Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20-06-2022 Uruchomiony przez root (administrator) PC (Dell Inc. OptiPlex 7010) (21-06-2022 19:20:14) Uruchomiony z C:\Users\root\Downloads Załadowane profile: root Platform: Microsoft Windows 10 Pro Wersja 21H1 19043.1766 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\AdGuardVpn\AdGuardVpn.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe ->) (Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersHelper.exe (C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (RemoteMouse.net) [Brak podpisu cyfrowego] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (C:\Program Files\PostgreSQL\11\bin\pg_ctl.exe ->) (PostgreSQL Global Development Group) [Brak podpisu cyfrowego] C:\Program Files\PostgreSQL\11\bin\postgres.exe <8> (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe (C:\Users\root\AppData\Local\DeepL\app-3.5.25837\DeepL.exe ->) (DeepL SE -> The CefSharp Authors) C:\Users\root\AppData\Local\DeepL\app-3.5.25837\CefSharp.BrowserSubprocess.exe <5> (C:\Users\root\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\root\AppData\Local\Programs\Opera\87.0.4390.45\opera_crashreporter.exe (ComArch SA) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\NOL3Starter\NOL3Starter.exe (DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atieclxx.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8> (explorer.exe ->) (8bit Solutions LLC -> Bitwarden Inc.) C:\Users\root\AppData\Local\Programs\Bitwarden\Bitwarden.exe <4> (explorer.exe ->) (DeepL SE -> DeepL SE) C:\Users\root\AppData\Local\DeepL\app-3.5.25837\DeepL.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <60> (explorer.exe ->) (Jerzy Znamirowski) [Brak podpisu cyfrowego] C:\Program Files (x86)\HEXelon MAX 6\hexelon.exe (explorer.exe ->) (Mionix) [Brak podpisu cyfrowego] C:\Program Files (x86)\Mionix Hub\mnx.exe (explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\root\AppData\Roaming\Spotify\Spotify.exe <5> (Microsoft Corporation -> Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe <2> (OpenVPN) [Brak podpisu cyfrowego] C:\Program Files\OpenVPN Connect\OpenVPNConnect.exe <4> (Opera Software AS -> Opera Software) C:\Users\root\AppData\Local\Programs\Opera\opera.exe <24> (services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe (services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe (services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1638964996365.exe (services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe (services.exe ->) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\AdGuardVpn\AdGuardVpnSvc.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (services.exe ->) (Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (services.exe ->) (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (services.exe ->) (Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe (services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe (services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (services.exe ->) (PostgreSQL Global Development Group) [Brak podpisu cyfrowego] C:\Program Files\PostgreSQL\11\bin\pg_ctl.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (services.exe ->) (Symless Ltd. -> ) C:\Program Files (x86)\Synergy\synergyd.exe (services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (services.exe ->) (The Apache Software Foundation -> Apache Software Foundation) C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9.exe (svchost.exe ->) (Alittera Limited Inc -> 4Team Corporation) C:\Program Files\4Team Corporation\4Team-Updater\4Team-Updater.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.2008.2277.0_x64__8wekyb3d8bbwe\ScreenSketch.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s (Brak pliku) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-09-22] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11245392 2022-06-07] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [2131576 2018-02-08] (Anvsoft Inc. -> ) HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [135968 2018-04-17] (Intel(R) Driver & Support Assistant -> Intel) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [555624 2017-06-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [403048 2017-06-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601936 2018-12-15] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [NOL3Starter] => C:\Program Files (x86)\Common Files\NOL3Starter\NOL3Starter.exe [4378112 2019-01-24] (ComArch SA) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [AdGuardVpn] => C:\Program Files (x86)\AdGuardVpn\AdGuardVpn.exe [589888 2022-04-25] (Adguard Software Limited -> Adguard Software Ltd) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKU\S-1-5-21-2045199433-3875941024-3544520789-1001\...\Run: [MionixHubService] => C:\Program Files (x86)\Mionix Hub\mnx.exe [641536 2018-04-04] (Mionix) [Brak podpisu cyfrowego] HKU\S-1-5-21-2045199433-3875941024-3544520789-1001\...\Run: [Spotify] => C:\Users\root\AppData\Roaming\Spotify\Spotify.exe [22824680 2020-05-24] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2045199433-3875941024-3544520789-1001\...\Run: [HEXelon MAX] => C:\Program Files (x86)\HEXelon MAX 6\hexelon.exe [2816512 2007-06-28] (Jerzy Znamirowski) [Brak podpisu cyfrowego] HKU\S-1-5-21-2045199433-3875941024-3544520789-1001\...\Run: [org.openvpn.client] => C:\Program Files\OpenVPN Connect\OpenVPNConnect.exe [110833152 2021-12-08] (OpenVPN) [Brak podpisu cyfrowego] HKU\S-1-5-21-2045199433-3875941024-3544520789-1001\...\Run: [Opera Browser Assistant] => C:\Users\root\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4137216 2022-06-07] (Opera Software AS -> Opera Software) HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2019-11-03] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-14] (Google LLC -> Google LLC) Startup: C:\Users\root\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL.lnk [2022-05-26] ShortcutTarget: DeepL.lnk -> C:\Users\root\AppData\Local\DeepL\app-3.5.25837\DeepL.exe (DeepL SE -> DeepL SE) GroupPolicy: Ograniczenia ? <==== UWAGA GroupPolicy-Firefox: Ograniczenia <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {03EC32E4-DFB6-4FD0-8C34-D4899160BC12} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {0B1B5E01-FDF8-4021-A6D8-4F58171DD75A} - System32\Tasks\Opera scheduled assistant Autoupdate 1582439510 => C:\Users\root\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\root\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {1231F070-02AB-42F1-A3D9-19A46CAB8131} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Brak pliku) Task: {17EFD99E-E2DF-4074-B9EF-23AB39A5CE2D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864360 2022-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {2AAB610D-89C3-43E8-859C-79F2DDB323F0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {323FC98A-97F6-47A8-BD07-1C0EF63A5D6E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {367D1C90-A454-4C3C-8CCD-7EC7AF948403} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {37EBC049-B410-43C8-9AFA-ADF7E0C76D9B} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-08-20] (Microsoft Corporation -> Microsoft) Task: {426B609F-DF5D-47B3-BD3F-71622B11B1A8} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [770344 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) Task: {451EFBB7-E124-4B96-BC75-79FA7C5B2594} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [754176 2016-07-29] (Oracle Corporation) [Brak podpisu cyfrowego] Task: {4B3084A8-D76E-482C-BE7D-293C44B6E725} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {4BBBD194-B374-4E2C-ACC8-004560B27D57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-23] (Google Inc -> Google Inc.) Task: {5AE0B2CA-0439-4944-8C6A-31AB2DF8A8D2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7058912 2022-06-19] (Microsoft Corporation -> Microsoft Corporation) Task: {5D129397-38A5-48B8-91F3-4CF343F07C02} - System32\Tasks\Opera scheduled Autoupdate 1556388948 => C:\Users\root\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software) Task: {65BA7C01-8875-404D-8335-69EA595617CA} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7B1363DE-04BA-40C5-9A5D-20372BA7BFF4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864360 2022-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {7BF0D3FA-E0DD-4602-A657-482EC0D664A2} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {804CF7A1-78EB-4F5C-A93E-9CCF5F24533B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1555896 2022-06-19] (Microsoft Corporation -> Microsoft Corporation) Task: {823B27ED-CDAC-497A-B4AB-C6DD937391FF} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {8465494D-9217-46FB-ACD6-C083358D05DD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform) Task: {90563237-D9FF-46A7-B815-E5738B2E848D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7058912 2022-06-19] (Microsoft Corporation -> Microsoft Corporation) Task: {919A5BDB-7D77-4377-A534-9F23B00A013D} - System32\Tasks\4Team updater => C:\Program Files\4Team Corporation\4Team-Updater\4Team-Updater.exe [1086336 2018-05-24] (Alittera Limited Inc -> 4Team Corporation) Task: {928188D2-8687-479E-99FE-4C5D150947BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A25E7860-84FB-4729-8B55-C9A6D59058B5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A5577D57-6C6F-45A3-BF04-6D6C2E8030B7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {C935FBC2-7992-4410-902C-62616E79596A} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {CB48F23D-CD15-49D3-8B31-74494DF43A13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-23] (Google Inc -> Google Inc.) Task: {CF48203A-2FCD-4682-AA77-2A9AF805E0EF} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {D40EBB74-42BF-44E5-8F03-5C7F27413D5D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D4B3D791-16BB-474F-AD2F-FCBE52BE8234} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {DE529B37-2836-44E9-8388-D553F1470C4D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2022-06-19] (Microsoft Corporation -> Microsoft Corporation) Task: {E306B034-37B3-45F4-9FE7-8ECD7067C743} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F04F5AC3-7337-4255-A758-67251A02FE7B} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [53800 2017-12-23] (Oracle America, Inc. -> Oracle Corporation) Task: {F5EE83A5-7CBD-4582-89B5-BE447AFEB0D2} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {F99DFB38-B504-4079-9E7A-2C5336414BF0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2022-06-19] (Microsoft Corporation -> Microsoft Corporation) Task: {FF2B647A-5C37-4823-8E84-CA4B26966B99} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 31.11.173.2 89.228.4.126 Tcpip\..\Interfaces\{006c6ed7-c4bf-4cef-99fd-d7912e67ccdd}: [DhcpNameServer] 31.11.173.2 89.228.4.126 Tcpip\..\Interfaces\{5db55ada-7017-43e2-9a6d-f25aacea3755}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{993487f4-bbbe-44bf-bb6e-7cdbe3a7afd0}: [DhcpNameServer] 37.8.214.2 31.11.202.254 Edge: ======= DownloadDir: C:\Users\root\Downloads Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\root\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-24] Edge DownloadDir: Default -> C:\Users\root\Downloads FireFox: ======== FF DefaultProfile: l5xeeexb.default FF ProfilePath: C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default [2022-06-19] FF Homepage: Mozilla\Firefox\Profiles\l5xeeexb.default -> hxxp://www.google.com FF Extension: (Facebook Container) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\@contain-facebook.xpi [2022-04-20] FF Extension: (Cookie AutoDelete) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2022-06-17] FF Extension: (Ghostery – Bloker reklam chroniący prywatność) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\firefox@ghostery.com.xpi [2022-06-17] FF Extension: (HTTPS Everywhere) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\https-everywhere@eff.org.xpi [2021-08-09] FF Extension: (Disable WebRTC) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\jid1-5Fs7iTLscUaZBgwr@jetpack.xpi [2021-10-22] FF Extension: (Użyj Google Translate) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-02-17] FF Extension: (Decentraleyes) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2022-04-20] FF Extension: (Privacy Badger) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-12-22] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-06-17] FF Extension: (NordVPN – VPN Proxy Extension for Firefox) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\nordvpnproxy@nordvpn.com.xpi [2022-06-17] FF Extension: (Alternate Player for Twitch.tv) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\twitch5@coolcmd.xpi [2022-04-20] FF Extension: (uBlock Origin) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\uBlock0@raymondhill.net.xpi [2022-06-19] FF Extension: (uMatrix) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\uMatrix@raymondhill.net.xpi [2021-08-09] FF Extension: (NoScript) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-06-17] FF Extension: (Temporary Containers) - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\l5xeeexb.default\Extensions\{c607c8df-14a7-4f28-894f-29e8722976af}.xpi [2021-07-11] FF HKU\S-1-5-21-2045199433-3875941024-3544520789-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\root\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Script) - C:\Users\root\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26] FF Plugin: @java.com/DTPlugin,version=11.202.2 -> C:\Program Files\Java\jre1.8.0_202\bin\dtplugin\npDeployJava1.dll [2019-03-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.202.2 -> C:\Program Files\Java\jre1.8.0_202\bin\plugin2\npjp2.dll [2019-03-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-01-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) [Brak podpisu cyfrowego] FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2017-06-15] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @comarch.com/NOL,version=3.0 -> C:\Program Files (x86)\Common Files\NOL3\npn30plugin.dll [2018-04-11] (COMARCH S.A.) [Brak podpisu cyfrowego] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-01-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-01-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-2045199433-3875941024-3544520789-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\root\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\enablesys-certs.js [2020-03-29] Chrome: ======= CHR Profile: C:\Users\root\AppData\Local\Google\Chrome\User Data\Default [2022-06-21] CHR Notifications: Default -> hxxps://best.aliexpress.com; hxxps://de.aliexpress.com; hxxps://mi-home.pl; hxxps://poe.trade; hxxps://www.boardpc.pl; hxxps://www.pathofexile.com; hxxps://www.pkobp.pl CHR Extension: (Tłumacz Google) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-17] CHR Extension: (Magic Actions for YouTube™) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2021-05-15] CHR Extension: (Image downloader - Imageye) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\agionbommeaifngbhincahgmoflcikhm [2022-06-18] CHR Extension: (BetterTTV) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2022-06-03] CHR Extension: (7TV) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2022-05-13] CHR Extension: (WhatsChrome) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2018-02-23] CHR Extension: (Microsoft Defender Browser Protection) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbeeeffjjeopflfhgeknacdieedcoml [2020-06-04] CHR Extension: (Tab Resize - split screen layouts) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkpenclhmiealbebdopglffmfdiilejc [2021-04-09] CHR Extension: (Honey: Automatic Coupons & Cash Back) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2022-06-18] CHR Extension: (OneNote Online) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2018-02-23] CHR Extension: (uBlock Origin) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-06-19] CHR Extension: (Tampermonkey) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-05-26] CHR Extension: (Dark Mode) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2022-06-18] CHR Extension: (Alitools — asystent zakupów) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenflijjbchafephdplkdmeenekabdfb [2022-05-27] CHR Extension: (Adobe Acrobat: edycja plików PDF, konwertowanie, narzędzia podpisywania) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-06-17] CHR Extension: (WebRTC Leak Prevent) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiadekoaikejlgdbkbdfeijglgfdalml [2019-06-02] CHR Extension: (FrankerFaceZ) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2021-04-11] CHR Extension: (Better PathOfExile Trading) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhlinfpmdlijegjlpgedcmglkakaghnk [2021-11-09] CHR Extension: (Panic Button Plus) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifhdbcbihllaneapjoabnoaoejhieok [2018-02-28] CHR Extension: (Stylish - Custom themes for any website) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2022-06-20] CHR Extension: (HTTPS Everywhere) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-05-27] CHR Extension: (Dokumenty Google offline) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-20] CHR Extension: (Super Easy Auto Refresh) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\globgafddkdlnalejlkcpaefakkhkdoa [2020-10-03] CHR Extension: (OneNote Web Clipper) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojbdfnpnhogfdgjbigejoaolejmgdhk [2022-04-24] CHR Extension: (Backit Plugin) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdhpmpfpcnbboppkkkblilhbloejijj [2022-05-05] CHR Extension: (Śledzenie cen AliExpress - AliPrice Asystent) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihlaoogegdjakmdbpbilijdghoggkim [2020-09-24] CHR Extension: (Highly Highlighter) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjpahjhcglfdopbholajmhpamgblhjhg [2018-11-14] CHR Extension: (Looper for YouTube) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2021-05-30] CHR Extension: (Distill Web Monitor) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\inlikjemeeknofckkjolnjbpehgadgge [2022-04-24] CHR Extension: (GPX Viewer, Reader) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcoebkjfbobjheeoclnjkfgginlaefnb [2021-03-17] CHR Extension: (Ninja Cookie) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifeafcpcjjgnlcnkffmeegehmnmkefl [2022-06-19] CHR Extension: (ClearURLs) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\lckanjgmijmafbedllaakclkaicjfmnk [2022-04-13] CHR Extension: (Decentraleyes) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2022-02-03] CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2022-05-27] CHR Extension: (Morpheon Dark) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2022-01-24] CHR Extension: (Chrono menadżer pobierania) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2021-02-14] CHR Extension: (Ace Script) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-12-13] CHR Extension: (Ghostery – Bloker reklam chroniący prywatność) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-06-17] CHR Extension: (SponsorBlock na YouTube - Pomiń fragmenty sponsorowane) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjggcdmjocbbbhaepdhchncahnbgone [2022-06-21] CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2022-04-13] CHR Extension: (YouTube NonStop) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2021-10-05] CHR Extension: (Twitch Now) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2020-07-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Bitwarden - darmowy menedżer haseł) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-06-18] CHR Extension: (WebRTC Network Limiter) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2019-06-02] CHR Extension: (DeepL Inside) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoojnfdjhojnpehmonnhckfnealbblf [2022-06-17] CHR Extension: (e-pity - dodatek) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2021-04-22] CHR Extension: (Amazon Assistant for Chrome) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-08-22] CHR Extension: (Privacy Badger) - C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2021-11-28] CHR Profile: C:\Users\root\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-13] CHR HKU\S-1-5-21-2045199433-3875941024-3544520789-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] Opera: ======= OPR Profile: C:\Users\root\AppData\Roaming\Opera Software\Opera Stable [2022-06-21] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\root\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-06-18] OPR Extension: (Opera Crypto Wallet) - C:\Users\root\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-06-18] OPR Extension: (Amazon Assistant Promotion) - C:\Users\root\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-06-18] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ADATA ToolBox Service; C:\Program Files (x86)\ADATA\SSD ToolBox\ToolBoxSvc.exe [6519296 2017-09-27] () [Brak podpisu cyfrowego] R2 Adguard VPN Service; C:\Program Files (x86)\AdGuardVpn\AdGuardVpnSvc.exe [178240 2022-04-25] (Adguard Software Limited -> Adguard Software Ltd) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1638964996365.exe [3195904 2021-12-08] () [Brak podpisu cyfrowego] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.) R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9194920 2022-06-12] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [45408 2022-06-07] (Dropbox, Inc -> Dropbox, Inc.) R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2018-04-17] (Intel(R) Driver & Support Assistant -> Intel) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-12-01] (Epic Games Inc. -> Epic Games, Inc.) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-11-09] (FUTUREMARK INC -> Futuremark) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1990496 2021-12-08] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-12-08] (GOG Sp. z o.o. -> GOG.com) S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-21] (HP Inc. -> HP Inc.) R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2012-02-01] (Intel Corporation) [Brak podpisu cyfrowego] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation) R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39551488 2017-12-28] () [Brak podpisu cyfrowego] S3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [310136 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.) R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2021-06-07] (nordvpn s.a. -> TEFINCOM S.A.) R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [281464 2022-02-18] (nordvpn s.a. -> TEFINCOM S.A.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts) R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [3020800 2021-12-08] () [Brak podpisu cyfrowego] S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [146608 2022-06-17] (Oculus VR, LLC -> Facebook Technologies, LLC) R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [513200 2022-06-17] (Oculus VR, LLC -> Facebook Technologies, LLC) R2 postgresql-x64-11; C:\Program Files\PostgreSQL\11\bin\pg_ctl.exe [106496 2018-11-07] (PostgreSQL Global Development Group) [Brak podpisu cyfrowego] R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2019-04-25] () [Brak podpisu cyfrowego] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254368 2022-06-19] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Synergy; C:\Program Files (x86)\Synergy\synergyd.exe [250536 2017-03-03] (Symless Ltd. -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH) R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector) R2 Tomcat9; C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9.exe [114600 2019-03-13] (The Apache Software Foundation -> Apache Software Foundation) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-13] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-02-26] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-02-26] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [42472 2019-07-12] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 mshield; C:\WINDOWS\System32\DRIVERS\mshield.sys [41032 2022-03-14] (nordvpn s.a. -> Nordvpn S.A.) R2 NDivert; C:\Program Files\NordVPN\6.46.5.0\Drivers\NDivert.sys [131456 2022-04-05] (nordvpn s.a. -> Nordvpn S.A.) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) S3 nlwt; C:\WINDOWS\System32\drivers\nlwt.sys [39360 2020-12-01] (TEFINCOM S.A. -> WireGuard LLC) R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.) S3 OCULUSUDSVR; C:\WINDOWS\System32\drivers\OCULUSUD.sys [3867552 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Oculus VR, LLC.) R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [74248 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2019-12-23] (Oculus VR, LLC -> Facebook Inc.) R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [40128 2021-12-08] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 truefi_VirtualDevice; C:\WINDOWS\system32\DRIVERS\truefi.sys [94968 2018-02-19] (SIA Sonarworks -> Sonarworks) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-13] (Microsoft Windows -> Microsoft Corporation) R3 xmosusbaudiost3023; C:\WINDOWS\System32\drivers\xmosusbaudiost3023.sys [275032 2017-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG) R3 xmosusbaudiost3023ks; C:\WINDOWS\System32\drivers\xmosusbaudiost3023ks.sys [52312 2017-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG) S3 MpKsl2201394a; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0EAFAF14-5915-443E-A442-B8A7C0F54A29}\MpKslDrv.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-21 19:20 - 2022-06-21 19:21 - 000052750 _____ C:\Users\root\Downloads\FRST.txt 2022-06-21 19:18 - 2022-06-21 19:20 - 000000000 ____D C:\FRST 2022-06-21 19:17 - 2022-06-21 19:17 - 002369024 _____ (Farbar) C:\Users\root\Downloads\FRST64.exe 2022-06-21 16:42 - 2022-06-21 16:42 - 000036839 _____ C:\Users\root\Downloads\proline_ff-033468-20-cha Seasonic FOCUS GX-850 80Plus Gold 850W haslo 96-500.pdf 2022-06-20 17:57 - 2022-06-20 17:57 - 000606899 _____ C:\Users\root\Downloads\Ćwiczenie PullOff 2022.pdf 2022-06-20 17:56 - 2022-06-20 17:56 - 003512152 _____ C:\Users\root\Downloads\Frosio_M10 2022.pdf 2022-06-20 17:55 - 2022-06-20 17:55 - 088220206 _____ C:\Users\root\Downloads\Frosio 2022.pdf 2022-06-19 06:23 - 2022-06-19 06:23 - 000479744 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2022-06-19 06:23 - 2022-06-19 06:23 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2022-06-19 06:22 - 2022-06-19 06:22 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-06-19 06:22 - 2022-06-19 06:22 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-06-19 06:22 - 2022-06-19 06:22 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2022-06-19 06:22 - 2022-06-19 06:22 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll 2022-06-19 06:22 - 2022-06-19 06:22 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-06-19 06:15 - 2022-06-19 06:15 - 000000000 ___HD C:\$WinREAgent 2022-06-18 12:56 - 2022-06-21 18:30 - 000000000 ____D C:\Users\root\AppData\Roaming\Bitwarden 2022-06-18 12:56 - 2022-06-18 12:56 - 000726664 _____ (Bitwarden Inc.) C:\Users\root\Downloads\Bitwarden-Installer-2022.5.1.exe 2022-06-18 12:56 - 2022-06-18 12:56 - 000002408 _____ C:\Users\root\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitwarden.lnk 2022-06-18 12:56 - 2022-06-18 12:56 - 000002400 _____ C:\Users\root\Desktop\Bitwarden.lnk 2022-06-18 12:56 - 2022-06-18 12:56 - 000000000 ____D C:\Users\root\AppData\Local\bitwarden-updater 2022-06-17 18:26 - 2022-06-19 06:04 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-06-17 18:26 - 2022-06-17 18:26 - 000000000 ____D C:\Program Files\Google 2022-06-08 17:41 - 2022-06-08 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-06-08 17:41 - 2022-06-08 17:41 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput 2022-06-08 17:40 - 2022-06-21 10:49 - 000000000 ____D C:\Users\root\AppData\Roaming\DropboxElectron 2022-06-07 01:55 - 2022-06-07 01:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2022-06-07 01:55 - 2022-06-07 01:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2022-06-07 01:55 - 2022-06-07 01:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2022-06-07 01:55 - 2022-06-07 01:55 - 000045408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2022-05-27 18:55 - 2022-05-27 18:55 - 000000000 ____D C:\ProgramData\NordUpdater 2022-05-27 18:55 - 2022-03-14 14:03 - 000041032 _____ (Nordvpn S.A.) C:\WINDOWS\system32\Drivers\mshield.sys ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-06-21 19:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-06-21 19:09 - 2020-08-19 16:49 - 000004064 _____ C:\WINDOWS\system32\Tasks\4Team updater 2022-06-21 19:07 - 2018-02-23 20:44 - 000000000 ____D C:\Program Files (x86)\Google 2022-06-21 18:25 - 2019-05-02 18:25 - 000000000 ____D C:\Program Files\CCleaner 2022-06-21 14:03 - 2018-03-10 13:06 - 000000000 ____D C:\Users\root\AppData\LocalLow\Mozilla 2022-06-21 13:48 - 2022-01-06 09:51 - 000000000 ____D C:\ProgramData\AdguardVpn 2022-06-21 10:49 - 2018-02-23 20:54 - 000000000 ____D C:\Users\root\AppData\Local\Dropbox 2022-06-21 09:19 - 2018-04-26 20:52 - 000000000 ___RD C:\Users\root\Dropbox 2022-06-21 09:14 - 2018-02-24 11:01 - 000000000 ____D C:\Users\root\AppData\Roaming\TeraCopy 2022-06-21 07:59 - 2018-05-03 22:50 - 000000000 ____D C:\Users\root\AppData\Local\D3DSCache 2022-06-21 07:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-06-21 07:55 - 2020-08-19 16:50 - 001878112 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-06-21 07:55 - 2019-12-07 17:09 - 000823378 _____ C:\WINDOWS\system32\perfh015.dat 2022-06-21 07:55 - 2019-12-07 17:09 - 000171396 _____ C:\WINDOWS\system32\perfc015.dat 2022-06-21 07:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-06-21 07:49 - 2021-12-25 10:53 - 000000000 ____D C:\Users\root\AppData\Roaming\OpenVPN Connect 2022-06-21 07:49 - 2021-01-26 17:18 - 000003114 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner 2022-06-21 07:49 - 2020-05-24 09:58 - 000000000 ____D C:\Users\root\AppData\Roaming\Spotify 2022-06-21 07:49 - 2019-12-23 14:14 - 000000000 ____D C:\Users\root\AppData\Local\Oculus 2022-06-21 07:48 - 2020-08-19 16:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-06-21 07:48 - 2020-08-19 16:37 - 000008192 ___SH C:\DumpStack.log.tmp 2022-06-21 07:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-06-21 07:48 - 2019-05-02 16:50 - 000000000 ____D C:\ProgramData\NVIDIA 2022-06-21 07:48 - 2019-04-28 12:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-06-21 07:48 - 2018-04-04 22:34 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2022-06-21 07:48 - 2018-04-04 22:33 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper 2022-06-20 21:15 - 2021-07-12 16:09 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2022-06-20 21:15 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-06-20 21:15 - 2019-02-06 20:41 - 000000000 ____D C:\Users\root\AppData\Roaming\Origin 2022-06-20 21:15 - 2019-02-06 20:41 - 000000000 ____D C:\ProgramData\Origin 2022-06-20 21:15 - 2018-02-23 20:46 - 000000000 ____D C:\Program Files (x86)\Steam 2022-06-20 21:08 - 2019-02-06 20:41 - 000000000 ____D C:\Users\root\AppData\Local\Origin 2022-06-20 18:38 - 2019-02-06 20:42 - 000000000 ____D C:\Program Files (x86)\Origin 2022-06-19 21:23 - 2020-08-19 16:38 - 000000000 ____D C:\Users\root 2022-06-19 15:42 - 2018-02-23 19:19 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-06-19 15:42 - 2018-02-23 19:19 - 000000000 ____D C:\Users\root\AppData\Local\ConnectedDevicesPlatform 2022-06-19 14:50 - 2018-06-28 16:06 - 000000000 ____D C:\Users\root\AppData\Roaming\.ACEStream 2022-06-19 14:48 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-06-19 14:47 - 2020-08-19 16:37 - 000465160 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-06-19 14:44 - 2020-08-19 16:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-06-19 14:44 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-06-19 14:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-06-19 14:44 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2022-06-19 06:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-06-19 06:22 - 2020-08-19 16:41 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-06-19 06:15 - 2018-02-23 20:44 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-06-19 06:10 - 2020-08-20 19:16 - 000000000 ____D C:\Program Files (x86)\dotnet 2022-06-19 06:10 - 2018-02-24 18:27 - 000000000 ____D C:\ProgramData\Package Cache 2022-06-19 06:10 - 2018-02-23 20:44 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-06-19 06:09 - 2021-02-05 16:33 - 000000000 ____D C:\Users\Default\.dotnet 2022-06-19 06:09 - 2020-08-20 19:16 - 000000000 ____D C:\Program Files\dotnet 2022-06-19 06:08 - 2018-02-26 20:58 - 000000000 ____D C:\Program Files\Microsoft Office 2022-06-19 06:04 - 2018-03-10 13:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-06-18 16:36 - 2021-07-12 16:29 - 000000000 ____D C:\Users\root\AppData\Local\AMD_Common 2022-06-18 12:57 - 2020-08-14 15:04 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-06-18 12:57 - 2020-08-14 15:04 - 000002294 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-06-17 20:35 - 2018-07-18 17:07 - 000000000 ____D C:\Users\root\AppData\Roaming\qBittorrent 2022-06-17 18:39 - 2021-11-13 20:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-06-17 18:39 - 2018-03-10 13:06 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-06-17 18:29 - 2019-12-23 14:00 - 000000000 ____D C:\Program Files\Oculus 2022-06-17 18:27 - 2021-12-12 20:38 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2045199433-3875941024-3544520789-1001 2022-06-17 18:27 - 2020-08-19 16:49 - 000003352 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2045199433-3875941024-3544520789-1001 2022-06-17 18:27 - 2020-08-19 16:38 - 000002432 _____ C:\Users\root\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-06-17 18:25 - 2018-11-08 18:35 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2022-06-14 17:38 - 2018-02-23 20:44 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-06-14 17:36 - 2021-10-15 18:16 - 000004372 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582439510 2022-06-14 17:36 - 2018-04-15 06:19 - 000000000 ____D C:\Users\root\AppData\Local\CrashDumps 2022-06-14 17:33 - 2020-08-19 16:49 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-06-14 17:33 - 2020-08-19 16:49 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-06-08 17:41 - 2021-12-25 20:26 - 002762208 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2022-06-08 17:41 - 2021-12-25 20:26 - 000402920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2022-06-08 17:41 - 2021-12-25 20:26 - 000230864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2022-06-08 17:41 - 2021-12-25 20:26 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2022-06-08 17:41 - 2021-12-25 20:26 - 000136672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2022-06-08 17:41 - 2021-12-25 20:26 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2022-06-08 17:41 - 2021-12-25 20:26 - 000062928 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2022-06-08 17:41 - 2018-02-23 20:54 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-06-06 18:15 - 2020-08-19 16:49 - 000004162 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1556388948 2022-06-06 18:15 - 2019-04-27 20:15 - 000001414 _____ C:\Users\root\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2022-06-03 18:04 - 2018-06-16 06:17 - 000000000 ____D C:\ProgramData\Packages 2022-05-27 21:36 - 2018-05-04 22:34 - 000000000 ____D C:\ProgramData\Napisy24 2022-05-27 18:56 - 2018-11-26 23:53 - 000000000 ____D C:\Users\root\AppData\Local\NordVPN 2022-05-27 18:55 - 2022-04-20 17:59 - 000000000 ____D C:\Program Files\NordUpdater 2022-05-27 18:55 - 2020-09-28 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec 2022-05-27 18:55 - 2020-07-18 10:55 - 000001784 _____ C:\Users\root\Desktop\NordVPN.lnk 2022-05-27 18:55 - 2020-07-18 10:55 - 000000000 ____D C:\Program Files\NordVPN 2022-05-27 17:15 - 2020-08-19 16:49 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-05-27 16:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-05-26 17:32 - 2021-08-22 11:57 - 000002174 _____ C:\Users\root\Desktop\DeepL.lnk 2022-05-26 17:32 - 2021-08-22 11:57 - 000000000 ____D C:\Users\root\AppData\Local\DeepL ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-12-28 17:48 - 2019-12-28 17:48 - 000000000 _____ () C:\Users\root\AppData\Roaming\.OculusDebugToolGUI 2018-04-13 21:48 - 2018-04-13 21:48 - 000000634 _____ () C:\Users\root\AppData\Roaming\jd-gui.cfg 2018-02-28 19:53 - 2018-02-28 19:53 - 000000385 _____ () C:\Users\root\AppData\Roaming\regdatels.dat 2019-04-12 21:12 - 2019-04-12 21:12 - 000000000 _____ () C:\Users\root\AppData\Roaming\True-Fi.log 2018-03-03 22:21 - 2018-12-04 19:59 - 000000600 _____ () C:\Users\root\AppData\Roaming\winscp.rnd 2018-09-27 18:37 - 2018-11-08 18:36 - 001065984 _____ () C:\Users\root\AppData\Local\file__0.localstorage 2018-12-22 10:14 - 2018-12-22 10:14 - 000000001 _____ () C:\Users\root\AppData\Local\llftool.4.40.agreement 2022-02-04 20:51 - 2022-02-04 20:51 - 000018681 _____ () C:\Users\root\AppData\Local\recently-used.xbel 2018-12-27 16:33 - 2021-01-16 23:41 - 000007669 _____ () C:\Users\root\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================