Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-07-2022 Uruchomiony przez WALDEMAR (administrator) WALDEMAR (Gigabyte Technology Co., Ltd. Z170-Gaming K3) (15-07-2022 14:08:05) Uruchomiony z D:\Pulpit\FRST Załadowane profile: WALDEMAR & SQLTELEMETRY$INSERTGT Platform: Microsoft Windows 10 Pro Wersja 21H1 19043.1826 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\60.0.2.0\crashpad_handler.exe <2> (C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe (C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe <7> (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (Autodesk, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (services.exe ->) (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (Firebird Project) [Brak podpisu cyfrowego] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (services.exe ->) (Firebird Project) [Brak podpisu cyfrowego] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (services.exe ->) (Huawei Technologies Co.,Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.INSERTGT\MSSQL\Binn\sqlceip.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.INSERTGT\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (services.exe ->) (philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1790_none_7df2aec07ca10e81\TiWorker.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1893496 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2142328 2017-12-18] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [I17D] => C:\WINDOWS\twain_32\Brimi17d\Common\TwDsUiLaunch.exe [77312 2017-11-16] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2975744 2017-12-14] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.) HKU\S-1-5-21-1842294854-3454898761-1950445386-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1317256 2013-07-16] (Autodesk, Inc -> Autodesk, Inc.) HKU\S-1-5-21-1842294854-3454898761-1950445386-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109945728 2021-02-12] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1842294854-3454898761-1950445386-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> ) HKU\S-1-5-21-1842294854-3454898761-1950445386-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.) HKU\S-1-5-21-1842294854-3454898761-1950445386-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\WALDEMAR\AppData\Local\Programs\signal-desktop\Signal.exe [148929440 2022-07-01] (Signal Messenger, LLC -> Signal Messenger, LLC) HKU\S-1-5-21-1842294854-3454898761-1950445386-1001\...\Run: [MicrosoftEdgeAutoLaunch_237873099952F4FC695552E2BB430D4D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-80-1662653124-493881953-1281170224-2855674701-73782100\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\60.0.2.0\GoogleDriveFS.exe [55254344 2022-06-21] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\hpcpp160: C:\Windows\System32\spool\prtprocs\x64\hpcpp160.dll [602912 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\C360SeriesXPS Language Monitor: C:\WINDOWS\system32\KOAZ8W_L.DLL [15360 2012-11-14] (Konica Minolta Business Solutions Europe GmbH -> ) HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW081.DLL [74016 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\...\Print\Monitors\HPMLM135: C:\WINDOWS\system32\hpmlm135.dll [237344 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-05] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-08-05] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {12871FCD-8AD2-4E4A-BCDA-68BF3C5474F0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Task: {201782F6-9A67-4376-B8B8-7B5F31D11ECB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378880 2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Task: {32A126AF-818D-4572-8F23-9ED7E552F041} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Task: {343474CB-A145-4673-825C-9533E55598D3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946296 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) Task: {37821A1C-078E-46A5-833F-C3E78A624526} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {39117C44-509C-4F2A-82BB-C9492C684B54} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8414176 2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Task: {3CBFFBE8-6960-4532-A681-8AC0AB9B467F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {3F6277EA-A6F0-484B-B2D9-9B2DEF95BF1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-13] (Google Inc -> Google Inc.) Task: {4CB8AC0C-025C-4AB6-8BF4-0CF19F0EBD36} - System32\Tasks\AdobeAAMUpdater-1.0-WALDEMAR-WALDEMAR => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {598322C6-0EB0-48EE-894E-77FDC009D268} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5C4374E3-317B-425C-B337-FEB7421A8A23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {659B50F3-F26B-4F5D-8C15-58A78F783A71} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {68A64FD1-E49D-46BD-BC80-3F50E1D3498F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-13] (Google Inc -> Google Inc.) Task: {6AA93313-77AC-4BE4-9CA4-26616EE72373} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378880 2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Task: {735E7949-2213-43EE-BB70-3E2B02A1A17F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1693816 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) Task: {83985DFF-B90E-4239-8522-D362184D5316} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8414176 2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Task: {AB2CAE7D-DC7B-4540-B9A5-E7C67336BACE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64416 2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Task: {BB99494D-067A-4166-8801-F632B64310DA} - System32\Tasks\{9B75B28A-C729-4536-8373-E7B9D53167F9} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.7.0.103&LastError=404 Task: {DACA3A33-EC3D-4288-AA5D-67392BD62526} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E20E04D6-36C4-408B-A64B-7B2520096F2B} - System32\Tasks\CCleanerSkipUAC - WALDEMAR => D:\Pulpit\Tron v12.0.2 (2022-01-18)\resources\stage_1_tempclean\ccleaner\CCleaner.exe $(Arg0) (Brak pliku) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) ProxyServer: [S-1-5-21-1842294854-3454898761-1950445386-1001] => 127.0.0.1:1080 Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{7f60a1dd-3933-4e2c-98e7-b010bf56006c}: [DhcpNameServer] 192.168.1.254 Edge: ======= DownloadDir: D:\Pobieranie Edge HomeButtonPage: HKU\S-1-5-21-1842294854-3454898761-1950445386-1001 -> hxxps://www.yandex.ru/?win=472&clid=2226560 Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\WALDEMAR\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-15] Edge DownloadDir: Default -> D:\Pobieranie FireFox: ======== FF ProfilePath: C:\Users\WALDEMAR\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2022-07-15] FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxps://www.yandex.ru/?win=472&clid=2226560 FF SearchPlugin: C:\Users\WALDEMAR\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-20215113.xml [2021-01-13] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-17] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\WALDEMAR\AppData\Local\Google\Chrome\User Data\Default [2022-07-15] CHR Notifications: Default -> hxxps://domisad.pl; hxxps://pl.pinterest.com; hxxps://triverna.pl; hxxps://www-zdrowienastole-pl.pushpushgo.com; hxxps://www.bat.pl; hxxps://www.castorama.pl; hxxps://www.leroymerlin.pl CHR HomePage: Default -> about:Tabs CHR StartupUrls: Default -> "hxxps://www.google.pl/" CHR Extension: (Video Downloader Pro) - C:\Users\WALDEMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdikaeknpeokoejlpffihfmpfelakcg [2020-11-13] CHR Extension: (uBlock Origin) - C:\Users\WALDEMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-06-19] CHR Extension: (Dokumenty Google offline) - C:\Users\WALDEMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-22] CHR Extension: (Youtube Mp3 Downloader) - C:\Users\WALDEMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jphdnibheeacnoenodkekhfjhnepegia [2020-10-03] CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\WALDEMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-24] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\WALDEMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Konwerter Audio) - C:\Users\WALDEMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfphighcpfimfhblaigjckljcoeipga [2017-12-13] CHR Profile: C:\Users\WALDEMAR\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-07-13] CHR Profile: C:\Users\WALDEMAR\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-13] CHR HKU\S-1-5-21-1842294854-3454898761-1950445386-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ablpcikjmhamjanpibkccdmpoekjigja] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [gdljkkmghdkckhaogaemgbgdfophkfco] CHR HKLM-x32\...\Chrome\Extension: [pjfkgjlnocfakoheoapicnknoglipapd] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeActiveFileMonitor9.0; C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743984 2021-10-17] (philandro Software GmbH -> philandro Software GmbH) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc. -> Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Brak podpisu cyfrowego] R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2017-12-14] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111264 2022-07-08] (Microsoft Corporation -> Microsoft Corporation) R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [153600 2010-09-17] (Firebird Project) [Brak podpisu cyfrowego] R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [5624320 2010-09-17] (Firebird Project) [Brak podpisu cyfrowego] R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2015-09-23] (Huawei Technologies Co.,Ltd. -> ) R2 MSSQL$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL15.INSERTGT\MSSQL\Binn\sqlservr.exe [624544 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6232176 2022-07-13] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SQLAgent$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL15.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [690088 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) R2 SQLTELEMETRY$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL15.INSERTGT\MSSQL\Binn\sqlceip.exe [284600 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 34b55b4f; C:\WINDOWS\System32\Drivers\34b55b4f.sys [127792 2021-08-30] (AO Kaspersky Lab -> AO Kaspersky Lab) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R0 klupd_34b55b4fa_arkmon; C:\WINDOWS\System32\Drivers\klupd_34b55b4fa_arkmon.sys [257208 2021-08-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klupd_34b55b4fa_kimul; C:\WINDOWS\System32\Drivers\klupd_34b55b4fa_kimul.sys [99152 2021-08-30] (Kaspersky Lab -> AO Kaspersky Lab) S3 klupd_34b55b4fa_klark; C:\WINDOWS\System32\Drivers\klupd_34b55b4fa_klark.sys [310232 2021-08-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_34b55b4fa_klbg; C:\WINDOWS\System32\Drivers\klupd_34b55b4fa_klbg.sys [116888 2021-08-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klupd_34b55b4fa_mark; C:\WINDOWS\System32\Drivers\klupd_34b55b4fa_mark.sys [207352 2021-08-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 MpKslcbffa453; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DA149EC5-129E-4F69-B99E-4A4554B940BA}\MpKslDrv.sys [141576 2022-07-15] (Microsoft Windows -> Microsoft Corporation) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R1 RsFx0600; C:\WINDOWS\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation) S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [205552 2022-07-08] (RH Software Ltd -> Ray Hinchliffe) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-21] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-21] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-07-15 13:57 - 2022-07-15 14:08 - 000000000 ____D C:\FRST 2022-07-15 13:31 - 2022-07-15 13:31 - 000000000 ____D C:\WINDOWS\Panther 2022-07-15 13:31 - 2022-07-15 13:31 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2022-07-15 13:30 - 2011-01-12 13:36 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll 2022-07-15 13:30 - 2011-01-12 13:25 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71deu.dll 2022-07-15 13:30 - 2011-01-12 13:25 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71ita.dll 2022-07-15 13:30 - 2011-01-12 13:25 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71fra.dll 2022-07-15 13:30 - 2011-01-12 13:25 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71esp.dll 2022-07-15 13:30 - 2011-01-12 13:25 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71enu.dll 2022-07-15 13:30 - 2011-01-12 13:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71kor.dll 2022-07-15 13:30 - 2011-01-12 13:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71jpn.dll 2022-07-15 13:30 - 2011-01-12 13:25 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71cht.dll 2022-07-15 13:30 - 2011-01-12 13:25 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71chs.dll 2022-07-15 13:30 - 2011-01-12 13:19 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2022-07-15 13:30 - 2011-01-12 12:53 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll 2022-07-15 13:30 - 2007-02-01 22:13 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2022-07-15 13:30 - 2007-02-01 19:11 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2022-07-15 13:30 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll 2022-07-15 13:30 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll 2022-07-15 13:30 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll 2022-07-15 13:30 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll 2022-07-15 13:30 - 2006-08-26 00:15 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll 2022-07-15 13:30 - 2006-08-26 00:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll 2022-07-15 13:30 - 2006-08-26 00:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll 2022-07-15 13:30 - 2006-08-26 00:15 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll 2022-07-15 13:30 - 2006-08-26 00:15 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll 2022-07-15 13:30 - 2001-08-23 00:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll 2022-07-15 13:30 - 1996-01-12 03:00 - 000722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb40032.dll 2022-07-15 13:30 - 1993-07-23 19:31 - 000210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll 2022-07-15 10:04 - 2022-07-15 10:04 - 000000000 ____D C:\Users\skan\AppData\LocalLow\Adobe 2022-07-15 10:04 - 2022-07-15 10:04 - 000000000 ____D C:\Users\skan\.ms-ad 2022-07-15 09:45 - 2022-07-15 09:45 - 000000000 ___RD C:\Users\test\OneDrive 2022-07-15 09:44 - 2022-07-15 09:44 - 000000000 ____D C:\Users\test\AppData\Roaming\Logishrd 2022-07-15 09:44 - 2022-07-15 09:44 - 000000000 ____D C:\Users\test\AppData\Roaming\AnyDesk 2022-07-15 09:43 - 2022-07-15 09:45 - 000000000 ____D C:\Users\test 2022-07-15 09:43 - 2022-07-15 09:43 - 000000020 ___SH C:\Users\test\ntuser.ini 2022-07-15 09:43 - 2022-07-15 09:43 - 000000000 _SHDL C:\Users\test\Ustawienia lokalne 2022-07-15 09:43 - 2022-07-15 09:43 - 000000000 _SHDL C:\Users\test\Szablony 2022-07-15 09:43 - 2022-07-15 09:43 - 000000000 _SHDL C:\Users\test\Moje dokumenty 2022-07-15 09:43 - 2022-07-15 09:43 - 000000000 _SHDL C:\Users\test\Menu Start 2022-07-15 09:43 - 2022-07-15 09:43 - 000000000 _SHDL C:\Users\test\Dane aplikacji 2022-07-15 09:43 - 2022-07-15 09:43 - 000000000 _SHDL C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2022-07-15 09:43 - 2022-07-15 09:43 - 000000000 ___RD C:\Users\test\3D Objects 2022-07-15 09:43 - 2022-07-15 09:43 - 000000000 ____D C:\Users\test\AppData\Roaming\Adobe 2022-07-15 09:35 - 2022-07-15 10:22 - 000000000 ___RD C:\Users\skan\OneDrive 2022-07-15 09:35 - 2022-07-15 09:35 - 000000000 ____D C:\Users\skan\AppData\Roaming\Logishrd 2022-07-15 09:35 - 2022-07-15 09:35 - 000000000 ____D C:\Users\skan\AppData\Roaming\AnyDesk 2022-07-15 09:34 - 2022-07-15 10:04 - 000000000 ____D C:\Users\skan\AppData\Roaming\Adobe 2022-07-15 09:34 - 2022-07-15 10:04 - 000000000 ____D C:\Users\skan 2022-07-15 09:34 - 2022-07-15 09:34 - 000000020 ___SH C:\Users\skan\ntuser.ini 2022-07-15 09:34 - 2022-07-15 09:34 - 000000000 _SHDL C:\Users\skan\Ustawienia lokalne 2022-07-15 09:34 - 2022-07-15 09:34 - 000000000 _SHDL C:\Users\skan\Szablony 2022-07-15 09:34 - 2022-07-15 09:34 - 000000000 _SHDL C:\Users\skan\Moje dokumenty 2022-07-15 09:34 - 2022-07-15 09:34 - 000000000 _SHDL C:\Users\skan\Menu Start 2022-07-15 09:34 - 2022-07-15 09:34 - 000000000 _SHDL C:\Users\skan\Dane aplikacji 2022-07-15 09:34 - 2022-07-15 09:34 - 000000000 _SHDL C:\Users\skan\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2022-07-15 09:34 - 2022-07-15 09:34 - 000000000 ___RD C:\Users\skan\3D Objects 2022-07-14 13:43 - 2022-07-15 14:08 - 000000000 ____D C:\TEMP 2022-07-13 17:00 - 2022-07-13 17:00 - 000000112 ___SH C:\bootTel.dat 2022-07-13 16:05 - 2022-07-13 16:05 - 000000772 _____ C:\Users\WALDEMAR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-07-13 14:54 - 2022-07-13 14:54 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-07-13 14:54 - 2022-07-13 14:54 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-07-13 14:54 - 2022-07-13 14:54 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-07-13 14:54 - 2022-07-13 14:54 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll 2022-07-13 14:54 - 2022-07-13 14:54 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll 2022-07-13 14:54 - 2022-07-13 14:54 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-07-13 14:54 - 2022-07-13 14:54 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-07-13 14:54 - 2022-07-13 14:54 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-07-13 14:54 - 2022-07-13 14:54 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2022-07-13 14:54 - 2022-07-13 14:54 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-07-13 14:54 - 2022-07-13 14:54 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-07-13 14:54 - 2022-07-13 14:54 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2022-07-13 14:53 - 2022-07-13 14:53 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-07-13 14:53 - 2022-07-13 14:53 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2022-07-13 14:53 - 2022-07-13 14:53 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-07-13 14:53 - 2022-07-13 14:53 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll 2022-07-13 14:53 - 2022-07-13 14:53 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll 2022-07-13 14:53 - 2022-07-13 14:53 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll 2022-07-13 14:53 - 2022-07-13 14:53 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-07-13 14:41 - 2022-07-13 14:41 - 000000000 ___HD C:\$WinREAgent 2022-07-13 11:38 - 2022-07-13 11:38 - 000000000 ____D C:\ProgramData\Sophos 2022-07-13 11:01 - 2022-07-13 11:01 - 000002996 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - WALDEMAR 2022-06-30 15:21 - 2022-06-30 15:21 - 000000000 ____D C:\Users\WALDEMAR\.ms-ad 2022-06-19 23:43 - 2022-06-19 23:43 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-06-19 23:43 - 2022-06-19 23:43 - 000479744 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2022-06-19 23:43 - 2022-06-19 23:43 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2022-06-19 23:43 - 2022-06-19 23:43 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll 2022-06-19 23:43 - 2022-06-19 23:43 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-07-15 14:07 - 2020-09-08 16:43 - 000872918 _____ C:\WINDOWS\system32\perfh019.dat 2022-07-15 14:07 - 2020-09-08 16:43 - 000195152 _____ C:\WINDOWS\system32\perfc019.dat 2022-07-15 14:07 - 2020-06-22 18:34 - 003180894 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-07-15 14:07 - 2019-12-07 17:09 - 000888638 _____ C:\WINDOWS\system32\perfh015.dat 2022-07-15 14:07 - 2019-12-07 17:09 - 000195960 _____ C:\WINDOWS\system32\perfc015.dat 2022-07-15 14:07 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-07-15 14:05 - 2017-12-13 15:15 - 000000000 ____D C:\Program Files (x86)\Google 2022-07-15 14:05 - 2017-04-19 16:14 - 000000000 ____D C:\ProgramData\NVIDIA 2022-07-15 14:04 - 2022-02-10 20:49 - 000000000 ____D C:\Users\WALDEMAR\AppData\Roaming\Signal 2022-07-15 14:03 - 2020-06-22 18:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-07-15 14:03 - 2020-06-22 18:29 - 000008192 ___SH C:\DumpStack.log.tmp 2022-07-15 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-07-15 14:03 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-07-15 14:03 - 2018-06-19 13:50 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-07-15 13:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-07-15 13:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-07-15 13:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-07-15 13:25 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-07-15 13:21 - 2020-01-13 19:38 - 000000000 ____D C:\Users\WALDEMAR\AppData\LocalLow\Mozilla 2022-07-15 13:21 - 2020-01-13 19:38 - 000000000 ____D C:\ProgramData\Mozilla 2022-07-15 13:18 - 2017-04-19 16:13 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-07-15 13:12 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-07-15 13:06 - 2021-08-30 11:14 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-07-15 09:43 - 2017-04-19 16:06 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-07-14 09:43 - 2017-05-18 14:48 - 000000000 ____D C:\ProgramData\Package Cache 2022-07-13 15:54 - 2017-05-31 09:21 - 000000000 ____D C:\Users\WALDEMAR\AppData\LocalLow\Temp 2022-07-13 15:43 - 2017-04-19 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-07-13 15:41 - 2017-04-19 18:34 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-07-13 15:28 - 2020-06-22 18:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-07-13 15:12 - 2020-06-22 18:29 - 001808832 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-07-13 15:02 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-07-13 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-07-13 14:55 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-07-13 14:53 - 2020-06-22 18:31 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-07-13 14:32 - 2021-12-06 14:57 - 000002083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-07-13 14:32 - 2020-06-22 18:36 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-07-13 11:05 - 2017-04-19 17:44 - 000000000 ____D C:\Program Files\Microsoft Office 2022-07-13 11:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-07-11 19:01 - 2021-08-31 21:09 - 000002067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2022-07-08 11:49 - 2021-08-30 10:35 - 000205552 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX64.sys 2022-07-08 11:48 - 2020-06-12 08:57 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-07-05 21:40 - 2020-05-04 14:03 - 000008047 _____ C:\WINDOWS\BRRBCOM.INI 2022-07-05 11:00 - 2017-12-13 15:15 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-07-04 22:34 - 2021-10-20 20:58 - 000000000 ____D C:\ProgramData\firebird 2022-06-30 15:21 - 2020-06-22 18:30 - 000000000 ____D C:\Users\WALDEMAR 2022-06-25 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-06-25 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-06-25 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-06-25 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-06-25 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-06-25 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-06-25 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-06-25 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-06-25 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-06-25 15:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-06-25 15:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2022-06-25 14:34 - 2018-07-14 07:04 - 000000000 ____D C:\ProgramData\Packages 2022-06-25 11:21 - 2019-07-19 07:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2022-06-25 11:21 - 2019-07-19 07:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-06-22 12:10 - 2021-04-08 09:45 - 000000000 ____D C:\Users\WALDEMAR\AppData\Roaming\WhatsApp 2022-06-21 10:59 - 2018-02-15 18:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-06-17 09:29 - 2020-06-22 18:36 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-06-17 09:29 - 2020-06-22 18:36 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-06-17 09:27 - 2021-10-20 20:29 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2022-06-17 09:27 - 2021-10-20 20:29 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server ==================== Pliki w katalogu głównym wybranych folderów ======== 2017-06-14 04:53 - 2017-06-14 04:53 - 000000220 _____ () C:\Users\WALDEMAR\AppData\Roaming\GWGiyQ.inf 2017-06-14 04:53 - 2017-06-14 04:53 - 000000241 _____ () C:\Users\WALDEMAR\AppData\Roaming\hWaJxDFId.inf 2017-06-14 04:53 - 2017-06-14 04:53 - 000000288 _____ () C:\Users\WALDEMAR\AppData\Roaming\oBrJeUVm.inf 2019-02-13 08:28 - 2019-02-13 08:28 - 000553029 _____ () C:\Users\WALDEMAR\AppData\Roaming\swBg.dll 2017-09-16 15:09 - 2017-09-16 15:09 - 000000025 _____ () C:\Users\WALDEMAR\AppData\Local\dwg2vec.ini 2018-03-26 12:49 - 2018-04-04 15:54 - 000000081 _____ () C:\Users\WALDEMAR\AppData\Local\lang.dat 2015-01-02 20:44 - 2016-06-15 15:37 - 000000600 _____ () C:\Users\WALDEMAR\AppData\Local\PUTTY.RND 2022-07-15 13:18 - 2022-07-15 13:18 - 000007605 _____ () C:\Users\WALDEMAR\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================