Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 10-01-2022 01 Uruchomiony przez user (administrator) USE-KOMPUTER (13-01-2022 10:38:34) Uruchomiony z G:\INNE\PROGRAMY\scoped_dir9576_1458399251 Załadowane profile: user Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: IE Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Asseco Data Systems S.A. -> Certum) C:\Program Files (x86)\Certum\proCertum CardManager\cryptoCertumScanner.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (KOPRINET Sp. z o.o. -> Koprinet Koszalin) C:\Program Files (x86)\KOPRINET\Rodos 7\Rodos.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Matrox Graphics Inc. -> Matrox Graphics Inc) C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe (Matrox Graphics Inc. -> Matrox Graphics Inc.) C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <4> (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe (Opera Software AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\82.0.4227.43\opera_autoupdate.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Podpis Kwalifikowany\jre\bin\javaw.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.) C:\Program Files\QNAP\NetBak\NetBak.exe (QNAP Systems, Inc. -> QNAP Systems, Inc.) C:\Program Files\QNAP\NetBak\QVssService.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SafeNet, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe (SOFTPERFECT PTY. LTD. -> SoftPerfect) C:\Program Files\NetWorx\networx.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Matrox PowerDesk SE] => C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe [4246784 2010-02-11] (Matrox Graphics Inc. -> Matrox Graphics Inc.) HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [7698248 2016-06-14] (SOFTPERFECT PTY. LTD. -> SoftPerfect) HKLM\...\Run: [SimplySignDesktop] => C:\Program Files (x86)\Certum\SimplySign Desktop\SimplySignDesktop.exe [1191504 2021-04-21] (Asseco Data Systems S.A. -> Asseco Data Systems S.A.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-30] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [SimplySignDesktop] => C:\Program Files (x86)\Certum\SimplySign Desktop\SimplySignDesktop.exe [1191504 2021-04-21] (Asseco Data Systems S.A. -> Asseco Data Systems S.A.) HKLM-x32\...\Run: [Podpis Kwalifikowany] => C:\Program Files\Podpis Kwalifikowany\pksigner.exe [45937845 2020-03-06] () [Brak podpisu cyfrowego] [Plik w użyciu] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [AutoRegisterCerts] => C:\Program Files (x86)\Certum\proCertum CardManager\cryptoCertumScanner.exe [171088 2021-02-11] (Asseco Data Systems S.A. -> Certum) HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-2525506399-2650626511-3825780741-1000\...\Run: [Opera Browser Assistant] => C:\Users\user\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2525506399-2650626511-3825780741-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2525506399-2650626511-3825780741-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\...\Windows x64\Print Processors\RPCSPRN: C:\Windows\System32\spool\prtprocs\x64\RC00C1B1.dll [34304 2007-02-14] (RICOH COMPANY, LTD.) [Brak podpisu cyfrowego] HKLM\...\Windows x64\Print Processors\SSP7MPC: C:\Windows\System32\spool\prtprocs\x64\ssp7mpc.dll [36864 2011-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider) HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [247808 2011-05-10] (CANON INC.) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [968192 2011-04-11] (CANON INC.) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\doPDF 7 Monitor: C:\Windows\system32\dopdfmn7.dll [25920 2013-08-20] (Softland S.R.L. -> Softland) HKLM\...\Print\Monitors\HP Designjet ECP Monitor: C:\Windows\system32\HPLTLM5.DLL [15360 2008-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation, Microsoft Corporation) HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\Windows\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2019-10-31] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com)) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2019-10-31] (pdfforge GmbH) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\PDFCreator: C:\Windows\system32\pdfcmnnt.dll [87040 2005-03-12] () [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\rica6Wlm: C:\Windows\system32\rica6Wlm.dll [28160 2013-12-26] (RICOH CO.,Ltd.) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\RICOH Language Monitor2: C:\Windows\system32\rc4mon64.dll [26112 2007-05-11] (RICOH CO.,Ltd.) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\ricu06lm: C:\Windows\system32\ricu06lm.dll [28160 2013-12-26] (RICOH CO.,Ltd.) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\SHARP SF1C Series Language Monitor: C:\Windows\system32\SF1CLMON.DLL [125440 2008-03-13] (SHARP CORPORATION) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\SSP7M Langmon: C:\Windows\system32\ssp7ml6.dll [34304 2011-06-22] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-05] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-09-09] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.) Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk [2019-10-30] ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA HKU\S-1-5-21-2525506399-2650626511-3825780741-1000\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0259B938-E431-478D-BDB3-912F63BE7B2D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {03632DDB-15A2-4E1A-A2D2-146375453F63} - System32\Tasks\{67A07831-027F-4EB9-A69A-EE281A15E330} => D:\PRZETARGI\__PRZETARGI\ZP_26_2013-04-11_LUBARTOW_REWIT RYNKU ETAP II\4-2013-Załącznik Nr 7.exe (Brak pliku) Task: {05453964-0069-4CD8-9CFA-F55112EC96E1} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2525506399-2650626511-3825780741-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {07855CF8-CA42-4B01-A0E0-CD800D6F4F38} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {0C7909A9-FDF2-49C5-A9A4-98BBD0631A9F} - System32\Tasks\Rodos7Update => C:\Program Files (x86)\KOPRINET\Rodos Ekspres 2\EkspresTray.exe [4419368 2021-04-27] (KOPRINET Sp. z o.o. -> KOPRINET Sp. z o.o.) Task: {11238724-37D4-47C7-A8C2-5FA952F0A983} - System32\Tasks\CCleanerSkipUAC - user => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd) Task: {221BDD5B-F1AD-4F46-9D55-3403E6202464} - System32\Tasks\e-pity2016a_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe notify 1 31.01.2018 (Brak pliku) Task: {2C3BE66D-7957-497D-A4D9-5B504DF5F8BB} - System32\Tasks\{3BC2D321-5B01-4A6F-937F-4C06456FF86A} => C:\Windows\system32\pcalua.exe -a "D:\drv\hp deskjet 800_ploter\HPDesignjet800PrinterSeries.exe" -d "D:\drv\hp deskjet 800_ploter" Task: {354BA044-98E3-4607-920D-8040DFCF9667} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {3607E04B-4108-4438-9B00-2589CCEB18FD} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {3CF849FC-7D05-454A-9CCD-ECEA8A5F0A2F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime Task: {3CF849FC-7D05-454A-9CCD-ECEA8A5F0A2F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-04-24]] (Microsoft Windows -> Microsoft Corporation) Task: {4EC32B54-CF8D-42CE-9A8C-74C726BE959C} - System32\Tasks\Opera scheduled Autoupdate 1579245218 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software) Task: {57FCBB21-05F4-48CF-BE38-47B4B831DF24} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {57FCBB21-05F4-48CF-BE38-47B4B831DF24} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent Task: {57FCBB21-05F4-48CF-BE38-47B4B831DF24} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-04-24]] (Microsoft Windows -> Microsoft Corporation) Task: {6D87F189-FA0F-4FEF-9C40-7502090EE8AE} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry Task: {6D87F189-FA0F-4FEF-9C40-7502090EE8AE} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog Task: {6D87F189-FA0F-4FEF-9C40-7502090EE8AE} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector Task: {6F56B08E-4F5A-4304-B05A-81DF244A71E0} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1657440 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {70C921BF-B7F0-451C-AABE-FBE4EBC5540D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {7F1C3039-8E60-4155-953E-FBACD5132A02} - System32\Tasks\Opera scheduled assistant Autoupdate 1582726299 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\user\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {89ED0B32-BC5D-4AE3-B768-0D77EA9750FE} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {90F5EFE0-0EE7-4E7C-BA4F-5B28D2B93A6B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent Task: {90F5EFE0-0EE7-4E7C-BA4F-5B28D2B93A6B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-04-24]] (Microsoft Windows -> Microsoft Corporation) Task: {B7B341C1-FDDD-4D2D-8E90-679E4B2A2B26} - System32\Tasks\NetBak-use-Komputer-user-AutoStartup => C:\Program Files\QNAP\NetBak\NetBak.exe [14781752 2019-11-08] (QNAP Systems, Inc. -> QNAP Systems, Inc.) Task: {CC60C15F-C9F2-4864-8119-EA6E03E81463} - System32\Tasks\{4D2E7B70-56F8-4BDD-90ED-2925D4A43E36} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\KOPRINET\Rodos_demo 7\deinst.exe" -d "C:\Program Files (x86)\KOPRINET\Rodos_demo 7" Task: {DBFF3663-6817-4A5D-96E0-670D914100F5} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [30215736 2021-12-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {DD8FBADA-71A6-48EE-AB1B-A2E3E3DAC1D2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {DD8FBADA-71A6-48EE-AB1B-A2E3E3DAC1D2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-04-24]] (Microsoft Windows -> Microsoft Corporation) Task: {E4884D6C-4EE2-4890-9B6F-26C29F04D3FF} - System32\Tasks\e-pity2016a_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe notify 2 30.04.2018 (Brak pliku) Task: {E9EEDC21-A8D7-43AC-97E5-A66EB2ADB96B} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [254640 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {ED754F42-2D93-4721-8FF1-BF70B7E4D7CD} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [3661072 2016-12-08] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) Task: {F343C732-EDC7-48F6-A4CD-74EE1FDA6197} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-14] (Microsoft Windows -> Microsoft Corporation) Task: {F45C718F-8778-44B0-91AA-3B212D902B46} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2346043108-2396140099-1828878525-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2346043108-2396140099-1828878525-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\NetBak-use-Komputer-user-Job1.job => C:\Program Files\QNAP\NetBak\NetBak.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5C31753E-D1AE-46F0-804A-F5D7FA7FBFDB}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{60FBAA47-7DAF-4036-B501-58B320EBC542}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF DefaultProfile: ob1g130o.default FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ob1g130o.default [2022-01-13] FF Homepage: Mozilla\Firefox\Profiles\ob1g130o.default -> hxxps://www.google.com/ FF Session Restore: Mozilla\Firefox\Profiles\ob1g130o.default -> [funkcja włączona] FF Notifications: Mozilla\Firefox\Profiles\ob1g130o.default -> hxxps://www.facebook.com FF Extension: (Szafir SDK Web) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ob1g130o.default\Extensions\{5e118bad-a840-4256-bd31-296194533aac}.xpi [2019-07-05] [UpdateUrl:hxxps://www.elektronicznypodpis.pl/download/webmodule/firefox/updates.json] FF Extension: (NoScript) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ob1g130o.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-01-11] FF Extension: (WOT – Bezpieczeństwo witryn i bezpieczne przeglądanie) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ob1g130o.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2021-12-09] FF Extension: (C.E. Peaceful Forest) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ob1g130o.default\Extensions\{b291f817-da6e-4491-95c3-5aee318d0023}.xpi [2019-05-14] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ob1g130o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-12-09] FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2019-08-12] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-02-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google Inc -> Google) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-02-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\antibeacon.js [2021-12-27] <==== UWAGA (Linkuje do pliku *.cfg) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-03] <==== UWAGA Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2021-12-27] CHR Extension: (Prezentacje) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-22] CHR Extension: (Arkusze) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-22] CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-22] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-22] CHR Extension: (e-pity - dodatek) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2021-06-22] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] Opera: ======= OPR Profile: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable [2022-01-13] OPR Notifications: Opera Stable -> hxxps://rankomat.pl; hxxps://www.gandalf.com.pl OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Translator) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2021-12-09] OPR Extension: (Usługa zwrotu gotówki LetyShops) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\dgojinnjpnpbegoplpfddhpjacniaail [2021-11-02] OPR Extension: (Rich Hints Agent) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-27] OPR Extension: (Save to Pocket) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\hedlhkdmdlcjhiblbmfggdiaeekblnoi [2020-03-24] OPR Extension: (VDP: Best Video Downloader) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibehiiilehaakkhkigckfjfknboalpbe [2020-08-14] OPR Extension: (Amazon Assistant Promotion) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-24] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY SOLUTIONS LIMITED -> ABBYY) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1185160 2018-08-16] (Acronis International GmbH -> ) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574672 2021-07-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [984032 2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1798608 2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5279232 2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712864 2018-04-27] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2998096 2021-11-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384480 2021-08-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [263984 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [263472 2021-12-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [128584 2018-03-26] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) R2 hasplms; C:\Windows\system32\hasplms.exe [4574520 2017-02-10] (SafeNet, Inc. -> SafeNet, Inc.) R2 Matrox.Pdesk.ServicesHost; C:\Program Files (x86)\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [344832 2010-02-11] (Matrox Graphics Inc. -> Matrox Graphics Inc) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-08-16] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1737648 2018-08-16] (Acronis International GmbH -> ) R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) R2 QVssService; C:\Program Files\QNAP\NetBak\QVssService.exe [2203448 2019-11-08] (QNAP Systems, Inc. -> QNAP Systems, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.) S2 Avg; "C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ACR39U; C:\Windows\System32\DRIVERS\acr39u.sys [81264 2018-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.) R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [87864 2017-02-10] (SafeNet, Inc. -> SafeNet, Inc.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [86328 2017-02-10] (SafeNet, Inc. -> SafeNet, Inc.) R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [332088 2017-02-10] (SafeNet, Inc. -> SafeNet, Inc.) R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [128488 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc) R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [401896 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313088 2017-03-23] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [283384 2017-09-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [221600 2021-10-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [177112 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [379664 2018-10-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [1287496 2017-02-10] (SafeNet, Inc. -> SafeNet, Inc.) S3 L1c; C:\Windows\System32\DRIVERS\l1c51x64.sys [71792 2010-06-25] (Atheros Communications Inc. -> Atheros Communications, Inc.) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2022-01-13] (Malwarebytes Corporation -> Malwarebytes) S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-07-16] (ASUSTeK Computer Inc. -> ) R3 MTXPSER; C:\Windows\System32\DRIVERS\mtxpserm.sys [1657344 2010-06-18] (Matrox Graphics Inc. -> Matrox Graphics Inc.) R1 Mtxpserx; C:\Windows\System32\DRIVERS\Mtxpserx.sys [10752 2010-06-18] (Matrox Graphics Inc. -> Matrox Graphics Inc.) R1 networx; C:\Windows\System32\drivers\networx.sys [72632 2016-06-01] (SOFTPERFECT PTY. LTD. -> NetFilterSDK.com) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1310552 2018-10-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [213336 2018-10-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331976 2018-10-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2018-10-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R3 QDrive; \??\C:\Users\user\AppData\Local\Temp\QDrive.sys [X] <==== UWAGA ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-01-13 10:32 - 2022-01-13 10:32 - 000000000 ____D C:\Users\user\Desktop\RAPORTY 2022-01-13 09:52 - 2022-01-13 09:52 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2022-01-10 08:19 - 2022-01-10 08:22 - 1144978180 _____ C:\Users\user\Desktop\zal._1_-_8_do_swz.zip 2022-01-10 08:18 - 2022-01-10 08:18 - 000208154 _____ C:\Users\user\Desktop\swz.pdf 2022-01-10 08:16 - 2022-01-10 08:16 - 000071028 _____ C:\Users\user\Desktop\Informacja z otwarcia ofert (1).pdf 2022-01-10 08:15 - 2022-01-10 08:15 - 000068128 _____ C:\Users\user\Desktop\Informacja z otwarcia ofert.pdf 2022-01-05 11:04 - 2022-01-05 11:04 - 001137603 _____ C:\Users\user\Desktop\WTW AC22P - Beton asfaltowy AC22 do warstwy podbudowy obciazonej ruchem KR3-KR4 zalacznik nr 12.pdf 2022-01-04 11:53 - 2022-01-04 11:53 - 000488203 _____ C:\Users\user\Desktop\zasady-projektowania-gazociagow-stalowych-niskiego-i-sredniego-cisnienia-oraz-gazociagow-polietylenowych.pdf 2022-01-04 11:39 - 2022-01-04 11:39 - 000170221 _____ C:\Users\user\Desktop\zalacznik-4748.pdf 2021-12-30 09:49 - 2022-01-10 14:24 - 000000000 ____D C:\Users\user\Desktop\zał. 1 - 8 do SWZ 2021-12-27 14:51 - 2022-01-13 10:38 - 000000000 ____D C:\FRST 2021-12-27 14:02 - 2022-01-13 07:17 - 000000000 ____D C:\Program Files\CCleaner 2021-12-27 14:02 - 2021-12-29 12:38 - 000000826 _____ C:\Users\Public\Desktop\CCleaner.lnk 2021-12-27 14:02 - 2021-12-27 14:02 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2021-12-27 14:02 - 2021-12-27 14:02 - 000002814 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - user 2021-12-27 14:02 - 2021-12-27 14:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-12-27 13:55 - 2021-12-27 13:55 - 000000085 _____ C:\Windows\wininit.ini 2021-12-23 07:48 - 2021-12-27 13:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-12-22 12:52 - 2021-12-22 12:52 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo 2021-12-22 09:58 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.20211222-095843.backup 2021-12-22 09:35 - 2021-12-22 09:53 - 000000000 ____D C:\Users\user\AppData\Local\Safer-Networking Ltd 2021-12-22 09:35 - 2021-12-22 09:35 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking 2021-12-22 09:35 - 2021-12-22 09:35 - 000000000 ____D C:\Safer-Networking Ltd 2021-12-22 09:35 - 2021-12-22 09:35 - 000000000 ____D C:\Program Files (x86)\Safer-Networking Ltd 2021-12-22 09:34 - 2021-12-27 13:56 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2021-12-22 09:34 - 2021-12-27 13:55 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2021-12-22 09:27 - 2021-12-22 09:27 - 000000000 ____D C:\Users\Public\Security Sessions 2021-12-22 09:26 - 2021-12-22 09:26 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray 2021-12-22 09:26 - 2021-12-22 09:26 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf 2021-12-22 09:26 - 2021-10-22 08:45 - 000221600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2021-12-22 09:26 - 2021-02-09 18:03 - 000177112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2021-12-22 09:26 - 2019-06-07 14:09 - 000068152 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys 2021-12-22 09:26 - 2019-03-20 18:50 - 000078600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2021-12-22 09:26 - 2019-03-20 18:50 - 000036072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2021-12-22 09:26 - 2019-03-20 18:50 - 000035376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys 2021-12-22 09:25 - 2021-12-22 09:27 - 000000000 ____D C:\Users\user\AppData\Local\Avira 2021-12-22 09:25 - 2021-12-22 09:27 - 000000000 ____D C:\ProgramData\Avira 2021-12-22 09:25 - 2021-12-22 09:26 - 000000000 ____D C:\Program Files (x86)\Avira 2021-12-22 09:25 - 2021-12-22 09:25 - 000003710 _____ C:\Windows\system32\Tasks\Avira_Security_Maintenance 2021-12-22 09:25 - 2021-12-22 09:25 - 000003664 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate 2021-12-22 09:25 - 2021-12-22 09:25 - 000003528 _____ C:\Windows\system32\Tasks\Avira_Security_Update 2021-12-22 09:25 - 2021-12-22 09:25 - 000003232 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog 2021-12-22 09:25 - 2021-12-22 09:25 - 000002648 _____ C:\Windows\system32\Tasks\Avira_Security_Systray 2021-12-22 09:25 - 2021-12-22 09:25 - 000001041 _____ C:\Users\Public\Desktop\Avira.lnk 2021-12-22 09:25 - 2021-12-22 09:25 - 000000000 ____D C:\Windows\SysWOW64\statReporter 2021-12-22 09:25 - 2021-12-22 09:25 - 000000000 ____D C:\Users\Public\Speedup Sessions 2021-12-22 09:25 - 2021-12-22 09:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2021-12-22 09:23 - 2021-12-22 09:23 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-12-22 09:23 - 2021-12-22 09:23 - 000003282 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-12-22 09:13 - 2021-12-22 09:13 - 004130384 _____ (PC Tools) C:\Users\user\Downloads\sdsetup_1.exe 2021-12-22 09:13 - 2021-12-22 09:13 - 000000000 ____D C:\Users\user\AppData\Roaming\TestApp 2021-12-22 09:13 - 2021-12-22 09:13 - 000000000 ____D C:\ProgramData\TEMP 2021-12-22 09:13 - 2021-12-22 09:13 - 000000000 ____D C:\ProgramData\PC Tools ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-01-13 10:34 - 2009-07-14 05:45 - 000031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-01-13 10:34 - 2009-07-14 05:45 - 000031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-01-13 10:18 - 2012-02-09 11:48 - 000000000 ____D C:\ProgramData\MFAData 2022-01-13 09:58 - 2011-09-14 08:53 - 000000000 ____D C:\Program Files (x86)\Google 2022-01-13 08:33 - 2019-07-26 08:04 - 010488486 _____ C:\Users\user\proCertumSmartSign.log.1 2022-01-13 08:32 - 2019-07-26 08:04 - 000000283 _____ C:\Users\user\proCertumSmartSignHelpPanel_1_pl.xml 2022-01-13 07:19 - 2011-04-12 14:21 - 000745390 _____ C:\Windows\system32\perfh015.dat 2022-01-13 07:19 - 2011-04-12 14:21 - 000157942 _____ C:\Windows\system32\perfc015.dat 2022-01-13 07:19 - 2009-07-14 06:13 - 001679498 _____ C:\Windows\system32\PerfStringBackup.INI 2022-01-13 07:19 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2022-01-13 07:16 - 2012-10-06 10:40 - 000000000 ____D C:\ProgramData\Mozilla 2022-01-13 07:15 - 2021-01-11 14:06 - 000000000 ____D C:\Users\user\.pksigner 2022-01-13 07:15 - 2016-12-01 07:40 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla 2022-01-13 07:15 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-01-12 12:17 - 2016-09-06 10:54 - 000000000 ____D C:\Users\user\AppData\Roaming\KOPRINET 2022-01-12 08:45 - 2016-01-14 12:35 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps 2022-01-06 10:45 - 2015-08-04 12:42 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2022-01-05 23:00 - 2021-06-22 11:28 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-01-05 23:00 - 2021-06-22 11:28 - 000002095 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-01-04 07:20 - 2020-01-17 08:13 - 000004112 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1579245218 2022-01-03 13:28 - 2019-07-26 08:04 - 010490680 _____ C:\Users\user\proCertumSmartSign.log.2 2021-12-27 14:20 - 2021-03-23 07:31 - 000000000 ____D C:\Users\user\Desktop\12345 2021-12-27 14:06 - 2019-10-31 12:36 - 000000000 ____D C:\Users\user\AppData\Local\PDFCreator 2021-12-27 14:06 - 2016-06-10 11:35 - 000000000 ____D C:\Users\user\AppData\Roaming\MPC-HC 2021-12-27 14:06 - 2015-11-24 09:02 - 000000000 ____D C:\Program Files\PDFCreator 2021-12-27 14:06 - 2014-07-16 07:20 - 000000000 ____D C:\Users\user\AppData\Roaming\PhotoScape 2021-12-27 14:02 - 2012-04-20 06:54 - 000000000 ____D C:\Temp 2021-12-27 14:00 - 2016-09-12 05:51 - 000000000 ____D C:\ProgramData\Avg 2021-12-27 14:00 - 2014-11-19 08:41 - 000000000 ____D C:\Users\user\AppData\Local\Avg 2021-12-27 14:00 - 2014-04-17 13:40 - 000000000 ____D C:\Program Files (x86)\AVG 2021-12-27 13:57 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-12-27 13:53 - 2012-10-06 10:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-12-27 13:17 - 2015-03-13 08:18 - 000000000 ____D C:\AdwCleaner 2021-12-27 07:46 - 2009-07-14 06:08 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2021-12-23 09:44 - 2019-07-26 08:04 - 010487764 _____ C:\Users\user\proCertumSmartSign.log.3 2021-12-22 12:47 - 2009-07-14 05:45 - 000574184 _____ C:\Windows\system32\FNTCACHE.DAT 2021-12-22 09:27 - 2011-09-14 08:50 - 000157176 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT 2021-12-17 08:42 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-11-08 11:24 - 2021-11-08 11:24 - 000000836 _____ () C:\Users\user\AppData\Local\recently-used.xbel 2016-03-16 08:25 - 2021-08-30 12:50 - 000007621 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg 2015-03-27 09:46 - 2015-03-27 09:46 - 000003182 _____ () C:\Users\user\AppData\Local\unins000.dat 2015-03-27 09:46 - 2015-03-27 09:45 - 000707744 _____ () C:\Users\user\AppData\Local\unins000.exe 2015-03-27 09:46 - 2015-03-27 09:46 - 000011761 _____ () C:\Users\user\AppData\Local\unins000.msg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2022-01-07 00:01 ==================== Koniec FRST.txt ========================