Limited) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [NoxMultiPlayer] => C:\Program Files (x86)\Nox\bin\MultiPlayerManager.exe [3926632 2023-11-20] (Nox Limited -> ) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\Update.exe [1525024 2023-11-28] (Discord Inc. -> GitHub) HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\MountPoints2: {f2d65ed7-6a25-11ee-b6b7-d8bbc161edd2} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5298768 2023-12-06] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [5298768 2023-12-06] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.72\Installer\chrmstp.exe [2023-12-14] (Google LLC -> Google LLC) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voice.ai - Voice Changer.lnk [2023-10-19] ShortcutTarget: Voice.ai - Voice Changer.lnk -> C:\Program Files\Voice.ai\VoiceAI.exe (Voice AI LLC -> ) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {FDD4D737-09E4-4448-958B-F74AEF7CF952} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-10-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {719D1C28-2905-42D7-ACCB-570A66975EA9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-10-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {4D18DFBD-5BE3-4A3D-B758-82DE509F1696} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {123D37D5-FAD0-4E88-A147-2B319431435C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "1bceda50-0ca6-4109-b62c-ff913d139333" --version "6.18.10838" --silent Task: {21695860-BA5C-46C2-8D79-4F7BB6F3A86A} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {3919E5D7-601E-4A26-ABBB-480372A18BA6} - System32\Tasks\GoogleUpdateTaskMachineCore{E6E92900-82AE-4240-9623-68E9AD5081D6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-07] (Google LLC -> Google LLC) Task: {596860ED-1B5A-4513-9F74-124DCDF45DBB} - System32\Tasks\GoogleUpdateTaskMachineUA{B2966627-8726-4E84-9F42-7799DF529370} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-07] (Google LLC -> Google LLC) Task: {A8F68427-E643-4080-988E-B2FC3DE881A5} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [253904 2023-10-13] (Microsoft Corporation -> Microsoft) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Brak pliku) Task: {50DA69FC-4395-49D5-B125-0A2E6DF3C258} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-10-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {C3E789B8-D670-4A64-B6BF-A6C340540BD7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674208 2023-12-09] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {B6AC074C-AAD3-4DBB-A353-EE8098E5BB90} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-09] (Mozilla Corporation -> Mozilla Foundation) Task: {0CF68909-2554-4F97-A30B-C3D3588A5997} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1697469414 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe [2587040 2023-12-03] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\User\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {F4B13DD9-E674-4EDE-B23B-3644EB60DF26} - System32\Tasks\Opera GX scheduled Autoupdate 1696529360 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe [2587040 2023-12-03] (Opera Norway AS -> Opera Software) Task: {27D54161-3873-4760-A2F6-4FA2747562FD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60344 2023-10-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {494440FD-F70D-41D1-803E-C892227A6B5F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324024 2023-10-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) ProxyServer: [S-1-5-21-1317094474-1395548158-2812114734-1001] => 82.211.3.58:50100 Hosts: 149.36.50.157 de-028.whiskergalaxy.com #added by Windscribe, do not modify. Tcpip\Parameters: [DhcpNameServer] 192.168.72.237 Tcpip\..\Interfaces\{0aea6139-5371-4f08-968e-0a72be609cfb}: [DhcpNameServer] 10.0.0.1 Tcpip\..\Interfaces\{2dc2ba52-c742-4580-b549-fb60e61da63b}: [DhcpNameServer] 192.168.72.237 Tcpip\..\Interfaces\{69094a7d-1e33-48f3-aa8a-6b476689514e}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{a230d696-ea94-4d58-a2d0-3bca64a9b8ae}: [NameServer] 172.17.3.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-16] Edge Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-08] Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-08] Edge HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl] Edge HKLM-x32\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl] FireFox: ======== FF DefaultProfile: shi5qh08.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\shi5qh08.default [2021-10-18] FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\y93jq3vd.default-release [2023-12-12] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2023-12-14] CHR Extension: (iMacros for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2023-10-07] CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17] CHR Extension: (AntiCaptcha automatic captcha solver) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncaoejhfdpcafpkkcddpjnhnodcajfg [2023-10-07] [UpdateUrl:hxxps://antcpt.com/downloads/firefox/update_manifest.json] <==== UWAGA CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-07] CHR Extension: (GrowBot Automator for Instagram) - C:\Users\User\Downloads\growbot-FULL\growbot-FULL [2023-10-07] CHR HKU\S-1-5-21-1317094474-1395548158-2812114734-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-1317094474-1395548158-2812114734-1001) Opera GXStable - "C:\Users\User\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [7704824 2023-07-11] (G DATA CyberDefense AG -> G DATA Software AG) R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3859712 2023-07-11] (G DATA CyberDefense AG -> G DATA CyberDefense AG) S3 CloudBackupRestoreSvc; C:\WINDOWS\System32\CloudRestoreLauncher.dll [1376256 2023-12-06] (Microsoft Windows -> Microsoft Corporation) S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [47716384 2023-08-28] (Electronic Arts, Inc. -> Electronic Arts) S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11187816 2023-11-28] (Electronic Arts, Inc. -> Electronic Arts) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [347408 2023-09-26] (Underwriters Laboratories Inc. -> Futuremark) R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [7072000 2023-07-11] (G DATA CyberDefense AG -> G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2124528 2023-07-11] (G DATA CyberDefense AG -> G DATA Software AG) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2023-11-14] (HP Inc. -> HP Inc.) S2 LBAEvent; C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe [27464 2013-09-16] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [142864 2023-08-30] (TunnelBear (McAfee Canada ULC) -> TunnelBear) S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [41928 2023-10-13] (Microsoft Corporation -> Microsoft) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WifiAutoInstallSrv; C:\Program Files\COMFAST\WifiAutoInstall\WifiAutoInstallSrv.exe [136128 2018-04-18] (Realtek Semiconductor Corp. -> Realtek) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WindscribeService; C:\Program Files\Windscribe\WindscribeService.exe [1045352 2023-11-16] (Windscribe Limited -> Windscribe Limited) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [36736 2023-05-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0396906.inf_amd64_85a7dd2e12f92c85\B396804\amdkmdag.sys [106396096 2023-10-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) S3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0395307.inf_amd64_04945749e6d18630\B395312\amdkmdag.sys [99600928 2023-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 AX88179; C:\WINDOWS\System32\DriverStore\FileRepository\netax88179_178a.inf_amd64_a8bb8a6e92764769\ax88179_178a.sys [79872 2022-05-07] (Microsoft Windows -> ASIX Electronics Corp.) R3 AX88179A; C:\WINDOWS\System32\DriverStore\FileRepository\netax88179x_178a_772d.inf_amd64_2f23e7b22ed30454\ax88179x_178a_772d.sys [153480 2023-08-07] (WDKTestCert asix,133111579530933026 -> ASIX Electronics Corp.) R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [310672 2023-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-09-25] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-09-25] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 fuj02e3; C:\WINDOWS\System32\drivers\fuj02e3.sys [53008 2016-08-03] (FUJITSU LIMITED -> FUJITSU LIMITED) S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [278504 2023-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> G DATA CyberDefense AG) R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [36264 2023-10-20] (Microsoft Windows Hardware Compatibility Publisher -> G DATA CyberDefense AG) R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2023-10-20] (G DATA Software AG -> G DATA Software AG) R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [939976 2023-11-08] (Microsoft Windows Hardware Compatibility Publisher -> G DATA CyberDefense AG) R3 GDNetflt; C:\WINDOWS\System32\DRIVERS\gdnetflt.sys [127928 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> G DATA Software AG) R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [314312 2023-12-15] (Microsoft Windows Hardware Compatibility Publisher -> G DATA CyberDefense AG) R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [78760 2023-10-20] (Microsoft Windows Hardware Compatibility Publisher -> G DATA Software AG) R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [361928 2023-12-15] (Microsoft Windows Hardware Compatibility Publisher -> G DATA CyberDefense AG) S3 HWiNFO_187; C:\Users\User\AppData\Local\Temp\HWiNFO64A_187.SYS [56912 2023-10-25] (Microsoft Windows Hardware Compatibility Publisher -> REALiX(tm)) <==== UWAGA S3 polarbear-split-tunneling; C:\Program Files (x86)\TunnelBear\Drivers\x64\SplitTunnelingDriver.sys [29176 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek) R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9275336 2023-10-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) R3 Sftfs; C:\WINDOWS\system32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation -> Microsoft Corporation) R3 Sftplay; C:\WINDOWS\system32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation -> Microsoft Corporation) R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation -> Microsoft Corporation) R3 Sftvol; C:\WINDOWS\system32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation -> Microsoft Corporation) R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2023-07-10] (TunnelBear, Inc. -> The OpenVPN Project) R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2023-11-16] (Windscribe Limited -> The OpenVPN Project) R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2023-10-13] (Vincent Burel -> Windows (R) Win 7 DDK provider) R3 VoiceAIDriver; C:\WINDOWS\System32\DriverStore\FileRepository\voiceaidriver.inf_amd64_214d6aacf9c41414\voiceaidriver.sys [73616 2023-06-20] (Voice AI LLC -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [572712 2023-10-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-07] (Microsoft Windows -> Microsoft Corporation) S3 WindscribeSplitTunnel; C:\WINDOWS\system32\DRIVERS\WindscribeSplitTunnel.sys [38152 2023-11-16] (Windscribe Limited -> ) R3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2023-11-16] (Windscribe Limited -> WireGuard LLC) R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2023-11-16] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-11-16] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WOVAD; C:\WINDOWS\System32\drivers\womic.sys [51192 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation) S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X] S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X] S4 nvlddmkm; \SystemRoot\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_009debfbd2e1619b\nvlddmkm.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2084-10-01 09:45 - 2084-10-01 09:45 - 000000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2084-10-01 09:25 - 2084-10-01 09:25 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2084-10-01 06:42 - 2084-10-01 06:52 - 000875536 _____ C:\WINDOWS\system32\wpbbin.exe 2084-10-01 06:42 - 2084-10-01 06:52 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe 2084-10-01 06:42 - 2084-10-01 06:52 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe 2084-10-01 06:42 - 2084-10-01 06:42 - 000000000 ____D C:\ProgramData\GIGABYTE 2084-10-01 02:33 - 2023-09-29 14:02 - 000000000 ____D C:\WINDOWS\Panther 2084-10-01 02:11 - 2084-10-01 02:11 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2084-10-01 02:10 - 2084-10-01 02:10 - 000000020 ___SH C:\Users\User\ntuser.ini 2084-10-01 02:10 - 2084-10-01 02:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform 2084-10-01 02:10 - 2023-12-14 21:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2084-10-01 02:10 - 2023-10-30 20:52 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2084-10-01 02:10 - 2023-10-30 20:52 - 000003630 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2084-10-01 02:10 - 2023-10-05 15:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2084-10-01 02:09 - 2084-10-01 02:10 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2084-10-01 02:09 - 2084-10-01 02:10 - 000011433 _____ C:\WINDOWS\diagerr.xml 2084-10-01 02:09 - 2023-12-14 21:12 - 002565952 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2084-10-01 02:08 - 2084-10-01 02:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\SystemCertificates 2084-10-01 02:08 - 2084-10-01 02:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Network 2084-10-01 02:08 - 2084-10-01 02:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Crypto 2084-10-01 02:08 - 2084-10-01 02:08 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\Vorlagen 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\Startmenü 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\Netzwerkumgebung 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\Lokale Einstellungen 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\Eigene Dateien 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\Druckumgebung 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\Documents\Eigene Videos 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\Documents\Eigene Musik 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\Documents\Eigene Bilder 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\AppData\Local\Verlauf 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\AppData\Local\Anwendungsdaten 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 _SHDL C:\Users\User\Anwendungsdaten 2084-10-01 02:06 - 2084-10-01 02:06 - 000000000 ____D C:\WINDOWS\system32\config\BFS 2084-10-01 02:06 - 2023-12-16 06:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2084-10-01 02:06 - 2023-12-14 08:01 - 000308088 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2084-10-01 02:06 - 2023-12-11 16:03 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Spelling 2084-10-01 02:06 - 2023-10-13 17:27 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows 2084-10-01 00:36 - 2084-10-01 03:05 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2084-10-01 00:34 - 2084-10-01 00:36 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2084-10-01 00:28 - 2084-10-01 00:28 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2084-09-29 23:36 - 2084-10-01 00:36 - 000000000 ____D C:\Program Files\ASUS 2084-09-29 23:36 - 2084-09-29 23:36 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf 2084-09-29 23:36 - 2084-09-29 23:36 - 000000000 ____D C:\Program Files (x86)\ASUS 2084-09-27 21:03 - 2084-09-27 21:03 - 000000000 ____D C:\Program Files (x86)\Lenovo 2084-09-27 21:03 - 2013-09-16 12:55 - 000017736 _____ (Lenovo) C:\WINDOWS\SysWOW64\LBAI.dll 2084-09-27 19:31 - 2084-10-01 00:36 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2084-09-27 19:31 - 2084-09-27 19:31 - 000000000 _____ C:\WINDOWS\ativpsrm.bin 2084-09-24 22:19 - 2084-09-24 22:19 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA Corporation 2084-09-24 22:17 - 2084-10-01 03:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2084-09-24 22:17 - 2016-11-14 13:30 - 001767712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2084-09-24 22:17 - 2016-11-14 13:30 - 001756560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2084-09-24 22:17 - 2016-11-14 13:30 - 001377752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2084-09-24 22:17 - 2016-11-14 13:30 - 001316136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2084-09-24 22:17 - 2016-11-14 13:30 - 000112168 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2084-09-24 22:16 - 2023-10-07 15:52 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2084-09-24 22:16 - 2016-11-14 13:30 - 000114744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2084-09-24 22:16 - 2016-11-14 13:30 - 000104512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2084-09-24 21:53 - 2084-09-24 21:53 - 000000000 ____D C:\Program Files\Common Files\Intel 2084-09-24 16:38 - 2084-09-24 16:38 - 000000000 ____D C:\Users\User\AppData\Local\PeerDistRepub 2084-09-24 16:27 - 2084-09-24 16:55 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2084-09-24 16:27 - 2021-05-17 02:16 - 000108072 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys 2084-09-24 16:15 - 2084-09-24 16:15 - 000000000 ____D C:\Users\User\AppData\LocalLow\AMD 2084-09-24 16:15 - 2023-12-10 19:43 - 000000000 ____D C:\Program Files\AMD 2084-09-24 16:15 - 2023-10-25 18:13 - 000000000 ____D C:\Users\User\AppData\Local\AMD 2084-09-24 16:13 - 2023-10-05 22:28 - 000000000 ____D C:\WINDOWS\system32\AMD 2049-01-18 20:05 - 2021-10-18 11:08 - 001694468 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2049-01-18 20:04 - 2021-10-18 11:08 - 000000000 ____D C:\Users\User\AppData\Roaming\TP 2049-01-18 19:58 - 2023-10-24 20:28 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\MMC 2049-01-18 19:42 - 2023-10-14 03:09 - 000000000 ____D C:\Users\User\AppData\Local\Comms 2049-01-18 19:19 - 2023-11-28 17:15 - 000000000 ___RD C:\Users\User\OneDrive 2049-01-18 19:19 - 2023-11-20 21:16 - 000002433 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2049-01-18 19:16 - 2049-01-18 19:16 - 000000000 ___SD C:\Users\User\AppData\Roaming\Microsoft\Protect 2049-01-18 19:16 - 2049-01-18 19:16 - 000000000 ___SD C:\Users\User\AppData\Roaming\Microsoft\Credentials 2049-01-18 19:16 - 2049-01-18 19:16 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Vault 2049-01-18 19:16 - 2049-01-18 19:16 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe 2049-01-18 19:16 - 2049-01-18 19:16 - 000000000 ____D C:\Users\User\AppData\Local\VirtualStore 2049-01-18 19:16 - 2023-12-05 17:31 - 000000000 ____D C:\Users\User\AppData\Local\Packages 2049-01-18 19:16 - 2023-12-05 17:31 - 000000000 ____D C:\ProgramData\Packages 2049-01-18 19:16 - 2023-12-04 15:30 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache 2049-01-18 19:16 - 2023-11-14 12:29 - 000000000 ____D C:\Users\User\AppData\Local\Publishers 2049-01-18 19:16 - 2023-10-16 16:13 - 000000000 ____D C:\Users\User\AppData\Local\ConnectedDevicesPlatform 2049-01-18 19:16 - 2023-10-14 02:15 - 000000000 __RHD C:\Users\Public\AccountPictures 2049-01-18 19:14 - 2049-01-18 19:14 - 000000000 ____D C:\WINDOWS\CSC 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Public\Documents\Eigene Videos 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\Vorlagen 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\Startmenü 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\Netzwerkumgebung 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\Lokale Einstellungen 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\Eigene Dateien 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\Druckumgebung 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Users\Default\Anwendungsdaten 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Programme 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\ProgramData\Vorlagen 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\ProgramData\Startmenü 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\ProgramData\Dokumente 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Program Files\Gemeinsame Dateien 2049-01-18 19:12 - 2049-01-18 19:12 - 000000000 _SHDL C:\Dokumente und Einstellungen 2049-01-18 19:09 - 2023-12-16 15:58 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2049-01-18 19:08 - 2049-01-18 19:08 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2049-01-18 19:08 - 2023-12-14 21:04 - 000012288 ___SH C:\DumpStack.log.tmp 2049-01-18 19:08 - 2023-10-07 00:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-12-16 17:19 - 2023-12-16 17:19 - 000000000 ____D C:\Users\User\Downloads\FRST-OlderVersion 2023-12-16 01:39 - 2023-12-16 01:39 - 000042750 _____ C:\Users\User\Downloads\Addition.txt 2023-12-16 01:38 - 2023-12-16 17:20 - 000029863 _____ C:\Users\User\Downloads\FRST.txt 2023-12-15 22:15 - 2023-12-15 22:15 - 002080307 _____ C:\Users\User\Downloads\VID_29590216_022454_913 (1).mp4 2023-12-14 23:07 - 2023-12-14 23:07 - 009650270 _____ C:\Users\User\Downloads\VID_95900108_191157_174.mp4 2023-12-14 21:12 - 2023-12-14 21:12 - 000752074 _____ C:\WINDOWS\system32\perfh015.dat 2023-12-14 21:12 - 2023-12-14 21:12 - 000720948 _____ C:\WINDOWS\system32\perfh007.dat 2023-12-14 21:12 - 2023-12-14 21:12 - 000150150 _____ C:\WINDOWS\system32\perfc015.dat 2023-12-14 21:12 - 2023-12-14 21:12 - 000149040 _____ C:\WINDOWS\system32\perfc007.dat 2023-12-14 17:42 - 2023-12-14 17:42 - 000223756 _____ C:\Users\User\Downloads\IMG_20220606_165619_595.webp 2023-12-14 00:22 - 2023-12-14 00:22 - 008255378 _____ C:\Users\User\Downloads\VID_95860904_154256_902.mp4 2023-12-14 00:18 - 2023-12-14 00:18 - 007473852 _____ C:\Users\User\Downloads\VID_95800901_171517_599.mp4 2023-12-13 19:00 - 2023-12-13 19:00 - 008609444 _____ C:\Users\User\Downloads\FakeGPS_1.4_apkcombo.com.apk 2023-12-13 18:40 - 2023-12-13 18:41 - 130318757 _____ C:\Users\User\Downloads\Opera_79.1.4195.76422_apkcombo.com.apk 2023-12-13 18:35 - 2023-12-13 18:35 - 002440231 _____ C:\Users\User\Downloads\What is my IP address_5.01_apkcombo.com.apk 2023-12-13 18:33 - 2023-12-13 18:33 - 002075501 _____ C:\Users\User\Downloads\Show My IP_2.0.3_Apkpure.apk 2023-12-13 18:29 - 2023-12-13 18:32 - 137042818 _____ C:\Users\User\Downloads\Google Chrome_ Fast & Secure_118.0.5993.48_Apkpure.apk 2023-12-12 04:46 - 2023-12-12 04:47 - 002067441 _____ C:\Users\User\Desktop\n3.heic 2023-12-12 04:37 - 2023-12-12 04:37 - 000006146 _____ C:\Users\User\Downloads\DS_Store 2023-12-12 03:22 - 2023-12-12 03:22 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobirise.lnk 2023-12-12 03:22 - 2023-12-12 03:22 - 000002098 _____ C:\Users\Public\Desktop\Mobirise.lnk 2023-12-12 03:22 - 2023-12-12 03:22 - 000000000 ____D C:\Users\User\AppData\Roaming\Mobirise 2023-12-12 03:22 - 2023-12-12 03:22 - 000000000 ____D C:\Users\User\AppData\Local\mobirise-updater 2023-12-12 03:22 - 2023-12-12 03:22 - 000000000 ____D C:\Users\User\AppData\Local\Mobirise.com 2023-12-12 03:22 - 2023-12-12 03:22 - 000000000 ____D C:\Program Files (x86)\Mobirise 2023-12-12 03:18 - 2023-12-12 03:20 - 102684240 _____ (Mobirise.com) C:\Users\User\Downloads\Mobirise5.exe 2023-12-12 03:15 - 2023-12-12 03:15 - 003482969 _____ C:\Users\User\Downloads\seksuj.pl.zip 2023-12-12 03:07 - 2023-12-12 03:07 - 000000000 ____D C:\Moje Strony Web 2023-12-12 03:06 - 2023-12-12 03:06 - 004513224 _____ (HTTrack ) C:\Users\User\Downloads\httrack_x64-3.49.2.exe 2023-12-12 03:06 - 2023-12-12 03:06 - 000000886 _____ C:\Users\User\Desktop\HTTrack Website Copier.lnk 2023-12-12 03:06 - 2023-12-12 03:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack 2023-12-12 03:06 - 2023-12-12 03:06 - 000000000 ____D C:\Program Files\WinHTTrack 2023-12-10 20:52 - 2023-12-10 20:52 - 000013501 _____ C:\Users\User\Downloads\Umowa-uczestnictwa-w-zajeciach-nauki-szycia-na-maszynie-Annynitka-Dorosli-1-2.odt 2023-12-10 20:52 - 2023-12-10 20:52 - 000013492 _____ C:\Users\User\Downloads\Umowa-uczestnictwa-w-zajeciach-nauki-szycia-na-maszynie-Annynitka (1).odt 2023-12-10 20:45 - 2023-12-10 20:45 - 000013501 _____ C:\Users\User\Downloads\Umowa uczestnictwa w zajęciach nauki szycia na maszynie Annynitka Dorośli (1).odt 2023-12-10 20:39 - 2023-12-10 20:39 - 000013370 _____ C:\Users\User\Downloads\Umowa uczestnictwa w zajęciach nauki szycia na maszynie Annynitka Dorośli.odt 2023-12-10 20:36 - 2023-12-10 20:36 - 000013492 _____ C:\Users\User\Downloads\Umowa-uczestnictwa-w-zajeciach-nauki-szycia-na-maszynie-Annynitka.odt 2023-12-10 20:35 - 2023-12-10 20:35 - 000013492 _____ C:\Users\User\Downloads\Umowa uczestnictwa w zajęciach nauki szycia na maszynie Annynitka.odt 2023-12-10 00:18 - 2023-12-10 00:18 - 002080307 _____ C:\Users\User\Downloads\VID_29590216_022454_913.mp4 2023-12-09 21:13 - 2023-12-10 19:43 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-12-08 19:01 - 2023-12-08 19:07 - 159087993 _____ C:\Users\User\Downloads\annynitka.pl-20231208-175940-ho77sf.wpress 2023-12-08 19:00 - 2023-12-08 19:01 - 014386211 _____ C:\Users\User\Downloads\backup_2023-12-08-1757_AnnyNitkapl_9c65404cd25e-plugins.zip 2023-12-08 19:00 - 2023-12-08 19:00 - 000055703 _____ C:\Users\User\Downloads\backup_2023-12-08-1757_AnnyNitkapl_9c65404cd25e-db.gz 2023-12-08 18:47 - 2023-12-08 18:47 - 000000915 _____ C:\Users\User\Downloads\filezilla (1).xml 2023-12-08 18:44 - 2023-12-08 18:44 - 000000909 _____ C:\Users\User\filezilla.xml 2023-12-08 18:44 - 2023-12-08 18:44 - 000000909 _____ C:\Users\User\Downloads\filezilla.xml 2023-12-08 18:36 - 2023-12-08 18:36 - 000262876 _____ C:\Users\User\Downloads\26861_wp_3.sql 2023-12-08 17:39 - 2023-12-08 17:40 - 013777712 _____ C:\Users\User\Downloads\Divi-4.17.6.zip 2023-12-08 17:37 - 2023-12-08 17:37 - 000000000 ____D C:\Users\User\Downloads\Divi-theme-v4.6.6 2023-12-08 17:35 - 2023-12-08 17:35 - 010042681 _____ C:\Users\User\Downloads\Divi-theme-v4.6.6.zip 2023-12-08 17:02 - 2023-12-08 17:04 - 026855461 _____ C:\Users\User\Downloads\wordpress-6.4.2-pl_PL.zip 2023-12-08 16:44 - 2023-12-08 16:44 - 000000000 ____D C:\Users\User\Downloads\Divi Package 2023-12-08 16:40 - 2023-12-08 16:41 - 044517305 _____ C:\Users\User\Downloads\Divi Package.zip 2023-12-08 15:59 - 2023-12-08 15:59 - 009976773 _____ C:\Users\User\Downloads\elementor-3.17.0 (1).zip 2023-12-08 15:57 - 2023-12-08 15:57 - 003282215 _____ C:\Users\User\Downloads\pro-elements (1).zip 2023-12-08 15:51 - 2023-12-08 15:51 - 007403744 _____ C:\Users\User\Downloads\elementor-3.10.1.zip 2023-12-08 15:21 - 2023-12-08 15:21 - 000000000 ____D C:\Users\User\Downloads\elementor-pro_v3.10.1 2023-12-08 15:20 - 2023-12-08 15:20 - 000442173 _____ C:\Users\User\Downloads\hello-elementor.2.6.0 (1).zip 2023-12-08 15:08 - 2023-12-08 15:08 - 009976773 _____ C:\Users\User\Downloads\elementor-3.17.0.zip 2023-12-08 15:03 - 2023-12-08 15:03 - 000442173 _____ C:\Users\User\Downloads\hello-elementor.2.6.0.zip 2023-12-08 14:59 - 2023-12-08 14:59 - 000000000 ____D C:\Users\User\Downloads\elementor-3.17.1 2023-12-08 14:58 - 2023-12-08 14:58 - 009976755 _____ C:\Users\User\Downloads\elementor-3.17.1.zip 2023-12-08 14:27 - 2023-12-08 14:27 - 003282215 _____ C:\Users\User\Downloads\pro-elements.zip 2023-12-07 20:01 - 2023-12-07 20:01 - 003016529 _____ C:\Users\User\Downloads\elementor-pro_v3.10.1.zip 2023-12-06 08:11 - 2023-12-06 08:12 - 000000000 ___HD C:\$SysReset 2023-12-05 17:46 - 2023-12-05 17:46 - 150756088 _____ C:\Users\User\Downloads\Film bez tytułu ‐ Wykonano za pomocą Clipchamp (4).mp4 2023-12-05 17:41 - 2023-12-05 17:41 - 002322487 _____ C:\Users\User\Downloads\(Audio) NEW! Fortnite Hack | Undetected Cheat Free Download | December 2023.m4a 2023-12-05 17:28 - 2023-12-05 17:29 - 053635869 _____ C:\Users\User\Downloads\NEW! Fortnite Hack | Undetected Cheat Free Download | December 2023.mp4 2023-12-04 15:28 - 2023-12-15 17:51 - 000000000 ____D C:\Users\User\AppData\Roaming\discord 2023-12-04 15:28 - 2023-12-14 21:09 - 000002235 _____ C:\Users\User\Desktop\Discord.lnk 2023-12-04 15:28 - 2023-12-04 15:28 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2023-12-04 15:27 - 2023-12-15 09:09 - 000000000 ____D C:\Users\User\AppData\Local\Discord 2023-12-04 15:27 - 2023-12-04 15:28 - 000000000 ____D C:\Users\User\AppData\Local\SquirrelTemp 2023-12-04 15:27 - 2023-12-04 15:27 - 096193312 _____ (Discord Inc.) C:\Users\User\Downloads\DiscordSetup.exe 2023-12-03 18:08 - 2023-12-03 18:08 - 000502884 _____ C:\Users\User\Downloads\406749980_6451860531580222_1277801479593281572_n.mp4 2023-12-03 17:43 - 2023-12-03 17:43 - 000625088 _____ C:\Users\User\Downloads\406549531_6804972812921219_5180141349419889390_n.mp4 2023-12-03 01:18 - 2023-12-03 01:18 - 000369619 _____ C:\Users\User\Downloads\406673994_6467087126730502_7123234147611917189_n.mp4 2023-12-03 00:51 - 2023-12-03 00:51 - 000467076 _____ C:\Users\User\Downloads\407497194_7017122878344259_7806205786254192182_n.mp4 2023-12-02 19:15 - 2023-12-02 19:17 - 000000000 ____D C:\Users\User\Documents\Bandicam 2023-12-02 19:15 - 2023-12-02 19:15 - 000000843 _____ C:\Users\Public\Desktop\Bandicam.lnk 2023-12-02 19:15 - 2023-12-02 19:15 - 000000000 ____D C:\Users\User\AppData\Roaming\Bandicam Company 2023-12-02 19:15 - 2023-12-02 19:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam 2023-12-02 19:15 - 2023-12-02 19:15 - 000000000 ____D C:\Program Files\Bandicam 2023-12-02 19:15 - 2023-12-02 19:15 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1 2023-12-02 19:14 - 2023-12-02 19:15 - 032411552 _____ (Bandicam Company) C:\Users\User\Downloads\bdcamsetup.exe 2023-11-29 18:27 - 2023-11-29 18:27 - 003454976 _____ C:\Users\User\Downloads\BatchPurifierLITESetup.msi 2023-11-29 18:27 - 2023-11-29 18:27 - 000003269 _____ C:\Users\User\Desktop\BatchPurifier.lnk 2023-11-29 18:27 - 2023-11-29 18:27 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Confidence 2023-11-29 18:27 - 2023-11-29 18:27 - 000000000 ____D C:\Users\User\AppData\Roaming\Digital Confidence 2023-11-29 18:27 - 2023-11-29 18:27 - 000000000 ____D C:\ProgramData\Digital Confidence 2023-11-29 18:27 - 2023-11-29 18:27 - 000000000 ____D C:\Program Files (x86)\Digital Confidence 2023-11-28 17:19 - 2023-12-15 17:20 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2023-11-28 17:19 - 2023-12-14 21:07 - 000000000 ____D C:\Program Files\CCleaner 2023-11-28 17:19 - 2023-11-29 17:33 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-11-28 17:19 - 2023-11-28 17:21 - 000003014 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-11-28 17:19 - 2023-11-28 17:21 - 000002312 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - User 2023-11-28 17:19 - 2023-11-28 17:19 - 000000872 _____ C:\Users\Public\Desktop\CCleaner.lnk 2023-11-28 17:19 - 2023-11-28 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2023-11-28 17:17 - 2023-11-28 17:18 - 078165328 _____ (Piriform Software Ltd) C:\Users\User\Downloads\ccsetup618.exe 2023-11-28 12:20 - 2023-11-28 12:20 - 006395633 _____ C:\Users\User\Downloads\Oświadczenie_współwłaścicieli.pdf 2023-11-28 12:20 - 2023-11-28 12:20 - 001251575 _____ C:\Users\User\Downloads\Zgoda_na_pocztę_elektroniczną.pdf 2023-11-28 01:51 - 2023-11-28 01:51 - 009380730 _____ C:\Users\User\Downloads\VID_95781031_162518_767.mp4 2023-11-24 17:17 - 2023-11-24 17:17 - 000147642 _____ C:\Users\User\Downloads\umowa-kupna.pdf 2023-11-22 17:19 - 2023-11-22 17:19 - 000000000 ____D C:\Users\User\AppData\Local\MultiPlayerManager 2023-11-21 19:24 - 2023-11-21 19:24 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2023-11-20 18:44 - 2023-11-20 18:44 - 000202600 _____ C:\Users\User\Downloads\IMG_20220521_002728_519.webp 2023-11-20 18:33 - 2023-11-20 18:33 - 000000000 ____D C:\Users\User\AppData\Local\BlueStacksSetup 2023-11-20 18:01 - 2023-12-16 14:00 - 000000297 _____ C:\Users\User\d4ac4633ebd6440fa397b84f1bc94a3c.7z 2023-11-20 17:51 - 2023-12-16 14:01 - 000000000 ____D C:\Users\User\.android 2023-11-20 17:51 - 2023-11-20 17:51 - 000000066 _____ C:\Users\User\inittk.ini 2023-11-20 17:50 - 2023-12-16 14:01 - 000000000 ____D C:\Users\User\AppData\Local\NoxSrv 2023-11-20 17:50 - 2023-12-07 15:36 - 000000000 ____D C:\Users\User\Nox_share 2023-11-20 17:50 - 2023-11-21 19:22 - 000000000 ____D C:\Users\User\AppData\Roaming\ReasonLabs 2023-11-20 17:50 - 2023-11-20 17:50 - 000000053 _____ C:\Users\User\useruid.ini 2023-11-20 17:50 - 2023-11-20 17:50 - 000000045 _____ C:\Users\User\nuuid.ini 2023-11-20 17:50 - 2023-11-20 17:50 - 000000041 _____ C:\Users\User\inst.ini 2023-11-20 17:47 - 2023-12-16 14:01 - 000000000 ____D C:\Users\User\vmlogs 2023-11-20 17:47 - 2023-11-20 17:47 - 000001204 _____ C:\Users\User\Desktop\Multi-Drive.lnk 2023-11-20 17:47 - 2023-11-20 17:47 - 000001103 _____ C:\Users\User\Desktop\Nox.lnk 2023-11-20 17:47 - 2023-11-20 17:47 - 000000000 ____D C:\Users\User\AppData\Roaming\NoxSrv 2023-11-20 17:47 - 2023-11-20 17:47 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Nox 2023-11-20 17:46 - 2023-12-16 14:01 - 000000000 ____D C:\Users\User\.BigNox 2023-11-20 17:46 - 2023-11-20 17:46 - 000000000 ____D C:\Program Files (x86)\Nox 2023-11-20 17:46 - 2023-11-20 17:46 - 000000000 ____D C:\Program Files (x86)\Bignox 2023-11-20 17:45 - 2023-12-16 17:02 - 000000000 ____D C:\Users\User\AppData\Local\Nox 2023-11-20 17:25 - 2023-11-20 17:35 - 606647992 _____ (Duodian Technology Co. Ltd.) C:\Users\User\Downloads\nox_setup_v7.0.5.9_full_intl.exe 2023-11-20 02:28 - 2023-11-20 02:28 - 002670485 _____ C:\Users\User\Downloads\VID_67480105_033630_657.mp4 2023-11-20 02:09 - 2023-11-20 02:09 - 001326805 _____ C:\Users\User\Downloads\VID_29580920_030632_105.mp4 2023-11-19 21:52 - 2023-11-19 21:52 - 008652744 _____ C:\Users\User\Downloads\VID_95880522_002426_204.mp4 2023-11-19 21:39 - 2023-11-19 21:39 - 000864234 _____ C:\Users\User\Downloads\obs-virtualcam-2.0.5-Windows-installer (1).exe 2023-11-19 21:38 - 2023-11-19 21:40 - 117887080 _____ (OBS Project) C:\Users\User\Downloads\OBS-Studio-27.2.4-Full-Installer-x64.exe 2023-11-19 20:43 - 2023-11-19 20:43 - 000000000 ____D C:\Users\User\Downloads\Tinder_Method 2023-11-19 20:42 - 2023-11-19 20:42 - 000097064 _____ C:\Users\User\Downloads\Tinder_Method.rar 2023-11-19 20:38 - 2023-11-19 20:38 - 000001821 _____ C:\Users\User\Downloads\Tinder Method.txt 2023-11-17 19:22 - 2023-11-17 19:22 - 000000822 _____ C:\WINDOWS\system32\Drivers\etc\hosts.tmp 2023-11-16 20:48 - 2023-11-17 19:10 - 000000000 ____D C:\Program Files\Windscribe 2023-11-16 20:48 - 2023-11-16 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe 2023-11-16 20:38 - 2023-11-16 20:38 - 000000000 ____D C:\Users\User\AppData\Roaming\TunnelBear 2023-11-16 20:38 - 2023-11-16 20:38 - 000000000 ____D C:\Users\User\AppData\Local\TunnelBear 2023-11-16 20:38 - 2023-11-16 20:38 - 000000000 ____D C:\Users\User\AppData\Local\IsolatedStorage 2023-11-16 20:37 - 2023-12-12 02:56 - 000000000 ____D C:\Program Files (x86)\TunnelBear 2023-11-16 20:37 - 2023-11-16 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear 2023-11-16 20:25 - 2023-11-16 20:36 - 159922072 _____ (TunnelBear) C:\Users\User\Downloads\TunnelBear-Installer.exe 2023-11-16 20:24 - 2023-11-16 20:48 - 000038152 _____ C:\WINDOWS\system32\Drivers\WindscribeSplitTunnel.sys 2023-11-16 20:24 - 2023-11-16 20:24 - 000057768 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapwindscribe0901.sys 2023-11-16 20:24 - 2023-11-16 20:24 - 000047544 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\windtun420.sys 2023-11-16 20:24 - 2023-11-16 20:24 - 000000000 ____D C:\Users\User\AppData\Local\Windscribe 2023-11-16 20:22 - 2023-11-16 20:24 - 024287080 _____ (Windscribe Limited) C:\Users\User\Downloads\Windscribe_2.7.14.exe 2023-11-16 18:30 - 2023-11-16 18:30 - 001749070 _____ (Miau Lightouch ) C:\Users\User\Downloads\obs-virtualcam-3.0.0-windows-x64-Installer.exe 2023-11-16 18:18 - 2023-11-16 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-virtualcam 2023-11-16 18:17 - 2023-11-16 18:18 - 002162158 _____ (Miau Lightouch ) C:\Users\User\Downloads\obs-virtualcam-2.0.11-windows-x64-Installer.exe 2023-11-16 18:16 - 2023-11-16 18:16 - 000864234 _____ C:\Users\User\Downloads\obs-virtualcam-2.0.5-Windows-installer.exe 2023-11-16 18:07 - 2023-12-10 00:21 - 000000015 _____ C:\Users\User\AppData\Roaming\obs-virtualcam.txt 2023-11-16 18:03 - 2023-11-16 18:03 - 004672646 _____ C:\Users\User\Downloads\previews are $5.mp4 2023-11-16 18:02 - 2023-11-16 18:02 - 005959407 _____ C:\Users\User\Downloads\I've never scammed anyone before (1).mp4 2023-11-16 18:00 - 2023-12-11 00:30 - 000000000 ____D C:\Users\User\AppData\Roaming\obs-studio 2023-11-16 18:00 - 2023-11-19 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2023-11-16 18:00 - 2023-11-19 21:38 - 000000000 ____D C:\ProgramData\obs-studio 2023-11-16 17:59 - 2023-11-19 21:41 - 000000000 ____D C:\ProgramData\obs-studio-hook 2023-11-16 17:59 - 2023-11-19 21:41 - 000000000 ____D C:\Program Files\obs-studio 2023-11-16 17:58 - 2023-11-16 17:59 - 136015664 _____ (OBS Project) C:\Users\User\Downloads\OBS-Studio-30.0-Full-Installer-x64.exe 2023-11-16 01:30 - 2023-11-16 01:30 - 000002078 _____ C:\Users\User\Desktop\MacroDroid - BlueStacks App Player 1.lnk ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2084-10-01 09:41 - 2021-10-25 11:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2084-10-01 03:05 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2084-10-01 03:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2084-10-01 03:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool 2084-10-01 03:05 - 2021-10-16 18:07 - 000000000 ____D C:\Program Files\Intel 2084-10-01 03:05 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2084-10-01 03:05 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2084-10-01 02:10 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows NT 2084-10-01 02:08 - 2022-05-07 06:24 - 000000000 __RHD C:\Users\Public\Libraries 2084-10-01 02:06 - 2022-05-07 06:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows 2084-10-01 00:38 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup 2084-10-01 00:36 - 2021-10-18 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch) 2084-10-01 00:36 - 2021-10-16 18:14 - 000000000 ____D C:\WINDOWS\system32\Intel 2084-10-01 00:24 - 2021-10-16 18:20 - 000000000 ___HD C:\Intel 2084-09-29 23:42 - 2021-10-17 19:52 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles 2084-09-24 22:18 - 2021-10-25 11:21 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA 2084-09-24 22:17 - 2021-10-25 11:12 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2084-09-24 21:42 - 2021-10-17 19:58 - 000000000 ____D C:\Program Files (x86)\Intel 2049-01-18 19:14 - 2021-06-05 18:59 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2023-12-16 17:19 - 2023-11-02 14:43 - 002387456 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2023-12-16 17:19 - 2023-11-02 14:43 - 000000000 ____D C:\FRST 2023-12-16 16:44 - 2023-10-07 12:19 - 000000000 ____D C:\Program Files (x86)\Google 2023-12-16 16:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-12-16 16:23 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2023-12-16 16:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-12-16 16:08 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-12-16 16:08 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-12-15 19:22 - 2023-10-05 21:57 - 000000000 ____D C:\Users\User\AppData\Local\AMD_Common 2023-12-15 19:22 - 2023-10-05 21:57 - 000000000 ____D C:\AMD 2023-12-15 18:24 - 2023-10-20 15:34 - 000361928 _____ (G DATA CyberDefense AG) C:\WINDOWS\system32\Drivers\HookCentre.sys 2023-12-15 18:24 - 2023-10-20 15:34 - 000314312 _____ (G DATA CyberDefense AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys 2023-12-14 21:12 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2023-12-14 21:06 - 2023-11-02 06:38 - 000003108 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate 2023-12-14 21:06 - 2023-10-25 17:17 - 000003116 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2023-12-14 21:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState 2023-12-14 21:04 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-12-14 08:17 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate 2023-12-14 08:00 - 2023-10-20 15:03 - 000000000 ____D C:\ProgramData\G Data 2023-12-14 07:59 - 2023-10-11 12:09 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2023-12-14 07:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-12-14 00:45 - 2023-10-07 12:30 - 000002262 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-12-14 00:45 - 2023-10-07 12:30 - 000002221 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-12-13 15:08 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-12-12 04:45 - 2023-10-05 15:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-12-12 03:28 - 2023-10-05 22:25 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps 2023-12-10 20:45 - 2021-10-18 10:47 - 000000000 ____D C:\Users\User\AppData\Roaming\SoftGrid Client 2023-12-10 19:43 - 2021-10-16 18:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-12-09 21:22 - 2021-10-16 18:24 - 000001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-12-08 18:48 - 2023-10-13 14:04 - 000000000 ____D C:\Users\User\AppData\Roaming\FileZilla 2023-12-08 18:45 - 2023-10-13 14:04 - 000000000 ____D C:\Users\User\AppData\Local\FileZilla 2023-12-07 07:00 - 2022-05-07 11:39 - 000000000 ____D C:\WINDOWS\InboxApps 2023-12-07 07:00 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-12-07 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-12-07 07:00 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing 2023-12-07 00:39 - 2023-10-07 12:19 - 000004002 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{B2966627-8726-4E84-9F42-7799DF529370} 2023-12-07 00:39 - 2023-10-07 12:19 - 000003878 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{E6E92900-82AE-4240-9623-68E9AD5081D6} 2023-12-05 17:31 - 2023-10-05 14:17 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder 2023-12-04 17:36 - 2023-10-05 19:09 - 000004252 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1696529360 2023-12-04 17:36 - 2023-10-05 19:09 - 000001444 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera GX.lnk 2023-11-30 18:42 - 2023-11-13 18:16 - 000001704 _____ C:\Users\User\Desktop\BlueStacks Multi-Instanzen-Manager.lnk 2023-11-30 18:42 - 2023-11-10 12:55 - 000000000 ____D C:\ProgramData\BlueStacks_nxt 2023-11-30 18:11 - 2023-11-10 12:56 - 000000000 ____D C:\ProgramData\boost_interprocess 2023-11-30 18:07 - 2023-11-10 12:57 - 000000000 ____D C:\Users\User\AppData\Local\BlueStacks X 2023-11-29 18:30 - 2023-10-17 23:21 - 000000000 ____D C:\Users\User\Desktop\robotaju 2023-11-28 17:17 - 2023-11-10 12:56 - 000000000 ____D C:\Users\User\AppData\Roaming\bluestacks-services 2023-11-28 17:16 - 2023-10-05 15:56 - 000000000 ____D C:\Program Files (x86)\Steam 2023-11-28 14:38 - 2023-11-09 12:02 - 000000000 ____D C:\Users\User\Desktop\dokumenty 2023-11-21 19:24 - 2023-10-07 15:36 - 000000000 ____D C:\ProgramData\ProductData 2023-11-20 17:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Registration 2023-11-20 17:46 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-11-20 15:35 - 2023-10-11 13:21 - 000003446 _____ C:\WINDOWS\SysWOW64\pubfreeware.ini 2023-11-18 02:03 - 2023-10-05 16:02 - 000000000 ____D C:\Users\User\AppData\Local\Steam 2023-11-16 20:38 - 2021-10-17 19:57 - 000000000 ____D C:\ProgramData\Package Cache ==================== Pliki w katalogu głównym wybranych folderów ======== 2023-10-20 15:34 - 2023-10-20 15:34 - 000000000 _____ () C:\Users\User\AppData\Roaming\gdfw.log 2023-10-20 15:34 - 2023-10-20 15:34 - 000000779 _____ () C:\Users\User\AppData\Roaming\gdscan.log 2023-11-16 18:07 - 2023-12-10 00:21 - 000000015 _____ () C:\Users\User\AppData\Roaming\obs-virtualcam.txt ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================