Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 18.03.2024 Uruchomiony przez Domek (administrator) DESKTOP-V23S55R (19-03-2024 01:30:34) Uruchomiony z C:\Users\Domek\Downloads\FRST64.exe Załadowane profile: Domek Platforma: Microsoft Windows 10 Home Wersja 22H2 19045.4170 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2> (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <21> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\13.0.0.8122\AdskLicensingService\AdskLicensingService.exe (services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (services.exe ->) (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELFIN\MSSQL\Binn\sqlservr.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.243\WsAppService.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe (svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (svchost.exe ->) (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-07-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-07-25] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [] => [X] HKLM\...\Run: [SimplySignDesktop] => C:\Program Files (x86)\Certum\SimplySign Desktop\SimplySignDesktop.exe [1189456 2020-06-04] (Asseco Data Systems S.A. -> Asseco Data Systems S.A.) HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe [20689696 2024-02-07] (Autodesk, Inc. -> Autodesk, Inc.) HKLM-x32\...\Run: [AutoRegisterCerts] => C:\Program Files (x86)\Certum\proCertum CardManager\cryptoCertumScanner.exe [171088 2020-12-01] (Asseco Data Systems S.A. -> Certum) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [333264 2023-01-17] (Avira Operations GmbH -> Avira Operations GmbH) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SimplySignDesktop] => C:\Program Files (x86)\Certum\SimplySign Desktop\SimplySignDesktop.exe [1189456 2020-06-04] (Asseco Data Systems S.A. -> Asseco Data Systems S.A.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Program Files\Autodesk\Genuine Service\GenuineService.exe [3499016 2023-11-13] (Autodesk, Inc. -> Autodesk) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKU\S-1-5-21-292459351-3630904960-2125800452-1001\...\Run: [] => [X] HKU\S-1-5-21-292459351-3630904960-2125800452-1001\...\Run: [MicrosoftEdgeAutoLaunch_E43C76CD8ACA8DA1DA1D206CBE5CF888] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-292459351-3630904960-2125800452-1001\...\Run: [Discord] => C:\Users\Domek\AppData\Local\Discord\Update.exe [1525016 2023-02-13] (Discord Inc. -> GitHub) HKU\S-1-5-21-292459351-3630904960-2125800452-1001\...\Policies\Explorer: [] HKLM\...\Print\Monitors\HP 6012 Status Monitor: C:\Windows\system32\hpinksts6012LM.dll [331664 2012-08-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\Windows\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.129\Installer\chrmstp.exe [2024-03-15] (Google LLC -> Google LLC) Startup: C:\Users\Domek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 2050 J510 series.lnk [2024-03-18] ShortcutAndArgument: Powiadomienia monitorowania tuszu - HP Deskjet 2050 J510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 2050 J510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN0C83P1PP05D1;CONNECTION=USB;MONITOR=1; Startup: C:\Users\Domek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2023-10-16] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {583E4113-5ECA-48E5-868E-5F207816A51B} - \Opera scheduled assistant Autoupdate 1555587409 -> Brak pliku <==== UWAGA Task: {933C8A16-7A7D-452D-97D3-D9CC21F1D581} - \Opera scheduled assistant Autoupdate 1569575472 -> Brak pliku <==== UWAGA Task: {7B0BAA55-ED53-4601-98F6-959CEE256E6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {34F37036-B856-40A9-B305-74354EC75339} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe -check pepperplugin (Brak pliku) Task: {53364C61-7DE2-4175-8358-69B085AAC8C9} - System32\Tasks\Avira_FallbackUpdater => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false Task: {669E5E6E-C3F1-412F-8372-7FA727DA5B82} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry Task: {669E5E6E-C3F1-412F-8372-7FA727DA5B82} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog Task: {669E5E6E-C3F1-412F-8372-7FA727DA5B82} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector Task: {13176CBC-C675-4CC7-85B3-3FE9F0983B8C} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [260832 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH) Task: {344E7041-06DA-48D4-9942-2D0176A6FFF4} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1825360 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH) Task: {9BB862A9-BC18-491C-8125-FFDB70FE62DF} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {2E1FE6CF-E9C8-433E-906D-A3B2CB9EBE32} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{FC502161-9273-4850-9423-CB8328AA146C} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC) Task: {AE357E96-ADB6-4648-BC02-4E3E1447EC56} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [4119656 2012-10-02] (Hewlett Packard -> Hewlett-Packard Co.) Task: {D03F0724-4AD6-45EB-B44C-D65D7C8273FB} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {85FF2CCE-51E3-4496-8EB8-FB6195B8BF6E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-08] (Microsoft Corporation -> Microsoft Corporation) Task: {870A0A6B-37C8-4240-A081-DFC41FD272E1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-08] (Microsoft Corporation -> Microsoft Corporation) Task: {8AA7AC87-1B2B-4E2B-8954-8D0BFE1E8A78} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [220824 2024-03-08] (Microsoft Corporation -> Microsoft Corporation) Task: {F1A052ED-F419-4BD5-8406-ACD0FEF282A6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [220824 2024-03-08] (Microsoft Corporation -> Microsoft Corporation) Task: {8247E18D-9834-46EF-9717-4DDDD5D834F1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Odmowa dostępu] Task: {FEEDCC58-7FB8-4F09-9E2D-3CE8137DF28A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Odmowa dostępu] Task: {5D4508EC-FDD5-4097-8469-9A106F72D271} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Odmowa dostępu] Task: {DB5F86B0-228E-40C8-826D-C2EEDEF79D56} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {08B19994-4853-4BFE-908F-600D55C5EDB5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {4C188BFB-BA8A-404F-890E-E174D7B0B2BE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation) Task: {14D01D69-ACBA-4239-A888-E2385ED7E4BB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4B1D608A-FECD-495A-A766-2B4605EB4228} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {ECDD97CF-AD7F-409D-B320-D03D17F876FB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0FEEDE35-A849-41F2-9FCC-1FA811321FFC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9803EE64-D7AC-4F5D-93DC-75491F4BF625} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {386AFD7D-2A6F-407B-8A7C-FECF8C9CB3BA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2A243E51-D0B9-4295-B724-A2BD983C14EC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5BF7D4DB-44F7-4E88-9410-7E26215FB292} - System32\Tasks\Opera scheduled Autoupdate 1567707967 => C:\Users\Domek\AppData\Local\Programs\Opera\launcher.exe [1832864 2024-02-22] (Opera Norway AS -> Opera Software) Task: {3FDB7EAB-DE1A-4EE1-BDA1-4E5B14A08CC3} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2053984 2017-10-31] (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) Task: {E6734FA1-A6BE-4EF4-8442-2BAF9615FD90} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-05-10] (Corel Corporation -> Corel Corporation) Task: {DEBE9FE5-866B-4375-A885-291DA6CE8EB6} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-05-10] (Corel Corporation -> Corel Corporation) Task: {AD621B31-D574-4820-B825-0AB1D8AB4911} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-05-10] (Corel Corporation -> Corel Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== UWAGA (Ograniczenia - Zones) ProxyServer: [S-1-5-21-292459351-3630904960-2125800452-1001] => localhost:8888 Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{68f11ffe-629b-4f7e-b490-5166150fbafd}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{68f11ffe-629b-4f7e-b490-5166150fbafd}: [DhcpDomain] home Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Domek\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-19] Edge DownloadDir: Default -> C:\Users\Domek\Downloads Edge Notifications: Default -> hxxps://bezprawnik.pl; hxxps://biznes.interia.pl; hxxps://dorzeczy.pl; hxxps://fakty.interia.pl; hxxps://gotowanie.onet.pl; hxxps://kobieta.interia.pl; hxxps://lawyersfavorite.com; hxxps://paydayville.com; hxxps://plejada.pl; hxxps://womensmethod.com; hxxps://www.interia.pl; hxxps://www.money.pl; hxxps://www.o2.pl; hxxps://www.pomponik.pl; hxxps://www.poradnikzdrowie.pl; hxxps://www.poradyiwskazowki.pl; hxxps://www.styl.pl Edge StartupUrls: Default -> "hxxps://google.pl/" Edge Extension: (Vimeo™ Downloader Professional) - C:\Users\Domek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\djoaeeecceeaooegmnfgagjgmcjijmmg [2023-12-03] Edge Extension: (Dokumenty Google offline) - C:\Users\Domek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01] Edge Extension: (Edge relevant text changes) - C:\Users\Domek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28] Edge Extension: (Antisuppression Reading Bars) - C:\Users\Domek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kebomdjipbhpnlhamgnckhlobfgnabhk [2023-12-25] Edge Extension: (Free VPN for Edge - VPN Proxy VeePN) - C:\Users\Domek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\panammoooggmlehahpcjckcncfeffcoi [2024-03-13] FireFox: ======== FF DefaultProfile: 45kkexzv.default FF ProfilePath: C:\Users\Domek\AppData\Roaming\Mozilla\Firefox\Profiles\45kkexzv.default [2019-09-05] FF Extension: (Avira Password Manager) - C:\Users\Domek\AppData\Roaming\Mozilla\Firefox\Profiles\45kkexzv.default\Extensions\passwordmanager@avira.com [2019-09-05] FF Plugin-x32: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default [2024-03-19] CHR Notifications: Default -> hxxps://fakty.interia.pl; hxxps://mail.google.com; hxxps://mi-home.pl; hxxps://nt.interia.pl; hxxps://sportowefakty.wp.pl; hxxps://swiatseriali.interia.pl; hxxps://vod.pl; hxxps://wiadomosci.wp.pl; hxxps://www.interia.pl; hxxps://www.money.pl; hxxps://www.o2.pl; hxxps://www.onet.pl; hxxps://www.pkobp.pl; hxxps://www.styl.pl; hxxps://www.wp.pl CHR Extension: (Get cookies.txt) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgaddhkoddajcdgocldbbfleckgcbcid [2023-02-21] CHR Extension: (Video Downloader) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfejhehdhaaeoiahaojjhmjaihjaodcf [2022-09-02] CHR Extension: (Easy Video Downloader) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaicplkoeceoelookkiaeekhodehdhde [2024-02-03] CHR Extension: (HLS Downloader) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopnhepeflgcnppklfnejokkkeomdgik [2023-11-19] CHR Extension: (Szafir SDK Web) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjalhnomhafafofonpdihihjnbafkipc [2022-06-23] CHR Extension: (Nagrywarka ekranu - Screen Recorder) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniebljpgcogalllopnjokppmgbhaden [2023-05-07] CHR Extension: (Referer Control) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkcfpcejkafcihlgbojoidoihckciin [2021-02-23] CHR Extension: (Antisuppression Reading Bars) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kebomdjipbhpnlhamgnckhlobfgnabhk [2023-12-25] CHR Extension: (Vimego - Vimeo™ Video Downloader) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffmjlddchdccijipncbjhoabgmphjfb [2023-12-14] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02] CHR Extension: (PDF Viewer) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2023-07-10] CHR Extension: (Open Multiple URLs) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifijhaokejakekmnjmphonojcfkpbbh [2023-11-28] CHR Profile: C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-11] CHR Profile: C:\Users\Domek\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-11] Opera: ======= OPR DefaultProfile: Default ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [15280648 2022-11-23] (Autodesk, Inc. -> Autodesk) R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [11630368 2024-02-07] (Autodesk, Inc. -> Autodesk, Inc.) S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6782232 2024-01-17] (Avira Operations GmbH -> Avira Operations GmbH) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [389096 2023-09-06] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [268600 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH) S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [298400 2024-01-16] (Avira Operations GmbH -> Avira Operations GmbH) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-08] (Microsoft Corporation -> Microsoft Corporation) R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11384664 2024-03-11] (Avira Operations GmbH -> Avira Operations GmbH) S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11384664 2024-03-11] (Avira Operations GmbH -> Avira Operations GmbH) S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC) S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-05] (HP Inc. -> HP Inc.) R2 MBAMService; C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMService.exe [9410296 2024-01-28] (Malwarebytes Inc. -> Malwarebytes) R2 MSSQL$ELFIN; C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELFIN\MSSQL\Binn\sqlservr.exe [62218696 2012-06-29] (Microsoft Corporation -> Microsoft Corporation) S4 SQLAgent$ELFIN; C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELFIN\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-29] (Microsoft Corporation -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-08-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [780328 2019-08-16] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.243\WsAppService.exe [495392 2019-06-13] (Wondershare Technology Co.,Ltd -> Wondershare) R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare) S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ACSSCR; C:\WINDOWS\system32\DRIVERS\a38usb.sys [86880 2018-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.) R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [176712 2024-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH) R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-05-22] (Avira Operations GmbH -> Avira Operations GmbH) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2024-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-03-18] (Malwarebytes Inc. -> Malwarebytes) R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation -> Microsoft Corporation) R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [411464 2024-03-11] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [411576 2024-03-11] (Avira Operations GmbH -> Avira Operations GmbH) S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28784 2023-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-14] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-14] (Microsoft Windows -> Microsoft Corporation) S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-03-19 01:30 - 2024-03-19 01:34 - 000033633 _____ C:\Users\Domek\Downloads\FRST.txt 2024-03-19 01:00 - 2024-03-19 01:00 - 000000000 ____D C:\Users\Domek\Downloads\FRST-OlderVersion 2024-03-19 00:50 - 2024-03-19 00:50 - 000000000 ____D C:\Users\Domek\AppData\LocalLow\IGDump 2024-03-18 18:19 - 2024-03-18 18:19 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2024-03-15 14:58 - 2024-03-15 14:58 - 000243297 _____ C:\Users\Domek\Downloads\pit (26).pdf 2024-03-15 11:49 - 2024-03-15 11:49 - 000457311 _____ C:\Users\Domek\Downloads\ZP Śląsk - Naprawa dachu.pdf 2024-03-14 16:19 - 2024-03-14 16:20 - 000489333 _____ C:\Users\Domek\Downloads\ZP Mazowsze - Wymiana i naprawa uszkodzonych okien.pdf 2024-03-13 18:16 - 2024-03-13 18:16 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-03-13 18:14 - 2024-03-13 18:14 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-03-13 17:08 - 2024-03-13 17:08 - 000000000 ___HD C:\$WinREAgent 2024-03-12 19:00 - 2024-03-12 19:00 - 000203361 _____ C:\Users\Domek\Downloads\OFR-1141-SKRZYPEK 1.pdf 2024-03-12 19:00 - 2024-03-12 19:00 - 000201899 _____ C:\Users\Domek\Downloads\OFR-1141-SKRZYPEK 3.pdf 2024-03-12 19:00 - 2024-03-12 19:00 - 000187817 _____ C:\Users\Domek\Downloads\OFR-1141-SKRZYPEK 4.pdf 2024-03-12 19:00 - 2024-03-12 19:00 - 000187535 _____ C:\Users\Domek\Downloads\OFR-1141-SKRZYPEK 2.pdf 2024-03-11 21:36 - 2024-03-11 21:36 - 000411576 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp2.sys 2024-03-11 21:36 - 2024-03-11 21:36 - 000411464 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp1.sys 2024-03-10 19:50 - 2024-03-10 19:50 - 000250760 _____ C:\Users\Domek\Downloads\pit (1).pdf 2024-03-10 18:01 - 2024-03-10 18:01 - 000062277 _____ C:\Users\Domek\Downloads\upo (5).pdf 2024-03-10 17:54 - 2024-03-10 17:54 - 000002350 _____ C:\Users\Domek\Downloads\PIT-37(30)_10-03-2024-17-54-28_2948db8e299f2c989141790a8100cb92.xml 2024-03-10 17:53 - 2024-03-10 17:53 - 000002350 _____ C:\Users\Domek\Downloads\PIT-37(30)_10-03-2024-17-53-57_2948db8e299f2c989141790a8100cb92.xml 2024-03-10 17:53 - 2024-03-10 17:53 - 000000052 _____ C:\Users\Domek\Downloads\numer-referencyjny-10-03-2024-17-53-51.txt 2024-03-10 17:51 - 2024-03-10 17:51 - 000001954 _____ C:\Users\Domek\Downloads\PIT-37(30)_v_8K.xml 2024-03-10 17:11 - 2024-03-10 17:11 - 032988112 ____N (e-file sp. z o.o. sp.k. ) C:\Users\Domek\Downloads\setup_e-pity2023_lpep37--64bit.exe 2024-03-10 17:09 - 2024-03-10 17:09 - 000275779 _____ C:\Users\Domek\Downloads\PIT-37_(30)24.pdf 2024-03-04 16:19 - 2024-03-04 16:19 - 004921038 _____ C:\Users\Domek\Downloads\DGR Lower Core.zip 2024-03-03 17:37 - 2024-03-03 17:37 - 000136264 _____ C:\Users\Domek\Downloads\fv_1100_03_2024_NK-FIN.pdf 2024-03-03 17:37 - 2024-03-03 17:37 - 000062590 _____ C:\Users\Domek\Downloads\Purchase Order-32157023pl.pdf 2024-02-27 19:19 - 2024-02-27 19:19 - 000010080 _____ C:\Users\Domek\Downloads\Kosztorys ślepy (3).ods 2024-02-27 19:16 - 2024-02-27 19:16 - 000147002 _____ C:\Users\Domek\Downloads\Kosztorys.pdf 2024-02-27 19:16 - 2024-02-27 19:16 - 000010080 _____ C:\Users\Domek\Downloads\Kosztorys ślepy (2).ods 2024-02-26 02:15 - 2024-02-26 02:16 - 000160782 _____ C:\Users\Domek\Downloads\plus1.pdf 2024-02-25 21:01 - 2024-02-25 21:01 - 002949816 _____ (Opera Software) C:\Users\Domek\Downloads\OperaSetup.exe 2024-02-24 21:30 - 2024-02-24 21:30 - 000000000 ____D C:\Users\Domek\Documents\Zoom 2024-02-24 21:25 - 2024-02-24 21:25 - 000000000 ____D C:\Users\Domek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2024-02-24 18:40 - 2024-02-24 18:40 - 017468719 _____ C:\Users\Domek\Downloads\Umowa (1).pdf 2024-02-24 18:39 - 2024-02-24 18:39 - 000009699 _____ C:\Users\Domek\Downloads\Kosztorys ślepy.ods 2024-02-24 18:39 - 2024-02-24 18:39 - 000009699 _____ C:\Users\Domek\Downloads\Kosztorys ślepy (1).ods 2024-02-22 21:00 - 2024-02-22 21:02 - 1493183413 _____ C:\Users\Domek\Downloads\M3 Bridge.rar 2024-02-21 23:40 - 2024-02-21 23:40 - 000676681 _____ C:\Users\Domek\Downloads\PIT-11_(29)11 (1).pdf 2024-02-21 23:35 - 2024-02-21 23:35 - 000016053 _____ C:\Users\Domek\Downloads\Pit11-Grabski.pdf 2024-02-21 23:31 - 2024-02-21 23:31 - 000000000 _____ C:\Users\Domek\Downloads\ca3dc533-2b64-48cc-95d7-2a31850ff1a2 2024-02-20 19:06 - 2024-02-20 19:06 - 000068750 _____ C:\Users\Domek\Downloads\7681707105_20_1_2024(19_6)_wydruk.pdf 2024-02-20 19:04 - 2024-02-20 19:04 - 000068643 _____ C:\Users\Domek\Downloads\7681225889_20_1_2024(19_4)_wydruk.pdf 2024-02-20 19:03 - 2024-02-20 19:03 - 000068548 _____ C:\Users\Domek\Downloads\7681712069_20_1_2024(19_3)_wydruk.pdf 2024-02-18 20:09 - 2024-02-18 20:10 - 000481929 _____ C:\Users\Domek\Downloads\Gerlach - Prace remontowe.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-03-19 01:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-03-19 01:32 - 2019-09-05 09:32 - 000000000 ____D C:\FRST 2024-03-19 01:28 - 2023-05-09 12:52 - 000000000 ____D C:\Users\Domek\AppData\Local\Malwarebytes 2024-03-19 01:00 - 2023-04-12 23:02 - 002390528 _____ (Farbar) C:\Users\Domek\Downloads\FRST64.exe 2024-03-19 00:53 - 2019-08-26 20:48 - 000000000 ____D C:\Program Files (x86)\Samsung 2024-03-19 00:53 - 2018-01-20 14:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2024-03-19 00:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-03-18 23:44 - 2020-07-30 22:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-03-18 18:26 - 2020-03-18 21:03 - 000000000 ____D C:\Users\Domek\Desktop\Dokumenty 2024-03-18 18:26 - 2018-11-09 14:58 - 000000000 ____D C:\Users\Domek\AppData\Roaming\Microsoft\Word 2024-03-18 18:14 - 2018-07-20 09:55 - 000000000 ____D C:\Users\Domek\AppData\Local\D3DSCache 2024-03-18 18:13 - 2023-03-09 19:09 - 000000000 ____D C:\Users\Domek\AppData\Roaming\discord 2024-03-18 18:01 - 2019-08-22 12:12 - 000000000 ____D C:\Users\Domek\Desktop\Shouder&Hip_Blueprint 2024-03-18 17:57 - 2018-11-09 22:03 - 000000000 ____D C:\Users\Domek\AppData\Roaming\Microsoft\Excel 2024-03-18 17:12 - 2023-03-09 19:09 - 000000000 ____D C:\Users\Domek\AppData\Local\Discord 2024-03-18 13:19 - 2023-10-06 15:49 - 000000000 ____D C:\ProgramData\boost_interprocess 2024-03-18 13:15 - 2018-01-20 14:48 - 000000000 ____D C:\ProgramData\NVIDIA 2024-03-18 13:06 - 2021-12-18 02:23 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-03-18 13:03 - 2020-07-30 23:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-03-18 13:03 - 2020-07-30 22:52 - 000008192 ___SH C:\DumpStack.log.tmp 2024-03-18 02:38 - 2023-02-16 02:20 - 001774816 _____ C:\WINDOWS\system32\rtp.db 2024-03-18 02:38 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-03-16 19:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-03-16 19:13 - 2020-06-10 11:02 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-03-16 19:13 - 2020-06-10 11:02 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-03-15 17:31 - 2021-12-13 15:28 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-292459351-3630904960-2125800452-1001 2024-03-15 17:31 - 2020-07-30 23:22 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-292459351-3630904960-2125800452-1001 2024-03-15 17:31 - 2020-07-30 21:45 - 000002423 _____ C:\Users\Domek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-03-15 00:45 - 2018-01-20 14:56 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-03-15 00:45 - 2018-01-20 14:56 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-03-14 14:36 - 2022-09-10 14:35 - 000000000 ____D C:\Users\Domek\AppData\Roaming\com.adobe.dunamis 2024-03-14 14:29 - 2023-03-09 19:09 - 000002227 _____ C:\Users\Domek\Desktop\Discord.lnk 2024-03-14 02:47 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-03-14 02:44 - 2020-07-30 22:53 - 000432648 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-03-14 02:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-03-14 02:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-03-14 02:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-03-14 02:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-03-14 02:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-03-14 02:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-03-14 02:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-03-14 02:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2024-03-13 19:51 - 2022-10-13 21:58 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2024-03-13 18:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-03-13 18:14 - 2020-07-30 22:57 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-03-13 16:30 - 2018-02-09 22:20 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-03-13 16:23 - 2018-02-09 22:19 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-03-11 21:36 - 2022-06-29 11:10 - 000176712 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\BdNet.sys 2024-03-08 18:03 - 2018-11-09 14:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-03-08 15:46 - 2022-11-14 14:51 - 000000000 ____D C:\Program Files\RUXIM 2024-03-06 00:16 - 2022-01-14 00:05 - 000000000 ____D C:\Users\Domek\AppData\Roaming\Code 2024-03-06 00:15 - 2020-07-30 21:45 - 000000000 ____D C:\Users\Domek\AppData\Roaming\Microsoft\Windows 2024-03-06 00:14 - 2022-01-14 00:04 - 000000000 ____D C:\Users\Domek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2024-03-06 00:13 - 2022-01-14 00:04 - 000000000 ____D C:\Users\Domek\.vscode 2024-03-05 15:55 - 2022-05-19 11:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2024-03-05 15:55 - 2021-11-23 20:20 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2024-03-05 15:44 - 2020-07-30 23:22 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-03-05 15:44 - 2020-07-30 23:22 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-02-29 22:10 - 2023-05-07 15:47 - 000000000 ____D C:\Users\Domek\AppData\Roaming\obs-studio 2024-02-29 15:51 - 2024-01-10 15:12 - 000000000 ____D C:\Users\Domek\Documents\WIBIS 2024 2024-02-29 15:29 - 2021-10-19 13:57 - 000001389 _____ C:\Users\Domek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2024-02-29 15:29 - 2020-07-30 23:22 - 000004248 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1567707967 2024-02-27 19:20 - 2018-02-23 16:29 - 000000000 ____D C:\Users\Domek\AppData\Local\Packages 2024-02-24 21:25 - 2021-09-16 22:56 - 000000000 ____D C:\Users\Domek\AppData\Roaming\Zoom 2024-02-21 23:28 - 2018-04-08 17:46 - 000000000 ____D C:\Users\Domek\Documents\Pity ==================== FLock ============================== 2018-02-09 22:21 C:\WINDOWS\UpdateAssistant ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================