Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-11-2021 Uruchomiony przez Jarosław (administrator) KOMP-RODZINNY (Gigabyte Technology Co., Ltd. GA-MA770T-UD3P) (21-11-2021 21:16:03) Uruchomiony z C:\Users\Jarosław.komp-rodzinny\AppData\Local\Temp\MicrosoftEdgeDownloads\0e2cc5f4-b490-40cf-81d9-af0120698fe7 Załadowane profile: Jarosław & Ewelina & Jarek Platform: Microsoft Windows 10 Pro N Wersja 21H1 19043.1348 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe <2> (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.53\identity_helper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE <2> (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <4> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2> (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803976 2016-12-09] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167496 2021-11-10] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-48474139-1230229898-2060568108-1001\...\Run: [HP Deskjet 3540 series (NET)] => C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.) HKU\S-1-5-21-48474139-1230229898-2060568108-1001\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe [6813416 2019-09-28] (ALLPlayer Group sp. z o.o. -> ALLPlayer Group Ltd.) HKU\S-1-5-21-48474139-1230229898-2060568108-1001\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [7794280 2021-10-05] (Proton Technologies AG -> ) HKU\S-1-5-21-48474139-1230229898-2060568108-1001\...\Policies\system: [Shell] <==== UWAGA HKU\S-1-5-21-48474139-1230229898-2060568108-1005\...\Run: [HP Deskjet 3540 series (NET)] => C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.) HKU\S-1-5-21-48474139-1230229898-2060568108-1005\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe [6813416 2019-09-28] (ALLPlayer Group sp. z o.o. -> ALLPlayer Group Ltd.) HKU\S-1-5-21-48474139-1230229898-2060568108-1005\...\Run: [Napisy24.pl] => "C:\Program Files (x86)\Napisy24\Napisy24.exe" AutoStart (Brak pliku) HKU\S-1-5-21-48474139-1230229898-2060568108-1005\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [7794280 2021-10-05] (Proton Technologies AG -> ) HKU\S-1-5-21-48474139-1230229898-2060568108-1005\...\MountPoints2: {98b7e2fc-1845-11ec-9c91-00241d2e14c2} - "F:\HiSuiteDownLoader.exe" HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\HP C711 Status Monitor: C:\WINDOWS\system32\hpinkstsC711LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3540 series): C:\WINDOWS\system32\HPDiscoPMC711.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level GroupPolicy: Ograniczenia - Chrome <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {3A042C8C-31A0-450C-A3D9-ADEEC63D5373} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {3C1410AB-D025-4FC7-81A7-3FDA8680E2CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r (Brak pliku) Task: {3CCF9747-F0BD-46A5-9B4A-BD65EE6FCE61} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Brak pliku) Task: {4C89C4C5-2C50-4D8F-BECE-1483C145C1FB} - System32\Tasks\{131D367B-3967-4090-8E73-BC9AC848C1FB} => C:\Windows\system32\pcalua.exe -a C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw Task: {4E15596F-7F4A-4C52-B7B4-0E383DF23442} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {5D6195EA-105D-4B89-AD88-57B0CB743B45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {64F75E2A-F572-46B1-ACE6-15D0B24C0264} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Brak pliku) Task: {6A59C583-FBB0-4F2B-A452-307A30BEF6BC} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Brak pliku) Task: {72A55F2A-ACCF-47A3-8728-9A0F6BBCA797} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {77ECDA4F-064C-4056-B5F5-29ABC2ACAD74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8948C228-4153-4DF4-8F6D-82B111F0E5D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9775353F-B336-40CE-BFE3-B8D2649BE176} - System32\Tasks\Microsoft Office 15 Sync Maintenance for komp-rodzinny-Jarosław komp-rodzinny => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [470720 2015-02-10] (Microsoft Corporation -> Microsoft Corporation) Task: {98FB22B0-3758-495D-B954-35D09AEF065F} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {AAE4917E-4D8A-42A4-BF2F-E9DD25DEB829} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Brak pliku) Task: {B3805F3E-2FF3-4FF3-98BA-6323C487698C} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {BC0E468B-C385-4C8F-BBFF-545E3266EE92} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Brak pliku) Task: {C4704045-71B9-4AEE-BCB5-B1A086521C57} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {CCBE6FD0-A424-477A-8D11-290FE3B549FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (Brak pliku) Task: {D0C2898F-28D8-4BED-B665-1B8F9E3B0D04} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Brak pliku) Task: {D29B735A-86BD-41D4-BC72-E0D48A3765AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Brak pliku) Task: {D74A7354-3DBC-4993-8017-8AEDA1671A39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DA98B34C-91FF-4A35-B267-F4237DC72295} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {EC772209-B535-4657-90F3-0F0DD1844F19} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Brak pliku) Task: {ECEFDD38-F394-425B-8D03-F7816CAB1D45} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\a39817dc-6b98-4c56-a04c-6386910f4f27-1-7" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\a39817dc-6b98-4c56-a04c-6386910f4f27-3" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\a39817dc-6b98-4c56-a04c-6386910f4f27-5" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\a39817dc-6b98-4c56-a04c-6386910f4f27-6" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\a39817dc-6b98-4c56-a04c-6386910f4f27-7" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\AutoKMS" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\AutoPico Daily Restart" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\BikaQ_FetchAndUpgrade_CanBeDel" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\Browser Updater Task(Core)" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\globalUpdateUpdateTaskMachineCore" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\globalUpdateUpdateTaskMachineUA" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Milimili" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\Optimize Start Menu Cache Files-S-1-5-21-48474139-1230229898-2060568108-1001" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\Optimize Start Menu Cache Files-S-1-5-21-48474139-1230229898-2060568108-1004" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\Optimize Start Menu Cache Files-S-1-5-21-48474139-1230229898-2060568108-1005" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{74DED92B-BAB6-41BC-9E10-4BEA582C24AD}" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{7A7A9634-892C-4E87-97C0-73D58F5AB89A}" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(23): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{BEAFEBF6-3D0A-45AE-AD8A-D5820EB33B56}" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(24): schtasks.exe -> /Change /TN "\WinTaske" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(25): schtasks.exe -> /Change /TN "\{131D367B-3967-4090-8E73-BC9AC848C1FB}" /ENABLE Task: {F3378BB6-6743-45A5-8F4E-DEA7F1C84457} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(26): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\AUVmaMuEzGvp0thDfLw4sL8je4D.job => C:\Users\Jarosaw.komp-rodzinny\AppData\Roaming\AUVmaMuEzGvp0thDfLw4sL8je4D.exe <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 31.11.173.2 89.228.4.126 Tcpip\..\Interfaces\{296CEDB7-356D-4138-BEAA-37DEBBE14DBC}: [DhcpNameServer] 31.11.173.2 89.228.4.126 Tcpip\..\Interfaces\{eab2262d-9ab1-5975-7d92-334d06f4972b}: [NameServer] 10.2.0.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Jarosław.komp-rodzinny\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-21] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Jarosław.komp-rodzinny\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-20] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: plcv3qzr.default FF ProfilePath: C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\Mozilla\Firefox\Profiles\plcv3qzr.default [2021-11-19] FF Extension: (ETP Search Volume Study) - C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\Mozilla\Firefox\Profiles\plcv3qzr.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-04-28] FF Extension: (Avast Online Security & Privacy) - C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\Mozilla\Firefox\Profiles\plcv3qzr.default\Extensions\wrc@avast.com.xpi [2021-11-08] FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-10-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-10-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-48474139-1230229898-2060568108-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ewelina\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies SF -> Unity Technologies ApS) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-11-20] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3139904 2021-11-10] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3139904 2021-11-10] (ESET, spol. s r.o. -> ESET) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-08] (Malwarebytes Inc -> Malwarebytes) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [115304 2021-10-05] (Proton Technologies AG -> ) R3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-10-05] (Proton Technologies AG -> ) R3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2021-10-05] (Proton Technologies AG -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-12] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation) S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30352 2015-09-26] (Disc Soft Ltd -> Disc Soft Ltd) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183408 2021-10-19] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [124496 2021-10-19] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [201984 2021-10-19] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43920 2021-10-19] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [69736 2021-10-19] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-10-19] (ESET, spol. s r.o. -> ESET) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-08] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-10] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-10] (Microsoft Windows -> Microsoft Corporation) R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-09-10] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) R3 WireGuard; C:\WINDOWS\system32\DRIVERS\wireguard.sys [165384 2021-10-17] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) U1 avgbdisk; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Trzy miesiące (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-11-21 21:16 - 2021-11-21 21:16 - 000002683 _____ C:\Users\Jarosław.komp-rodzinny\Desktop\FRST64 — skrót .lnk 2021-11-21 20:24 - 2021-11-21 21:18 - 000000000 ____D C:\FRST 2021-11-20 11:00 - 2021-11-20 11:00 - 001024803 _____ C:\Users\Jarosław.komp-rodzinny\Downloads\Potwierdzenie_wypowiedzenia_umowy_1720631205.pdf 2021-11-19 15:37 - 2021-11-19 15:37 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-11-19 15:36 - 2021-11-19 15:36 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-11-19 15:36 - 2021-11-19 15:36 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-11-19 15:31 - 2021-11-19 15:31 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\AVG 2021-11-19 15:31 - 2021-11-19 15:31 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\AVG 2021-11-19 15:29 - 2021-11-19 15:29 - 000557784 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw8be41d852168af33.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000539144 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswa5a03e7accffdedb.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000367712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw5569b9714d5b5535.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000336824 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2021-11-19 15:29 - 2021-11-19 15:29 - 000317840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw387d900617a268d2.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000250456 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw3d9acbc09cfd87f4.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000214496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw2c0e916a85e63159.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000184800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswb63d9b72a85d5558.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000107976 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswe746214d5d80c06b.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000099432 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswe86fb26d942aa4c5.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000083040 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswa509e93fd04d4983.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000041504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw7d6570a4d1aad53e.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000021960 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw2dc849d2c53869d7.tmp 2021-11-19 15:29 - 2021-11-19 15:29 - 000000000 ____D C:\Program Files\Common Files\AVG 2021-11-19 15:29 - 2021-11-19 15:28 - 000852352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswa331e0259faae5cf.tmp 2021-11-19 15:29 - 2021-11-19 15:28 - 000222264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswc7f2dda78a504e0c.tmp 2021-11-19 15:29 - 2021-11-19 15:28 - 000035872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw0d5135a3771092d6.tmp 2021-11-19 15:28 - 2021-11-19 15:28 - 000000000 ____D C:\Program Files\AVG 2021-11-19 15:27 - 2021-11-19 16:15 - 000000000 ____D C:\ProgramData\AVG 2021-11-14 14:37 - 2021-11-19 15:34 - 091488256 _____ C:\WINDOWS\system32\config\SOFTWARE 2021-11-13 19:08 - 2021-11-13 19:08 - 000000000 ____D C:\WINDOWS\Panther 2021-11-13 18:30 - 2021-11-13 18:30 - 000000000 ____D C:\Users\Ewelina\AppData\Local\Microsoft Help 2021-11-12 19:32 - 2021-11-12 19:32 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-11-12 19:31 - 2021-11-12 19:31 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-11-12 19:31 - 2021-11-12 19:31 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-11-12 19:30 - 2021-11-12 19:30 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-11-12 18:48 - 2021-11-12 18:48 - 000000000 ___HD C:\$WinREAgent 2021-11-10 23:42 - 2021-11-10 23:42 - 000000000 ___HD C:\$Windows.~WS 2021-11-10 23:39 - 2021-11-10 23:39 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent aktualizacji do systemu Windows 10.lnk 2021-11-10 23:39 - 2021-11-10 23:39 - 000000000 ____D C:\Windows10Upgrade 2021-11-10 22:38 - 2021-11-20 14:50 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\LocalLow\IGDump 2021-11-10 22:09 - 2021-11-14 14:37 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2021-11-08 22:24 - 2021-11-08 22:24 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-08 22:23 - 2021-11-08 22:23 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-11-08 21:26 - 2021-11-08 21:26 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-11-08 21:26 - 2021-11-08 21:26 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-11-08 21:26 - 2021-11-08 21:26 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-11-08 21:26 - 2021-11-08 21:26 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-11-08 21:26 - 2021-11-08 21:26 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\mbam 2021-11-08 21:26 - 2021-11-08 21:25 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-11-08 21:26 - 2021-11-08 21:25 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-11-08 21:25 - 2021-11-08 21:25 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-11-08 21:25 - 2021-11-08 21:25 - 000000000 ____D C:\Program Files\Malwarebytes 2021-10-19 16:43 - 2021-10-19 16:43 - 000001491 _____ C:\Users\Jarosław.komp-rodzinny\Desktop\Wireless Network Watcher.lnk 2021-10-19 16:41 - 2021-10-19 16:41 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher 2021-10-19 16:41 - 2021-10-19 16:41 - 000000000 ____D C:\Program Files (x86)\NirSoft 2021-10-17 19:20 - 2021-10-17 19:20 - 000165384 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\wireguard.sys 2021-10-17 19:20 - 2021-10-17 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN 2021-10-15 17:29 - 2021-10-15 17:29 - 000000000 ____D C:\Users\Jarek\AppData\Local\Publishers 2021-10-15 17:28 - 2021-10-15 17:40 - 000000000 ____D C:\Users\Jarek\AppData\Local\Packages 2021-10-15 17:28 - 2021-10-15 17:28 - 000000020 ___SH C:\Users\Jarek\ntuser.ini 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\Ustawienia lokalne 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\Szablony 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\Moje dokumenty 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\Menu Start 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\Documents\Moje wideo 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\Documents\Moje obrazy 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\Documents\Moja muzyka 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\Dane aplikacji 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\AppData\Local\Tymczasowe pliki internetowe 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\AppData\Local\Historia 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 _SHDL C:\Users\Jarek\AppData\Local\Dane aplikacji 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 ___RD C:\Users\Jarek\3D Objects 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 ____D C:\Users\Jarek\AppData\Roaming\Adobe 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 ____D C:\Users\Jarek\AppData\Local\VirtualStore 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 ____D C:\Users\Jarek\AppData\Local\NVIDIA 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 ____D C:\Users\Jarek\AppData\Local\ConnectedDevicesPlatform 2021-10-15 17:28 - 2021-10-15 17:28 - 000000000 ____D C:\Users\Jarek 2021-10-15 17:28 - 2021-04-06 22:48 - 000000000 ____D C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-10-15 17:28 - 2019-12-07 10:09 - 000001105 _____ C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-10-15 17:28 - 2016-03-06 18:39 - 000000000 ____D C:\Users\Jarek\AppData\Roaming\Macromedia 2021-10-15 17:28 - 2015-07-31 07:28 - 000000000 ____D C:\Users\Jarek\AppData\Local\Microsoft Help 2021-10-14 19:19 - 2021-10-14 19:19 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2021-10-14 19:19 - 2021-10-14 19:19 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-10-13 19:35 - 2021-10-13 19:35 - 000000000 ____D C:\Users\Ewelina\AppData\Local\starstableonline-updater 2021-10-11 18:57 - 2021-11-20 10:24 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-10-02 20:42 - 2021-10-02 20:42 - 000191832 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2021-10-02 20:42 - 2021-10-02 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2021-10-02 20:41 - 2021-10-02 20:41 - 000000000 ____D C:\Program Files\Java 2021-10-02 20:15 - 2021-11-11 00:06 - 000000000 ____D C:\ProgramData\SecTaskMan 2021-10-02 14:14 - 2021-10-02 14:14 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-10-02 14:14 - 2021-10-02 14:14 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-10-02 14:14 - 2021-10-02 14:14 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2021-10-02 14:12 - 2021-10-02 14:12 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-10-02 14:11 - 2021-10-02 14:11 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-10-01 18:00 - 2021-10-01 18:00 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\starstableonline-updater 2021-10-01 17:57 - 2021-10-01 17:58 - 074754352 _____ (Star Stable Entertainment AB) C:\Users\Ewelina\Downloads\Star+Stable+Online+Setup+2.9.8.exe 2021-09-21 06:05 - 2021-09-21 06:05 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\OneDrive 2021-09-20 20:32 - 2021-09-20 20:32 - 000000000 __SHD C:\Users\Jarosław.komp-rodzinny\Desktop\HTG Locker 2021-09-20 20:25 - 2021-09-20 20:25 - 000000000 ____D C:\WINDOWS\system32\Private 2021-09-19 11:25 - 2021-09-19 11:25 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-09-10 11:22 - 2021-09-19 13:08 - 000000000 ____D C:\Users\Ewelina\AppData\Local\ProtonVPN 2021-09-10 11:22 - 2021-09-10 11:22 - 000000000 ____D C:\Users\Ewelina\AppData\Local\ToastNotificationManagerCompat 2021-09-10 11:10 - 2021-09-10 11:10 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-09-10 11:10 - 2021-09-10 11:10 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll 2021-09-10 11:09 - 2021-09-10 11:09 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2021-09-10 11:09 - 2021-09-10 11:09 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-09-10 11:08 - 2021-09-10 11:08 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2021-09-10 11:08 - 2021-09-10 11:08 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-09-10 11:08 - 2021-09-10 11:08 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-09-10 10:31 - 2021-09-10 10:31 - 000029680 ____N (WireGuard LLC) C:\WINDOWS\system32\Drivers\wintun.sys 2021-09-10 10:26 - 2021-09-10 10:31 - 000000000 ____D C:\ProgramData\ProtonVPN 2021-09-10 10:26 - 2021-09-10 10:26 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\ToastNotificationManagerCompat 2021-09-10 10:25 - 2021-10-17 19:20 - 000001230 _____ C:\Users\Public\Desktop\ProtonVPN.lnk 2021-09-10 10:24 - 2021-10-17 19:20 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\Proton Technologies AG 2021-09-10 10:24 - 2021-10-17 19:20 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\ProtonVPN 2021-09-10 10:24 - 2021-10-17 19:20 - 000000000 ____D C:\Program Files (x86)\Proton Technologies 2021-09-10 10:15 - 2021-09-10 10:15 - 000000623 _____ C:\Users\Jarosław.komp-rodzinny\Desktop\productkey.vbs 2021-09-10 10:09 - 2021-09-10 10:09 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\Microsoft_Corporation ==================== Trzy miesiące (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-11-21 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-21 20:40 - 2020-11-19 00:31 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-11-21 20:40 - 2020-11-19 00:31 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-11-21 20:13 - 2019-07-12 08:04 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\CrashDumps 2021-11-20 15:14 - 2020-11-18 23:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-20 14:44 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-20 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-20 13:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-11-20 10:52 - 2015-07-01 21:31 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\Packages 2021-11-20 10:25 - 2019-02-17 18:59 - 000000000 ____D C:\ProgramData\Mozilla 2021-11-20 10:21 - 2017-03-22 14:27 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\LocalLow\Mozilla 2021-11-19 19:37 - 2021-08-16 01:49 - 000005346 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for komp-rodzinny-Jarosław komp-rodzinny 2021-11-19 15:35 - 2021-04-06 22:36 - 000008192 ___SH C:\DumpStack.log.tmp 2021-11-19 15:35 - 2020-11-19 00:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-11-19 15:35 - 2015-12-30 09:47 - 000000000 ____D C:\ProgramData\NVIDIA 2021-11-19 15:34 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-11-19 15:29 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-11-19 13:47 - 2021-04-06 22:56 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-11-19 13:47 - 2019-12-07 16:09 - 000784340 _____ C:\WINDOWS\system32\perfh015.dat 2021-11-19 13:47 - 2019-12-07 16:09 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat 2021-11-19 13:47 - 2019-12-07 10:12 - 000000000 ____D C:\WINDOWS\INF 2021-11-17 07:08 - 2021-04-13 09:01 - 000003416 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72b2f4797e7ba 2021-11-17 07:08 - 2020-11-19 00:30 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-11-16 22:09 - 2020-01-26 10:26 - 000000000 ____D C:\Users\Ewelina\AppData\Local\CrashDumps 2021-11-16 21:57 - 2019-03-05 20:42 - 000000000 ____D C:\Users\Ewelina\Desktop\zdjęcia 2021-11-16 18:58 - 2021-04-06 22:46 - 000000000 ____D C:\Users\Ewelina 2021-11-16 16:48 - 2021-06-26 22:15 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\Desktop\Nowy folder 2021-11-16 16:15 - 2021-06-27 12:52 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\D3DSCache 2021-11-14 14:58 - 2019-02-17 19:02 - 000000000 ____D C:\Users\Ewelina\AppData\LocalLow\Mozilla 2021-11-13 19:10 - 2020-11-18 23:28 - 000446192 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-13 19:04 - 2019-12-07 16:12 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-11-13 19:04 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-11-13 19:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-13 19:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-13 10:20 - 2021-06-11 15:25 - 000000000 ____D C:\Users\Ewelina\AppData\Roaming\Star Stable Online 2021-11-13 09:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-12 18:57 - 2020-05-30 18:18 - 000001466 _____ C:\Users\Ewelina\Desktop\Roblox Player.lnk 2021-11-12 18:57 - 2020-05-30 18:17 - 000001289 _____ C:\Users\Ewelina\Desktop\Roblox Studio.lnk 2021-11-12 18:56 - 2020-05-30 18:17 - 000000000 ____D C:\Users\Ewelina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2021-11-11 11:42 - 2015-06-30 18:49 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-11-11 11:36 - 2015-07-31 09:34 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-11-11 05:50 - 2021-04-07 05:08 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-48474139-1230229898-2060568108-1001 2021-11-11 05:50 - 2021-04-06 22:46 - 000002517 _____ C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-11-11 00:25 - 2021-04-06 21:16 - 000000000 ____D C:\ESD 2021-11-10 22:34 - 2020-11-19 00:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-11-10 22:25 - 2021-04-07 05:17 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-11-10 21:36 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-11-08 22:11 - 2017-04-08 10:51 - 000000000 ____D C:\Program Files (x86)\Firefox 2021-11-08 21:06 - 2021-01-16 20:34 - 000000000 ____D C:\Users\Ewelina\AppData\Local\Hewlett-Packard 2021-11-08 21:06 - 2021-01-09 21:43 - 000000000 ____D C:\Users\Ewelina\AppData\Roaming\Hewlett-Packard 2021-11-08 21:06 - 2015-12-03 21:30 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\Hewlett-Packard 2021-11-08 21:06 - 2015-12-03 21:12 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Local\Hewlett-Packard 2021-11-08 21:06 - 2015-06-29 19:10 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2021-11-08 21:06 - 2015-06-29 19:09 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard 2021-11-08 20:50 - 2021-04-06 22:46 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny 2021-11-08 20:49 - 2016-06-12 19:27 - 000000000 ____D C:\WINDOWS\system32\log 2021-10-29 17:31 - 2015-07-10 20:39 - 000000000 ____D C:\Users\Ewelina\AppData\Local\Packages 2021-10-26 20:32 - 2020-04-21 16:34 - 000000000 ____D C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line ==================== Pliki w katalogu głównym wybranych folderów ======== 2015-04-19 13:20 - 2015-07-06 21:31 - 000000626 _____ () C:\Users\Jarosław.komp-rodzinny\AppData\Roaming\AUVmaMuEzGvp0thDfLw4sL8je4D ==================== FLock ============================== 2021-07-12 19:25 C:\ProgramData\.bnmtfilter ==================== SigCheckExt ========================= 2011-08-17 09:00 - 2011-08-17 09:00 - 000166912 _____ (Nokia) C:\WINDOWS\system32\ccdcmbwux64.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000032768 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbmiapi.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000033280 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboid.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000009216 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboidps.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000057344 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbpro.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000009728 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbprops.dll 2010-01-19 14:12 - 2010-01-19 14:12 - 000070144 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPBWSDR.DLL 2009-11-27 11:15 - 2009-11-27 11:15 - 000228864 _____ (hp) C:\WINDOWS\system32\hplbddrv.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000079872 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZidr12.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZinw12.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipm12.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000054784 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipr12.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000045056 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipt12.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000030208 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzisn12.dll 2011-08-17 08:59 - 2011-08-17 08:59 - 000057856 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsx64.dll 2011-08-17 08:59 - 2011-08-17 08:59 - 000640000 _____ (Nokia) C:\WINDOWS\system32\nmwcdcoclsx64.dll 2010-08-06 10:13 - 2010-08-06 10:13 - 000050688 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZidr12.dll 2010-08-06 10:13 - 2010-08-06 10:13 - 000034816 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZipr12.dll 2019-06-26 16:18 - 2019-06-26 16:18 - 021371002 _____ (CloneDVD Studio ) C:\Users\Ewelina\Downloads\DVDXPlayerSetup.exe 2021-01-30 09:41 - 2021-01-30 09:41 - 008464217 _____ C:\Users\Ewelina\Downloads\kshutdown-5.2-win32.exe 2018-03-20 13:57 - 2018-03-20 13:57 - 000466360 _____ () C:\Users\Ewelina\Downloads\setup.exe ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale pl-PL inherit {globalsettings} default {current} resumeobject {75660ba3-9728-11eb-a553-afff3bd361e7} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Windows Boot Loader ------------------- identifier {current} device partition=C: path \WINDOWS\system32\winload.exe description Windows 10 locale pl-PL inherit {bootloadersettings} recoverysequence {85bc3aed-9720-11eb-9c76-adb8d396b447} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {75660ba3-9728-11eb-a553-afff3bd361e7} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {85bc3aed-9720-11eb-9c76-adb8d396b447} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{85bc3aee-9720-11eb-9c76-adb8d396b447} path \windows\system32\winload.exe description Windows Recovery Environment locale pl-PL inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{85bc3aee-9720-11eb-9c76-adb8d396b447} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {75660ba3-9728-11eb-a553-afff3bd361e7} device partition=C: path \WINDOWS\system32\winresume.exe description Windows Resume Application locale pl-PL inherit {resumeloadersettings} recoverysequence {85bc3aed-9720-11eb-9c76-adb8d396b447} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Diagnostyka pami©ci systemu Windows locale pl-PL inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {85bc3aee-9720-11eb-9c76-adb8d396b447} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Koniec FRST.txt ========================