Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17-04-2021 Uruchomiony przez admin (administrator) LAPTOP-D5BIUKP8 (LENOVO 20378) (17-04-2021 18:16:03) Uruchomiony z C:\Users\admin\Downloads Załadowane profile: admin & MSSQL$ELISOFT Platform: Windows 10 Home Wersja 20H2 19042.928 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HPrintWebAPIShell.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Autodesk, Inc. -> Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Hewlett-Packard Company) [Brak podpisu cyfrowego] C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HeleniProxyUI.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (KYOCERA Document Solutions Inc.) [Brak podpisu cyfrowego] C:\Program Files\KDService\bin\KDService.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\Lenovo.Vantage.AddinHost.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\LenovoVantageService.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe (LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ELISOFT\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <13> (NiyaShy) [Brak podpisu cyfrowego] C:\Users\admin\Downloads\XB1ControllerBatteryIndicator_1.3.1\XB1ControllerBatteryIndicator.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_ddc39428e3174f5c\Display.NvContainer\NVDisplay.Container.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2016-09-10] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2016-09-10] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2016-09-10] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2016-09-10] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [704792 2016-09-05] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5062384 2015-08-30] (Realtek Semiconductor Corp -> Realtek semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2015-01-28] (Autodesk, Inc -> Autodesk, Inc.) HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.) HKLM-x32\...\Run: [Heleni Uploader] => C:\Program Files\Hewlett-Packard\HP ePrintAndShare\ProxyUploader\HeleniProxyUI.exe [130560 2011-04-01] (Hewlett-Packard Company) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [286064 2021-01-25] (IDSA Production signing key 2021 -> Intel) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3421984 2020-12-07] (Valve -> Valve Corporation) HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-08-29] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Run: [PIT-Y] => C:\Program Files (x86)\PIT-Y.pl 2018\PIT-Y.exe [1611272 2018-03-22] (GP SOFT SPÓŁKA CYWILNA KOBYLSKI PIOTR, PIETRUSZKA GRZEGORZ -> PIT-Y.pl) HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Run: [PIT Projekt] => C:\Program Files (x86)\PIT-Y.pl 2020\PIT-Y.exe [1602744 2020-04-27] (GP SOFT SPÓŁKA CYWILNA KOBYLSKI PIOTR, PIETRUSZKA GRZEGORZ -> PIT-Y.pl) HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\admin\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-11-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144760 2021-04-07] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Run: [XB1ControllerBatteryIndicator] => C:\Users\admin\Downloads\XB1ControllerBatteryIndicator_1.3.1\XB1ControllerBatteryIndicator.exe [2148864 2020-07-20] (NiyaShy) [Brak podpisu cyfrowego] HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Policies\Explorer: [] HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Winlogon: [Shell] %comspec% <==== UWAGA HKU\S-1-5-21-1426505562-3419625394-2194310597-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist "C:\Users\admin\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" ( start /MIN "" "C:\Users\admin\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA HKLM\...\Windows x64\Print Processors\hpipp7a0: C:\Windows\System32\spool\prtprocs\x64\hpipp7a0.dll [263680 2010-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Windows x64\Print Processors\hpipp7sm: C:\Windows\System32\spool\prtprocs\x64\hpipp7sm.DLL [263168 2010-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [51032 2008-04-07] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\...\Print\Monitors\EPSON Stylus DX7400 Series 64MonitorBE: C:\Windows\system32\E_ILMCDE.DLL [108032 2007-12-07] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\HPrint Port Monitor: C:\Windows\system32\hpprintmon.dll [75776 2011-04-01] (Hewlett-Packard Corporation) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\KM Language Monitor: C:\Windows\system32\KMPJL64.DLL [107928 2018-09-13] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.) HKLM\...\Print\Monitors\KX Language Monitor: C:\Windows\system32\KXPLM64.DLL [134784 2018-09-13] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.) HKLM\...\Print\Monitors\RAICHU Lang Monitor: C:\Windows\system32\hpltlm5.dll [15360 2010-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation, Microsoft Corporation) HKLM\...\Print\Monitors\RLanguage Monitor: C:\Windows\system32\hpltlm5.dll [15360 2010-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation, Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.72\Installer\chrmstp.exe [2021-04-16] (Google LLC -> Google LLC) Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-11-16] ShortcutTarget: MEGAsync.lnk -> C:\Users\admin\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windchill ProductPoint Client Manager.lnk [2016-11-23] ShortcutTarget: Windchill ProductPoint Client Manager.lnk -> C:\Windows\Installer\{129024FF-A6C9-4696-91BC-570C6C05193A}\_F5BCEE176F60B4DABC6DF8.exe () [Brak podpisu cyfrowego] HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {00B88AB3-105B-45BD-A068-66116433D4EF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {01DDA29A-1DD3-4679-A9FA-B9BB2CA0E65F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {036E4C3A-2688-499E-AF79-F5E0D9A5FAF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-11] (Google Inc -> Google Inc.) Task: {0D0E3108-FF68-4B25-AEE2-A3BDACB15AB9} - System32\Tasks\e-pity2020_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [37168 2021-02-22] (e-file sp. z o.o. sp. k. -> e-file sp. z o.o. sp. k.) Task: {12D17597-A1F4-4523-9DB1-503E99267D79} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dfe54e0fdb5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-11] (Google Inc -> Google Inc.) Task: {14F3DC10-DEC7-45C6-8607-C0B40E225C73} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-15] (Adobe Inc. -> Adobe) Task: {162D542A-3709-4687-91A4-BCFE6170FC79} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dfe54de9b73 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-11] (Google Inc -> Google Inc.) Task: {16ED4CF1-7351-4810-BB9A-8047F31D72DA} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2016-09-06] (LENOVO -> Lenovo) Task: {1A210B3D-CAF9-4D33-B6A5-305CC9056107} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-12] (Microsoft Corporation -> Microsoft Corporation) Task: {1B29038D-43AE-46C4-BA96-C2EED43F8858} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {21CBE844-A59F-4910-877F-573562A45E0A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation) Task: {2CA6914C-374B-4704-BA6D-C12CA6927D43} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.) Task: {32B3A919-6377-4E93-92E9-86F3612F78E3} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.) Task: {3A9C22C6-F041-4C77-8500-D12D31042371} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation) Task: {3DE40BAB-E450-46F0-8760-0F6D686077E8} - System32\Tasks\e-pity2020_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [37168 2021-02-22] (e-file sp. z o.o. sp. k. -> e-file sp. z o.o. sp. k.) Task: {4AD3F551-1689-4958-BD99-45D3C79DC947} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002240 2021-04-12] (Microsoft Corporation -> Microsoft Corporation) Task: {514C5ABF-34CE-40FE-A92B-A30BAB622BA8} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [264328 2016-12-07] (LENOVO -> ) Task: {55D808EC-7FE9-4861-9651-66530E4CF6CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-11] (Google Inc -> Google Inc.) Task: {5641A8D6-D2AC-401D-ADB5-81864803CC76} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-15] (Adobe Inc. -> Adobe) Task: {6264D5BA-2BEA-4AFB-B2C1-A5F4F37136DF} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10165384 2016-12-07] (LENOVO -> Lenovo) Task: {692D48E7-C38F-44C6-AF4F-72ECF94C6D8C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe Task: {6CD77D83-EFC5-4D01-B80F-9538A442CA7B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62392 2021-03-14] (Lenovo -> Lenovo Group Ltd.) Task: {837F29E7-C087-42F7-842A-C2FEAEB67815} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1426505562-3419625394-2194310597-1001 => C:\Users\admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {85C6C983-50A0-4292-8614-4719E1C6CBEC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ebc9ded3-e81a-4eb8-ac1c-e12d104e87b6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.) Task: {86318CF1-CD56-4281-827E-D99A85B004A5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {86F54787-3C9C-4AF3-AC2C-BBDBA3EC247E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8b4db10a-0e10-4122-a9dd-60900426107b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.) Task: {8EA70F83-6D4C-4B06-BE12-A8F5CA0ED6CF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation) Task: {912848D7-A81A-4EC9-91AD-7CB768B32947} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform) Task: {9420C521-9EFC-4776-AD71-F7816F944942} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo) Task: {94A09663-229C-4A8D-86ED-F3DB4BD76014} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe [23984 2021-03-11] (Lenovo -> Lenovo Group Ltd.) Task: {A92E6D11-4ED6-47BB-B05F-0A2F878AC42E} - System32\Tasks\Microsoft\Windows\PLA\WPPTracingSession => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "WPPTracingSession" "$(Arg0)" Task: {AB3E4581-E646-4B15-8318-555474685C63} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\00cc38ff-e6a7-4290-8c33-f9634e70ea62 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.) Task: {B1A6BFCB-33A5-4751-ACDA-E2DB632B518E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation) Task: {B1B2787E-CD2A-4AD1-977B-98AE334A2766} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {BB01462A-72B4-4DC2-83A4-FD18C5EAFCE0} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321608 2016-12-07] (LENOVO -> Lenovo) Task: {BD2C5191-D403-4D8D-83DC-BA2E4F90EE1B} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {C9327AE2-ABFF-4866-927F-97C6F13BFA3D} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe Task: {C9FCF3DD-B171-4AC0-8FA5-CFBF70F29D41} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-12] (Microsoft Corporation -> Microsoft Corporation) Task: {CA4848CA-C467-4CF2-BB51-6A13DA26626B} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {CEFEFEF5-1A19-4152-8C8C-D6E51C6F069F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002240 2021-04-12] (Microsoft Corporation -> Microsoft Corporation) Task: {D3CA1598-DCD1-41AF-BD50-257FD91DE850} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService Task: {D408C709-0213-4EC9-8DD0-51D59A964AF4} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {E0FA7A11-DED5-4945-B982-47EBA003B8B1} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10165384 2016-12-07] (LENOVO -> Lenovo) Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\e-pity2020_kwiecien" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\e-pity2020_styczen" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore1d57dfe54de9b73" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA1d57dfe54e0fdb5" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6c27fa44581da" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\USER_ESRV_SVC_QUEENCREEK" /ENABLE Task: {E2943B8A-FC1B-4325-8448-CD0F4BD2B8A4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(23): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {E824B6BC-0587-4D5E-8023-99E135995159} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696816 2021-04-02] (Mozilla Corporation -> Mozilla Foundation) Task: {EA4E5469-C924-4559-8D73-CEF7D15E5F1A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8b1da491-677b-43db-a789-7d70d754b426 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.) Task: {FFDDC8BB-6F5B-4776-AA9C-D5412E207553} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1426505562-3419625394-2194310597-1001 => C:\Users\admin\AppData\Local\MEGAsync\MEGAupdater.exe [615672 2020-07-04] (Mega Limited -> Mega Limited) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{0cef66bf-661d-428e-98c0-375cad3e650d}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{17b98c98-a756-4a7c-997e-d171e13e8eb3}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{a8f36225-c117-4ff5-a721-c69a2408db46}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-16] FireFox: ======== FF DefaultProfile: p9obbz96.default FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9obbz96.default [2021-04-17] FF NewTab: Mozilla\Firefox\Profiles\p9obbz96.default -> about:newtab FF Notifications: Mozilla\Firefox\Profiles\p9obbz96.default -> hxxps://notifications.gadgets360.com; hxxps://pizzaportal.pl FF Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9obbz96.default\Extensions\sp@avast.com.xpi [2020-07-04] FF Extension: (Avast Online Security) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9obbz96.default\Extensions\wrc@avast.com.xpi [2021-02-17] FF Extension: (Boomerang for Gmail) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9obbz96.default\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2018-12-30] [UpdateUrl:hxxps://www.boomeranggmail.com/firefox/updates.json] FF Extension: (Video DownloadHelper) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9obbz96.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-16] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9obbz96.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29] FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\p9obbz96.default\searchplugins\google-avast.xml [2016-10-19] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-15] (Adobe Inc. -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-15] (Adobe Inc. -> ) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-04-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1426505562-3419625394-2194310597-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-09] (Unity Technologies SF -> Unity Technologies ApS) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-04-16] Chrome: ======= CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2021-03-17] CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=190 CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190","hxxp://www.gazeta.pl/0,0.html?p=190" CHR Extension: (Prezentacje) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-11] CHR Extension: (Dokumenty) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-11] CHR Extension: (Dysk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-18] CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-11] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-03-10] CHR Extension: (Video Downloader professional) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-09-01] CHR Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-12-18] CHR Extension: (Arkusze) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-11] CHR Extension: (FilmBooster) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdojnljhhnmokjbpbhmngmmfnhokgij [2018-06-26] CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-17] CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-03-10] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-10] CHR Extension: (e-pity - dodatek) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2021-03-10] CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-18] CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-16] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-15] (Adobe Inc. -> Adobe) R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [88920 2016-09-05] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) S4 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.) S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd -> Disc Soft Ltd) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET) S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [409456 2021-04-13] (NVIDIA Corporation -> NVIDIA) R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.) R2 KDService; C:\Program Files\KDService\bin\KDService.exe [497664 2020-11-06] (KYOCERA Document Solutions Inc.) [Brak podpisu cyfrowego] R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\LenovoVantageService.exe [28592 2021-03-11] (Lenovo -> Lenovo Group Ltd.) S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (LENOVO -> Lenovo) R2 MSSQL$ELISOFT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ELISOFT\MSSQL\Binn\sqlservr.exe [163008 2017-07-07] (Microsoft Corporation -> Microsoft Corporation) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2536536 2021-04-07] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481176 2021-04-07] (Electronic Arts, Inc. -> Electronic Arts) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [Brak podpisu cyfrowego] S4 SQLAgent$ELISOFT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ELISOFT\MSSQL\Binn\SQLAGENT.EXE [448704 2017-07-07] (Microsoft Corporation -> Microsoft Corporation) S4 Transoft Solutions License Server V2.0; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [3290112 2017-05-29] () [Brak podpisu cyfrowego] S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_ddc39428e3174f5c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_ddc39428e3174f5c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 ApkbfiltrService; C:\WINDOWS\System32\drivers\Apkbfiltr.sys [31016 2015-07-20] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-15] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-15] (Disc Soft Ltd -> Disc Soft Ltd) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET) S2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331144 2013-03-11] (SafeNet, Inc. -> SafeNet Inc.) R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2016-09-13] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-04-12] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [140672 2014-11-24] (Microsoft Windows Hardware Compatibility Publisher -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-12] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-04-17 18:16 - 2021-04-17 18:16 - 000044643 _____ C:\Users\admin\Downloads\FRST.txt 2021-04-17 18:15 - 2021-04-17 18:15 - 002298368 _____ (Farbar) C:\Users\admin\Downloads\FRST64(1).exe 2021-04-17 18:15 - 2021-04-17 18:15 - 000000000 ____D C:\Users\admin\Downloads\FRST-OlderVersion 2021-04-17 18:10 - 2021-04-17 18:10 - 000000641 _____ C:\Users\admin\Downloads\cmd-here-windows-10.zip 2021-04-17 18:10 - 2021-04-17 18:10 - 000000000 ____D C:\Users\admin\Downloads\cmd-here-windows-10 2021-04-17 18:10 - 2017-10-18 16:22 - 000001228 _____ C:\Users\admin\Downloads\cmd-here-windows-10.reg 2021-04-17 18:10 - 2016-12-13 17:48 - 000000392 _____ C:\Users\admin\Downloads\undo.reg 2021-04-17 17:41 - 2021-04-17 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\ClockworkMod 2021-04-17 17:41 - 2021-04-17 17:41 - 000000000 ____D C:\Program Files (x86)\ClockworkMod 2021-04-17 17:40 - 2021-04-17 17:40 - 017060864 _____ C:\Users\admin\Downloads\UniversalAdbDriverSetup.msi 2021-04-17 17:39 - 2021-04-17 17:39 - 016494979 _____ C:\Users\admin\Downloads\UniversalAdbDriver-master.zip 2021-04-17 17:39 - 2021-04-17 17:39 - 000000000 ____D C:\Users\admin\Downloads\UniversalAdbDriver-master 2021-04-17 17:36 - 2021-04-17 18:10 - 000000000 ____D C:\Users\admin\Downloads\platform 2021-04-17 17:34 - 2021-04-17 17:34 - 012537668 _____ C:\Users\admin\Downloads\platform-tools_r31.0.2-windows.zip 2021-04-17 17:34 - 2021-04-17 17:34 - 012537668 _____ C:\Users\admin\Downloads\platform-tools_r31.0.2-windows(1).zip 2021-04-16 13:32 - 2021-04-16 13:32 - 000000000 ____D C:\Users\admin\Desktop\Fundusz Dróg Samorządowych - zmienione 2021-04-16 13:31 - 2021-04-16 13:31 - 000000000 ____D C:\WINDOWS\system32\lxss 2021-04-16 13:31 - 2021-04-16 13:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2021-04-16 13:31 - 2021-04-16 13:31 - 000000000 ____D C:\WINDOWS\LastGood 2021-04-16 13:31 - 2021-04-13 02:03 - 000074608 _____ C:\WINDOWS\system32\FvSDK_x64.dll 2021-04-16 13:31 - 2021-04-13 02:03 - 000064880 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll 2021-04-16 13:26 - 2021-04-13 09:23 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-04-16 13:26 - 2021-04-13 09:23 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-04-16 13:26 - 2021-04-13 09:23 - 001452320 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-04-16 13:26 - 2021-04-13 09:23 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-04-16 13:26 - 2021-04-13 09:23 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-04-16 13:26 - 2021-04-13 09:23 - 001191712 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-04-16 13:26 - 2021-04-13 09:23 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-04-16 13:26 - 2021-04-13 09:23 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-04-16 13:26 - 2021-04-13 09:23 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-04-16 13:26 - 2021-04-13 09:23 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-04-16 13:26 - 2021-04-13 09:20 - 000715568 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-04-16 13:26 - 2021-04-13 09:20 - 000675120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-04-16 13:26 - 2021-04-13 09:20 - 000626976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-04-16 13:26 - 2021-04-13 09:20 - 000575776 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-04-16 13:26 - 2021-04-13 09:19 - 002106136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-04-16 13:26 - 2021-04-13 09:19 - 001590560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-04-16 13:26 - 2021-04-13 09:19 - 001514800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-04-16 13:26 - 2021-04-13 09:19 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-04-16 13:26 - 2021-04-13 09:19 - 000811800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-04-16 13:26 - 2021-04-13 09:19 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-04-16 13:26 - 2021-04-13 09:19 - 000656152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-04-16 13:26 - 2021-04-13 09:19 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-04-16 13:26 - 2021-04-13 09:18 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-04-16 13:26 - 2021-04-13 09:18 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-04-16 13:26 - 2021-04-13 09:18 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-04-16 13:26 - 2021-04-13 09:18 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2021-04-16 13:26 - 2021-04-13 09:18 - 000445728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-04-16 13:26 - 2021-04-13 09:17 - 005675312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2021-04-16 13:26 - 2021-04-13 09:16 - 000848664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-04-16 13:26 - 2021-04-13 02:03 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb 2021-04-14 10:12 - 2021-04-14 10:12 - 000000000 ____D C:\Users\admin\Documents\Niestandardowe szablony pakietu Office 2021-04-14 09:46 - 2021-04-17 18:16 - 000000000 ____D C:\FRST 2021-04-14 09:46 - 2021-04-17 18:15 - 002298368 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe 2021-04-13 23:56 - 2021-04-13 23:56 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-13 23:56 - 2021-04-13 23:56 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-13 23:56 - 2021-04-13 23:56 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-04-13 19:32 - 2021-04-13 19:41 - 000000000 ____D C:\Users\admin\Documents\WiScan 2021-04-13 19:32 - 2021-04-13 19:32 - 000002619 _____ C:\Users\Public\Desktop\WiScan Wi-Fi Scanner.lnk 2021-04-13 19:32 - 2021-04-13 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiScan 2021-04-13 19:32 - 2021-04-13 19:32 - 000000000 ____D C:\Program Files (x86)\GroupWyse.com 2021-04-13 10:51 - 2021-04-13 10:51 - 000000000 ____D C:\Users\admin\AppData\Roaming\ESET 2021-04-13 08:26 - 2021-04-13 08:26 - 000002023 _____ C:\Users\Public\Desktop\ESET Ochrona bankowości internetowej.lnk 2021-04-13 08:24 - 2021-04-13 08:24 - 000000000 ____D C:\Users\admin\AppData\Local\ESET 2021-04-13 08:23 - 2021-04-13 08:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2021-04-13 08:23 - 2021-04-13 08:23 - 000000000 ____D C:\ProgramData\ESET 2021-04-13 08:23 - 2021-04-13 08:23 - 000000000 ____D C:\Program Files\ESET 2021-04-13 07:42 - 2021-04-13 07:43 - 000000000 ____D C:\Users\admin\Downloads\Geoportal_Szkolenie 2021-04-13 07:41 - 2021-04-13 07:48 - 000000000 ____D C:\Users\admin\Downloads\SGH 2021-04-12 21:48 - 2021-04-12 21:48 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2021-04-12 21:48 - 2021-04-12 21:48 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2021-04-12 21:48 - 2021-04-12 21:48 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2021-04-12 21:48 - 2021-04-12 21:48 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2021-04-12 21:48 - 2021-04-12 21:48 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2021-04-12 21:48 - 2021-04-12 21:48 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-04-12 21:48 - 2021-04-12 21:48 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2021-04-12 21:48 - 2021-04-12 21:48 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2021-04-12 21:33 - 2021-04-12 21:33 - 000000000 ____D C:\Users\admin\AppData\Local\SaraResults 2021-04-12 21:30 - 2021-04-12 21:30 - 000000000 ____D C:\Users\admin\AppData\Local\SaRALogs 2021-04-12 21:29 - 2021-04-12 21:30 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation 2021-04-12 21:29 - 2021-04-12 21:29 - 000000520 _____ C:\Users\admin\Desktop\Asystent odzyskiwania i pomocy technicznej firmy Microsoft.appref-ms 2021-04-12 21:27 - 2021-04-12 21:33 - 000000000 ____D C:\Users\admin\AppData\Local\Deployment 2021-04-12 19:07 - 2021-04-12 19:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-04-12 19:07 - 2021-04-12 19:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-04-12 19:07 - 2021-04-12 19:07 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-04-12 19:07 - 2021-04-12 19:07 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-04-12 19:07 - 2021-04-12 19:07 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-04-12 19:07 - 2021-04-12 19:07 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-04-12 19:07 - 2021-04-12 19:07 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-04-12 19:07 - 2021-04-12 19:07 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-04-12 17:38 - 2021-04-14 08:29 - 000028279 _____ C:\Users\admin\Desktop\Przedmiar_2150R1.XLSX 2021-04-12 16:24 - 2021-04-12 16:24 - 000026987 _____ C:\Users\admin\Desktop\Przedmiar_2150R.XLSX 2021-04-07 07:30 - 2021-04-07 07:48 - 000000000 ____D C:\Users\admin\AppData\Roaming\AnyDesk 2021-04-07 07:30 - 2021-04-07 07:30 - 003743464 _____ (philandro Software GmbH) C:\Users\admin\Downloads\AnyDesk.exe 2021-04-06 20:04 - 2021-04-06 20:04 - 000815392 _____ C:\Users\admin\Downloads\Curriculum-Vitae-Katarzyna-Kopiec.... (1).pdf 2021-04-06 19:56 - 2021-04-06 19:56 - 000093687 _____ C:\Users\admin\Downloads\CV Kopiec.odt 2021-04-02 17:58 - 2021-04-02 17:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-04-01 08:24 - 2021-04-01 08:24 - 000319512 _____ C:\Users\admin\Downloads\Komunikat_Wojewody_Podkarpackiego_z_dnia_15_marca_2021_r_w_sprawie_naboru_wniosków_na_zadania_dotyczące_poprawy_bezpieczeństwa_ruchu_pieszych_w_obszarze_oddziaływania_przejść_dla_pieszych_w_ciągu_dróg_gminnych.pdf 2021-03-31 13:02 - 2021-04-12 08:21 - 000012576 _____ C:\Users\admin\Desktop\Zestawienie kosztów_Przejścia.xlsx 2021-03-25 11:56 - 2021-03-25 11:56 - 003739825 _____ C:\Users\admin\Downloads\Porozumienie_A4.pdf 2021-03-25 10:38 - 2021-03-25 10:38 - 000010531 _____ C:\Users\admin\Desktop\Zmodernizowane_Drogi.xlsx ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-04-17 17:52 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-17 17:28 - 2020-11-24 18:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-17 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-17 12:19 - 2016-09-05 19:02 - 000000000 ____D C:\Program Files\CCleaner 2021-04-17 07:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-17 05:31 - 2020-06-16 07:05 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-17 05:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-16 20:15 - 2017-04-30 09:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-04-16 19:49 - 2017-04-30 09:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-04-16 19:01 - 2017-12-01 13:02 - 000000000 ____D C:\Users\admin\AppData\Local\Packages 2021-04-16 14:10 - 2017-06-03 18:19 - 000000445 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2021-04-16 13:50 - 2021-01-23 01:32 - 000002178 _____ C:\Users\Public\Desktop\AutoCAD 2017 — Polski (Polish).lnk 2021-04-16 13:31 - 2018-07-09 00:27 - 000000000 ____D C:\ProgramData\Packages 2021-04-16 13:31 - 2017-04-30 09:03 - 000000000 ____D C:\ProgramData\NVIDIA 2021-04-16 13:31 - 2016-09-07 17:02 - 000000000 ____D C:\Users\admin\AppData\Roaming\NVIDIA 2021-04-16 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help 2021-04-16 13:28 - 2017-04-30 09:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2021-04-16 13:28 - 2016-09-02 15:46 - 000000000 ____D C:\Users\admin\AppData\Local\NVIDIA Corporation 2021-04-16 13:28 - 2016-09-02 15:46 - 000000000 ____D C:\Users\admin\AppData\Local\NVIDIA 2021-04-16 08:12 - 2016-10-11 18:12 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps 2021-04-16 07:32 - 2018-03-11 21:22 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-15 07:15 - 2019-02-06 10:03 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-15 07:15 - 2016-11-17 17:26 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla 2021-04-14 12:53 - 2017-04-30 09:03 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-04-14 09:51 - 2021-02-03 18:00 - 000000000 ____D C:\WINDOWS\Minidump 2021-04-14 07:42 - 2020-11-24 18:34 - 001769864 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-14 07:42 - 2019-12-07 17:08 - 000785594 _____ C:\WINDOWS\system32\perfh015.dat 2021-04-14 07:42 - 2019-12-07 17:08 - 000152454 _____ C:\WINDOWS\system32\perfc015.dat 2021-04-14 01:43 - 2016-09-05 19:29 - 000000000 ____D C:\ProgramData\Autodesk 2021-04-14 00:43 - 2020-11-24 18:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-14 00:43 - 2020-11-24 18:26 - 000685424 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-14 00:43 - 2020-11-24 18:26 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-14 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-14 00:43 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-14 00:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-13 23:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-13 23:56 - 2020-11-24 18:27 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-04-13 23:47 - 2016-09-05 22:10 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-04-13 23:47 - 2016-09-05 22:10 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-04-13 22:18 - 2020-11-24 18:30 - 000000000 ____D C:\Users\MSSQL$ELISOFT 2021-04-13 22:18 - 2020-11-24 18:30 - 000000000 ____D C:\Users\admin 2021-04-13 19:45 - 2020-11-28 11:56 - 000003416 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c27fa44581da 2021-04-13 19:45 - 2020-11-24 18:37 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-13 19:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-04-13 09:15 - 2017-02-26 21:21 - 007212232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-04-13 09:15 - 2017-02-26 21:21 - 006159160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-04-13 08:27 - 2018-07-08 23:17 - 000000000 ____D C:\Program Files\ALLPlayer 2021-04-13 08:26 - 2020-10-22 14:09 - 000015824 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys 2021-04-13 08:23 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-13 07:26 - 2015-09-11 01:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-04-13 07:25 - 2015-07-10 15:16 - 000000000 ____D C:\WINDOWS\ShellNew 2021-04-13 07:24 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-04-13 06:26 - 2020-11-24 18:37 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-04-12 21:48 - 2020-09-17 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-04-12 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-04-12 19:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-04-12 19:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-04-12 19:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-04-12 19:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-04-12 19:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-04-12 19:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-04-12 11:05 - 2021-03-05 09:30 - 000000000 ____D C:\ProgramData\KDService 2021-04-12 07:25 - 2020-10-20 16:36 - 000000000 ____D C:\Program Files (x86)\Origin 2021-04-12 07:25 - 2018-05-14 07:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-04-11 20:10 - 2016-09-05 18:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-11 20:10 - 2016-09-05 18:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-04-07 07:24 - 2016-11-17 17:30 - 000249212 _____ C:\WINDOWS\system32\InstallUtil.InstallLog 2021-04-02 17:57 - 2016-09-05 18:45 - 000001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-03-24 11:20 - 2019-12-07 17:10 - 000000000 ____D C:\WINDOWS\system32\FxsTmp ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-06-27 15:13 - 2020-06-27 15:13 - 000000079 _____ () C:\Users\admin\AppData\Roaming\Camdata.ini 2020-06-27 15:13 - 2020-06-27 15:13 - 000000408 _____ () C:\Users\admin\AppData\Roaming\CamLayout.ini 2020-06-27 15:13 - 2020-06-27 15:13 - 000000408 _____ () C:\Users\admin\AppData\Roaming\CamShapes.ini 2020-06-27 15:13 - 2020-06-27 15:13 - 000004549 _____ () C:\Users\admin\AppData\Roaming\CamStudio.cfg 2019-04-12 18:17 - 2020-05-14 19:31 - 000018651 _____ () C:\Users\admin\AppData\Roaming\downloads.json 2020-06-27 11:13 - 2020-06-27 11:13 - 000000096 _____ () C:\Users\admin\AppData\Roaming\version2.xml 2017-03-16 19:17 - 2017-03-16 19:17 - 000000017 _____ () C:\Users\admin\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) UWAGA: ==> Nie można uzyskać dostępu do BCD. -> ==================== Koniec FRST.txt ========================