Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-12-2020 Uruchomiony przez q (administrator) DESKTOP-O65UTF3 (LENOVO 80V4) (15-12-2020 18:10:07) Uruchomiony z C:\Users\q\Desktop Załadowane profile: q Platform: Windows 10 Home Wersja 2004 19041.685 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe () [Brak podpisu cyfrowego] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_09afa4e14ee4fad2\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_09afa4e14ee4fad2\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_09afa4e14ee4fad2\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_09afa4e14ee4fad2\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_bff7913eb62bbf90\aesm_service.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (LENOVO -> Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2010.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <13> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Solid Documents -> Solid Documents Limited) C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\q\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16681728 2016-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [736768 2016-02-04] () [Brak podpisu cyfrowego] HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKLM-x32\...\RunOnce: [] => [X] HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\q\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-08-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\Run: [EPSDNMON] => "" HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\Run: [GoogleChromeAutoLaunch_912380A8932988DD38CA2E2787DA1B8E] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 HKLM\...\Windows x64\Print Processors\KOBS4A_P: C:\Windows\System32\spool\prtprocs\x64\KOBS4A_P.DLL [50680 2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\EPSON L386 Series 64MonitorBE: C:\Windows\system32\E_YLMBRPE.DLL [182784 2015-12-09] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\Solid PDF Port Monitor: C:\Windows\system32\solidlocalmon.dll [30640 2016-09-07] (Solid Documents -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\87.1.18.70\Installer\chrmstp.exe [2020-12-10] (Brave Software, Inc. -> Brave Software, Inc.) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {067DE64E-A067-42A4-9F2A-C095FB9C28BB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) Task: {09F2FC39-A327-4922-932A-77C6096B22F7} - System32\Tasks\EPSON L386 Series Update {21C03F6B-FD56-486D-B5D5-FD3FF57B4C44} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRPE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {0D17BB05-9095-425D-8325-E715C0EFF71A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-16] (Adobe Inc. -> Adobe) Task: {14E9AE9F-6EAF-4EB0-B889-42EC52018609} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {1869F6DF-B373-47E8-8859-394F4DCCAB3D} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {1D0D5AF9-EDFB-417C-B938-20D5E1969BAC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {23EB48E4-F41E-492E-9FCE-6FE06E0648C2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\46b33942-bf11-4c96-b80d-b344f1a35d64 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.) Task: {2BDE4E96-14E3-4B96-A62A-8DC20D6653A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) Task: {3227B635-0047-452E-937B-634040C5FB6D} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1448178001-3530575419-1287885553-1001 => C:\Users\q\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {42899409-1133-40B9-BE1E-260130051DE3} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.) Task: {431130FC-8A4D-4718-A798-DA67D0E3ABB2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-16] (Adobe Inc. -> Adobe) Task: {4506D1D7-0BE9-4781-B979-A5BE08329064} - System32\Tasks\wyłaczanie => shutdown [Argument = /S/F] Task: {48330E61-A819-4801-A075-35232DB3B43B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) Task: {4B41A9E3-EA6C-43A0-9FE3-554240A8D872} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {52218EB1-2A28-4928-9279-3BADE9A08167} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-04-22] (CyberLink Corp. -> CyberLink Corp.) Task: {542055C6-AF3A-43D7-AD4F-CD0A05E19D0D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-15] (Google Inc -> Google Inc.) Task: {60AC0F68-1CA2-4BE1-A5E3-FEF9E8F4C299} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {636F83B6-95BE-4FA9-AFCF-8017F7CF85F3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService Task: {657E7712-33BF-48CE-B77D-C8495AE68A73} - System32\Tasks\App Explorer => C:\Users\q\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7949992 2020-09-04] (SweetLabs Inc. -> SweetLabs, Inc) <==== UWAGA Task: {823765AA-AC67-4104-A2BA-55C5AF9C9105} - System32\Tasks\EPSON L386 Series Update {CCDFE5F7-ECBF-4C0E-A80B-139D86EBF778} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRPE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {84A305BE-F7DC-444B-9978-2FC1A15B2BDC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {8B656553-6875-4595-8395-E7438CCE76FB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {940ADD51-59A1-4491-89D5-0887F102C515} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.) Task: {9724DCD7-209C-4FA6-BEE9-E3F3819F8778} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {A1B6F64E-7409-402B-80C5-AC0481F6DC9E} - System32\Tasks\Nvbackend => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AE77F9E4-DA11-4387-9353-22C62877BDD0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\58eb1558-d5ea-449d-b530-5c9e7a9b30a7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.) Task: {AF819EA3-A63C-4293-87B7-C7A874E48DF9} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-12] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {B91395E3-4F3C-459D-BCBE-7581CB08E3EF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\36bed530-9341-43fe-8170-05e40dce4619 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.) Task: {C1B162DE-157F-4AF6-9B53-36A957C6EADB} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-12] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {C1C73F50-DD2B-4F17-99D6-D9C5F48976FF} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [230632 2020-11-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {CC0B52D2-75FE-4BD4-8680-4E736ED5246A} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.) Task: {D36FE63C-FBC3-419F-B7EC-292BDA567373} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-15] (Google Inc -> Google Inc.) Task: {DAA15E6C-BE2E-4BB4-9CBB-125B96065F51} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {E0D06955-D807-47F4-A5AF-D97A3A6DD611} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {E1B3EB68-2C41-4E41-9330-0D29D342902D} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [30106496 2020-10-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {F60E1B3A-F215-4FFD-BA47-015EEE905F5D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\58ef7ff0-80cf-49a6-b615-0e3e0d4f706d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.) Task: {F6CEB224-2687-4174-B8B9-AAEA03952174} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-23] (Mozilla Corporation -> Mozilla Foundation) Task: {F98A4E0A-0F60-458B-9453-7C555C33D8CE} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\EPSON L386 Series Update {21C03F6B-FD56-486D-B5D5-FD3FF57B4C44}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRPE.EXE:/EXE:{21C03F6B-FD56-486D-B5D5-FD3FF57B4C44} /F:UpdateWORKGROUP\DESKTOP-O65UTF3$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON L386 Series Update {CCDFE5F7-ECBF-4C0E-A80B-139D86EBF778}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRPE.EXE:/EXE:{CCDFE5F7-ECBF-4C0E-A80B-139D86EBF778} /F:UpdateWORKGROUP\DESKTOP-O65UTF3$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{6d2ea3ce-4981-4ad7-b0c9-17c72549017e}: [DhcpNameServer] 192.168.191.10 Tcpip\..\Interfaces\{b6cb38cd-c554-41d4-b062-6e2318d7cba4}: [DhcpNameServer] 192.168.1.254 Edge: ====== Edge Profile: C:\Users\q\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-15] FireFox: ======== FF DefaultProfile: 17qov1jo.default FF ProfilePath: C:\Users\q\AppData\Roaming\Mozilla\Firefox\Profiles\17qov1jo.default [2020-12-15] FF Notifications: Mozilla\Firefox\Profiles\17qov1jo.default -> hxxps://luckpool.org; hxxps://www.facebook.com; hxxps://online.mbank.pl FF Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\q\AppData\Roaming\Mozilla\Firefox\Profiles\17qov1jo.default\Extensions\sp@avast.com.xpi [2020-07-06] FF Extension: (Google Translator for Firefox) - C:\Users\q\AppData\Roaming\Mozilla\Firefox\Profiles\17qov1jo.default\Extensions\translator@zoli.bod.xpi [2018-12-02] FF Extension: (Avast Online Security) - C:\Users\q\AppData\Roaming\Mozilla\Firefox\Profiles\17qov1jo.default\Extensions\wrc@avast.com.xpi [2020-06-18] FF Extension: (Dodatek Google Analytics Opt-out firmy Google) - C:\Users\q\AppData\Roaming\Mozilla\Firefox\Profiles\17qov1jo.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2019-04-04] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%] FF Extension: (Video DownloadHelper) - C:\Users\q\AppData\Roaming\Mozilla\Firefox\Profiles\17qov1jo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-31] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-16] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-07-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-07-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-16] (Adobe Inc. -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-07-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-07-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-12] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-12] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1448178001-3530575419-1287885553-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\q\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-03-28] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF Plugin HKU\S-1-5-21-1448178001-3530575419-1287885553-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\q\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.509\npGatewayNpapi.dll [2019-07-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-1448178001-3530575419-1287885553-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\q\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.509\npGatewayNpapi-x64.dll [2019-07-24] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\q\AppData\Local\Google\Chrome\User Data\Default [2020-12-15] CHR StartupUrls: Default -> "hxxps://www.bing.com/?PC=FT01" CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&FORM=FTSBRD&PC=FT02 CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms} CHR Extension: (Prezentacje) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-16] CHR Extension: (Dokumenty) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-16] CHR Extension: (Dysk Google) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-15] CHR Extension: (YouTube) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-29] CHR Extension: (Avira Password Manager) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2020-12-15] CHR Extension: (Avira Safe Shopping) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-12-15] CHR Extension: (Arkusze) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-16] CHR Extension: (Norton Safe Web) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2020-12-15] CHR Extension: (Dokumenty Google offline) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08] CHR Extension: (Gmail) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-15] CHR Extension: (Chrome Media Router) - C:\Users\q\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-15] CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-16] (Adobe Inc. -> Adobe) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2020-10-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [246424 2020-11-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161376 2020-08-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-21] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-12] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-12] (Brave Software, Inc. -> BraveSoftware Inc.) S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo) S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [278528 2020-12-10] (CleverFiles) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation) R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [Brak podpisu cyfrowego] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-13] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-02-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1210352 2016-03-22] (LENOVO -> Lenovo) R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.) R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.) R2 SPDFCreatorReadSpool; C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe [262576 2016-09-07] (Solid Documents -> Solid Documents Limited) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [42424 2015-12-02] (LENOVO -> Lenovo) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207424 2020-11-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [328920 2016-01-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-12-15 18:10 - 2020-12-15 18:11 - 000035571 _____ C:\Users\q\Desktop\FRST.txt 2020-12-15 18:09 - 2020-12-15 18:10 - 000000000 ____D C:\FRST 2020-12-15 18:05 - 2020-12-15 18:05 - 002286592 _____ (Farbar) C:\Users\q\Desktop\FRST64.exe 2020-12-15 16:35 - 2020-12-15 16:35 - 000000000 ____D C:\Users\q\Desktop\DMDE 2020-12-15 15:42 - 2020-12-15 15:47 - 000000000 ____D C:\Users\q\Desktop\ze strukturą 2020-12-15 15:23 - 2020-12-15 15:23 - 000000032 _____ C:\Users\q\AppData\Local\RawCopy.savedialog.dir 2020-12-15 15:23 - 2020-12-15 15:23 - 000000001 _____ C:\Users\q\AppData\Local\RawCopy.savedialog.filterindex 2020-12-15 15:19 - 2020-12-15 15:23 - 000000000 ____D C:\Users\q\Desktop\kopia raq usb 2020-12-15 15:19 - 2020-12-15 15:22 - 000000001 _____ C:\Users\q\AppData\Local\RawCopy.sourcedisk.index 2020-12-15 15:19 - 2020-12-15 15:19 - 000000001 _____ C:\Users\q\AppData\Local\RawCopy.1.10.agreement 2020-12-15 15:18 - 2020-12-15 15:18 - 000001171 _____ C:\Users\q\Desktop\HDD Raw Copy Tool.lnk 2020-12-15 15:18 - 2020-12-15 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Raw Copy Tool 2020-12-15 15:18 - 2020-12-15 15:18 - 000000000 ____D C:\Program Files (x86)\HDDGURU Raw Copy Tool 2020-12-15 15:07 - 2020-12-15 15:07 - 000000690 _____ C:\Users\q\Desktop\Total Commander 64 bit.lnk 2020-12-15 15:07 - 2020-12-15 15:07 - 000000676 _____ C:\Users\q\Desktop\Total Commander.lnk 2020-12-15 15:07 - 2020-12-15 15:07 - 000000000 ____D C:\Users\q\AppData\Roaming\GHISLER 2020-12-15 15:07 - 2020-12-15 15:07 - 000000000 ____D C:\Users\q\AppData\Local\GHISLER 2020-12-15 15:07 - 2020-12-15 15:07 - 000000000 ____D C:\totalcmd 2020-12-15 14:45 - 2020-12-15 14:45 - 000000000 ____D C:\Users\q\AppData\Roaming\EaseUS 2020-12-15 14:45 - 2020-12-15 14:45 - 000000000 ____D C:\ProgramData\SystemAcCrux 2020-12-15 14:44 - 2020-12-15 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 2020-12-15 14:44 - 2020-12-15 14:44 - 000000000 ____D C:\Program Files\EaseUS 2020-12-15 14:31 - 2020-12-15 14:32 - 000000000 ____D C:\Users\q\Desktop\odzyskane tesdisc 2020-12-15 14:23 - 2020-12-15 14:34 - 000000000 ____D C:\Users\q\Desktop\testdeisk 2020-12-15 14:04 - 2020-12-15 14:04 - 000000000 ____D C:\Users\q\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar 2020-12-15 14:04 - 2020-12-15 14:04 - 000000000 ____D C:\Program Files (x86)\Convar 2020-12-15 13:23 - 2020-12-15 13:31 - 000000000 ____D C:\Users\q\Desktop\odzyskane deep can 2020-12-15 13:08 - 2020-12-15 13:08 - 000000000 ____D C:\Users\q\AppData\Local\CleverFiles 2020-12-15 12:55 - 2020-12-15 13:19 - 000000000 ____D C:\Users\q\AppData\Local\DiskDrill 2020-12-15 12:55 - 2020-12-15 12:55 - 000000000 ____D C:\Users\q\AppData\Local\CrashRpt 2020-12-15 12:53 - 2020-12-15 12:53 - 000002531 _____ C:\Users\Public\Desktop\Disk Drill.lnk 2020-12-15 12:53 - 2020-12-15 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleverFiles Disk Drill (x64) 2020-12-15 12:53 - 2020-12-15 12:53 - 000000000 ____D C:\Program Files\Dokan 2020-12-15 12:53 - 2020-12-15 12:53 - 000000000 ____D C:\Program Files\CleverFiles 2020-12-15 12:53 - 2020-06-01 19:48 - 000140280 _____ (Dokan Project) C:\WINDOWS\system32\Drivers\dokan1.sys 2020-12-15 12:43 - 2020-12-15 16:27 - 000000000 ____D C:\Users\q\Desktop\odzyskane 2020-12-15 12:43 - 2020-12-15 12:43 - 000000000 ____D C:\Users\q\Desktop\Nowy folder 2020-12-15 12:37 - 2020-12-15 17:48 - 000000000 ____D C:\Program Files\Recuva 2020-12-15 12:37 - 2020-12-15 12:37 - 000001706 _____ C:\Users\Public\Desktop\Recuva.lnk 2020-12-15 12:37 - 2020-12-15 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2020-12-11 17:36 - 2020-12-11 17:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-12-11 17:36 - 2020-12-11 17:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-12-11 17:36 - 2020-12-11 17:36 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2020-12-11 17:35 - 2020-12-11 17:35 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2020-12-11 17:35 - 2020-12-11 17:35 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-11 17:35 - 2020-12-11 17:35 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-11 17:35 - 2020-12-11 17:35 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2020-12-11 17:35 - 2020-12-11 17:35 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-11 17:35 - 2020-12-11 17:35 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2020-12-11 17:35 - 2020-12-11 17:35 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-11 17:35 - 2020-12-11 17:35 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2020-12-11 17:35 - 2020-12-11 17:35 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2020-12-11 17:35 - 2020-12-11 17:35 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-11 17:35 - 2020-12-11 17:35 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-11 17:35 - 2020-12-11 17:35 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2020-12-11 17:35 - 2020-12-11 17:35 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2020-12-11 17:35 - 2020-12-11 17:35 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-11 17:35 - 2020-12-11 17:35 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2020-12-11 17:35 - 2020-12-11 17:35 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2020-12-11 17:35 - 2020-12-11 17:35 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2020-12-11 17:35 - 2020-12-11 17:35 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2020-12-11 17:35 - 2020-12-11 17:35 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-11-28 15:07 - 2020-11-28 15:07 - 000000000 ____D C:\Users\q\AppData\Local\FreeOCR 2020-11-28 14:41 - 2020-12-02 19:44 - 000000000 ____D C:\FreeOCR 2020-11-28 14:41 - 2007-03-10 10:11 - 002680320 _____ (HiComponents) C:\WINDOWS\SysWOW64\ImageEnXLibrary.ocx 2020-11-28 14:40 - 2020-11-28 14:40 - 011316239 _____ ( ) C:\Users\q\Downloads\freeocr541.exe 2020-11-28 14:20 - 2020-11-28 14:20 - 000000000 ____D C:\PDFOCR_output 2020-11-28 14:19 - 2020-11-28 14:20 - 000000000 ____D C:\Users\q\AppData\Roaming\YCanPDF 2020-11-28 14:19 - 2020-11-28 14:19 - 000000000 ____D C:\tmp 2020-11-28 14:18 - 2020-11-28 14:21 - 000000000 ____D C:\pdfOCR 2020-11-26 10:57 - 2020-12-10 14:20 - 000000000 ____D C:\Users\q\Desktop\Opinie 2020-11-26 10:33 - 2020-11-26 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2020-11-24 16:26 - 2020-11-24 16:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-11-23 10:12 - 2020-11-25 10:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-11-15 13:45 - 2020-11-15 13:45 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe 2020-11-15 13:44 - 2020-11-15 13:44 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-12-15 17:17 - 2019-02-05 10:10 - 000000000 ____D C:\ProgramData\Mozilla 2020-12-15 17:16 - 2017-01-20 19:31 - 000000000 ____D C:\Users\q\AppData\LocalLow\Mozilla 2020-12-15 16:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-15 15:15 - 2017-01-16 19:21 - 000000000 ____D C:\Users\q\AppData\Local\CrashDumps 2020-12-15 13:31 - 2020-09-07 08:41 - 000000000 ____D C:\Users\q 2020-12-15 13:01 - 2020-09-07 09:30 - 001769796 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-12-15 13:01 - 2019-12-07 16:08 - 000785416 _____ C:\WINDOWS\system32\perfh015.dat 2020-12-15 13:01 - 2019-12-07 16:08 - 000152276 _____ C:\WINDOWS\system32\perfc015.dat 2020-12-15 13:01 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2020-12-15 12:54 - 2020-09-07 09:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-12-15 12:54 - 2020-09-07 09:27 - 000008192 ___SH C:\DumpStack.log.tmp 2020-12-15 12:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2020-12-15 12:54 - 2019-08-19 09:33 - 000000000 ____D C:\Users\Public\Speedup Sessions 2020-12-15 12:54 - 2017-02-14 11:28 - 000000000 ____D C:\ProgramData\NVIDIA 2020-12-15 12:54 - 2017-01-16 18:56 - 000000000 __SHD C:\Users\q\IntelGraphicsProfiles 2020-12-15 12:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-15 12:53 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-12-15 12:53 - 2016-09-17 03:22 - 000000000 ____D C:\ProgramData\Package Cache 2020-12-15 12:34 - 2020-10-23 12:45 - 000000000 ____D C:\Users\q\AppData\Local\PlaceholderTileLogoFolder 2020-12-15 12:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-15 12:34 - 2017-12-01 08:54 - 000000000 ____D C:\Users\q\AppData\Local\Packages 2020-12-15 09:59 - 2018-05-13 15:31 - 000000000 ____D C:\Users\q\AppData\Local\Host App Service 2020-12-14 16:53 - 2020-09-07 09:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-12-14 16:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-12-11 17:58 - 2020-09-07 09:27 - 000519192 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-12-11 17:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-12-11 17:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2020-12-11 17:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-12-11 17:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-12-11 17:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-12-11 17:41 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2020-12-11 17:41 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2020-12-11 17:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-11 09:44 - 2017-01-31 13:24 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-12-11 09:31 - 2020-06-08 07:51 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-10 17:22 - 2019-06-12 10:59 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2020-12-09 16:31 - 2016-09-17 03:13 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-12-05 11:30 - 2018-10-02 20:15 - 000000000 ____D C:\Users\q\Desktop\skan 2020-12-04 09:29 - 2020-09-07 09:39 - 000003568 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-12-04 09:29 - 2020-09-07 09:39 - 000003444 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-12-03 15:10 - 2020-11-04 13:06 - 000000000 ____D C:\Users\q\Desktop\na dziś 2020-12-03 15:05 - 2020-09-07 09:39 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-12-03 11:01 - 2018-01-15 15:04 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-12-01 11:46 - 2020-09-07 09:39 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-12-01 11:46 - 2020-09-07 09:39 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-28 13:08 - 2020-09-07 09:39 - 000003718 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update 2020-11-26 14:34 - 2020-07-30 11:49 - 000000000 ___SD C:\Users\q\Documents\My Data Sources 2020-11-25 13:21 - 2020-09-07 09:39 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-11-25 10:01 - 2017-01-20 19:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-11-24 16:26 - 2017-01-20 19:29 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-11-24 10:22 - 2017-01-18 16:04 - 001494883 _____ C:\WINDOWS\system32\InstallUtil.InstallLog 2020-11-19 17:15 - 2019-08-19 09:37 - 000207424 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2020-11-19 09:17 - 2018-03-03 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2020-11-19 09:17 - 2018-03-03 11:13 - 000000000 ____D C:\Program Files (x86)\EPSON Software 2020-11-18 11:06 - 2017-03-09 11:42 - 000000000 ____D C:\Users\q\AppData\Local\ElevatedDiagnostics 2020-11-18 10:51 - 2017-01-16 21:41 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-11-18 10:49 - 2017-01-16 21:41 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-11-15 14:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2020-11-15 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2020-11-15 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2020-11-15 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2020-11-15 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-11-15 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-11-15 14:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2020-11-15 13:44 - 2020-09-07 09:30 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-12-15 15:19 - 2020-12-15 15:19 - 000000001 _____ () C:\Users\q\AppData\Local\RawCopy.1.10.agreement 2020-12-15 15:23 - 2020-12-15 15:23 - 000000032 _____ () C:\Users\q\AppData\Local\RawCopy.savedialog.dir 2020-12-15 15:23 - 2020-12-15 15:23 - 000000001 _____ () C:\Users\q\AppData\Local\RawCopy.savedialog.filterindex 2020-12-15 15:19 - 2020-12-15 15:22 - 000000001 _____ () C:\Users\q\AppData\Local\RawCopy.sourcedisk.index ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================