Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 10-04-2023 Uruchomiony przez Domek (administrator) DESKTOP-V23S55R (13-04-2023 02:59:37) Uruchomiony z C:\Users\Domek\Downloads Załadowane profile: Domek Platforma: Microsoft Windows 10 Home Wersja 22H2 19045.2846 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Discord Inc. -> Discord Inc.) C:\Users\Domek\AppData\Local\Discord\app-1.0.9012\Discord.exe <6> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (services.exe ->) (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELFIN\MSSQL\Binn\sqlservr.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.243\WsAppService.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe (svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-07-25] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [] => [X] HKLM\...\Run: [SimplySignDesktop] => C:\Program Files (x86)\Certum\SimplySign Desktop\SimplySignDesktop.exe [1189456 2020-06-04] (Asseco Data Systems S.A. -> Asseco Data Systems S.A.) HKLM-x32\...\Run: [AutoRegisterCerts] => C:\Program Files (x86)\Certum\proCertum CardManager\cryptoCertumScanner.exe [171088 2020-12-01] (Asseco Data Systems S.A. -> Certum) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [333264 2023-01-17] (Avira Operations GmbH -> Avira Operations GmbH) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SimplySignDesktop] => C:\Program Files (x86)\Certum\SimplySign Desktop\SimplySignDesktop.exe [1189456 2020-06-04] (Asseco Data Systems S.A. -> Asseco Data Systems S.A.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKU\S-1-5-21-292459351-3630904960-2125800452-1001\...\Run: [] => [X] HKU\S-1-5-21-292459351-3630904960-2125800452-1001\...\Run: [MicrosoftEdgeAutoLaunch_E43C76CD8ACA8DA1DA1D206CBE5CF888] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139936 2023-04-10] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-292459351-3630904960-2125800452-1001\...\Run: [Discord] => C:\Users\Domek\AppData\Local\Discord\Update.exe [1525016 2023-02-13] (Discord Inc. -> GitHub) HKLM\...\Print\Monitors\HP 6012 Status Monitor: C:\Windows\system32\hpinksts6012LM.dll [331664 2012-08-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\Windows\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\112.0.5615.86\Installer\chrmstp.exe [2023-04-13] (Google LLC -> Google LLC) Startup: C:\Users\Domek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Powiadomienia monitorowania tuszu - HP Deskjet 2050 J510 series.lnk [2023-04-13] ShortcutAndArgument: Powiadomienia monitorowania tuszu - HP Deskjet 2050 J510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 2050 J510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN0C83P1PP05D1;CONNECTION=USB;MONITOR=1; ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {08B19994-4853-4BFE-908F-600D55C5EDB5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {0FEEDE35-A849-41F2-9FCC-1FA811321FFC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {11C985C3-7E4B-495F-B6DA-231DE3C354A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {14D01D69-ACBA-4239-A888-E2385ED7E4BB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {159CDE8B-11CC-484D-8732-1BB26C494746} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.) Task: {22F03BCB-0A31-4466-8058-5F8D51252895} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry Task: {22F03BCB-0A31-4466-8058-5F8D51252895} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog Task: {22F03BCB-0A31-4466-8058-5F8D51252895} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector Task: {2A243E51-D0B9-4295-B724-A2BD983C14EC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {34F37036-B856-40A9-B305-74354EC75339} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe -check pepperplugin (Brak pliku) Task: {386AFD7D-2A6F-407B-8A7C-FECF8C9CB3BA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3FDB7EAB-DE1A-4EE1-BDA1-4E5B14A08CC3} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2053984 2017-10-31] (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) Task: {400107B1-D7C6-4642-B979-99A7DC616C65} - System32\Tasks\Opera scheduled Autoupdate 1567707967 => C:\Users\Domek\AppData\Local\Programs\Opera\launcher.exe [2006936 2023-04-05] (Opera Norway AS -> Opera Software) Task: {4B1D608A-FECD-495A-A766-2B4605EB4228} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4C188BFB-BA8A-404F-890E-E174D7B0B2BE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation) Task: {53364C61-7DE2-4175-8358-69B085AAC8C9} - System32\Tasks\Avira_FallbackUpdater => C:\WINDOWS\system32\sc.exe start AviraFallbackUpdater Delayed=false Task: {583E4113-5ECA-48E5-868E-5F207816A51B} - \Opera scheduled assistant Autoupdate 1555587409 -> Brak pliku <==== UWAGA Task: {5D4508EC-FDD5-4097-8469-9A106F72D271} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Odmowa dostępu] Task: {652088CB-1E4A-4200-ADD8-3F96ABC71034} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259912 2023-03-27] (Avira Operations GmbH -> Avira Operations GmbH) Task: {6FE88A9E-C926-4396-815B-3798D57CE99B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114568 2023-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {8247E18D-9834-46EF-9717-4DDDD5D834F1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Odmowa dostępu] Task: {8E08F987-3CBF-48BC-B3CD-CA06A9853FF5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2018-01-20] (Google Inc -> Google Inc.) Task: {933C8A16-7A7D-452D-97D3-D9CC21F1D581} - \Opera scheduled assistant Autoupdate 1569575472 -> Brak pliku <==== UWAGA Task: {96703C52-EE42-46DA-824F-C1A03A00EE7D} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1813544 2023-03-27] (Avira Operations GmbH -> Avira Operations GmbH) Task: {9803EE64-D7AC-4F5D-93DC-75491F4BF625} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9BB862A9-BC18-491C-8125-FFDB70FE62DF} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {AD621B31-D574-4820-B825-0AB1D8AB4911} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-05-10] (Corel Corporation -> Corel Corporation) Task: {AE357E96-ADB6-4648-BC02-4E3E1447EC56} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [4119656 2012-10-02] (Hewlett Packard -> Hewlett-Packard Co.) Task: {B2D80FCD-577B-47E2-943B-0D7B999E98E4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114568 2023-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {BFB8DC43-5ECB-4EBA-B67A-C57C7DDCFF99} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {D03F0724-4AD6-45EB-B44C-D65D7C8273FB} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {D2C89455-2742-4D7F-98D4-C8F11B277C68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2018-01-20] (Google Inc -> Google Inc.) Task: {DB5F86B0-228E-40C8-826D-C2EEDEF79D56} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {DEBE9FE5-866B-4375-A885-291DA6CE8EB6} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-05-10] (Corel Corporation -> Corel Corporation) Task: {E6734FA1-A6BE-4EF4-8442-2BAF9615FD90} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-05-10] (Corel Corporation -> Corel Corporation) Task: {ECDD97CF-AD7F-409D-B320-D03D17F876FB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FEEDCC58-7FB8-4F09-9E2D-3CE8137DF28A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Odmowa dostępu] (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== UWAGA (Ograniczenia - Zones) ProxyServer: [S-1-5-21-292459351-3630904960-2125800452-1001] => localhost:8888 Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{68f11ffe-629b-4f7e-b490-5166150fbafd}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: C:\Users\Domek\Downloads Edge Notifications: HKU\S-1-5-21-292459351-3630904960-2125800452-1001 -> hxxps://womensmethod.com Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\Domek\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-13] Edge DownloadDir: Default -> C:\Users\Domek\Downloads Edge Notifications: Default -> hxxps://afternoonedition.com; hxxps://bezprawnik.pl; hxxps://biznes.interia.pl; hxxps://dorzeczy.pl; hxxps://fakty.interia.pl; hxxps://gotowanie.onet.pl; hxxps://kobieta.interia.pl; hxxps://lawyersfavorite.com; hxxps://paydayville.com; hxxps://plejada.pl; hxxps://womensmethod.com; hxxps://www.interia.pl; hxxps://www.money.pl; hxxps://www.o2.pl; hxxps://www.pomponik.pl; hxxps://www.poradnikzdrowie.pl; hxxps://www.poradyiwskazowki.pl; hxxps://www.styl.pl Edge StartupUrls: Default -> "hxxps://google.pl/" Edge Extension: (Edge relevant text changes) - C:\Users\Domek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-06] Edge Extension: (Antisuppression Reading Bars) - C:\Users\Domek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kebomdjipbhpnlhamgnckhlobfgnabhk [2021-09-29] FireFox: ======== FF DefaultProfile: 45kkexzv.default FF ProfilePath: C:\Users\Domek\AppData\Roaming\Mozilla\Firefox\Profiles\45kkexzv.default [2019-09-05] FF Extension: (Avira Password Manager) - C:\Users\Domek\AppData\Roaming\Mozilla\Firefox\Profiles\45kkexzv.default\Extensions\passwordmanager@avira.com [2019-09-05] FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default [2023-04-10] CHR Notifications: Default -> hxxps://fakty.interia.pl; hxxps://mail.google.com; hxxps://mi-home.pl; hxxps://nt.interia.pl; hxxps://sportowefakty.wp.pl; hxxps://swiatseriali.interia.pl; hxxps://vod.pl; hxxps://wiadomosci.wp.pl; hxxps://www.interia.pl; hxxps://www.money.pl; hxxps://www.o2.pl; hxxps://www.onet.pl; hxxps://www.pkobp.pl; hxxps://www.styl.pl; hxxps://www.wp.pl CHR Extension: (Get cookies.txt) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgaddhkoddajcdgocldbbfleckgcbcid [2023-02-21] CHR Extension: (Video Downloader) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfejhehdhaaeoiahaojjhmjaihjaodcf [2022-09-02] CHR Extension: (Szafir SDK Web) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjalhnomhafafofonpdihihjnbafkipc [2022-06-23] CHR Extension: (Referer Control) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkcfpcejkafcihlgbojoidoihckciin [2021-02-23] CHR Extension: (Searchie) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijegdcaplojfgpabemdbanffncipcknm [2022-03-10] CHR Extension: (Antisuppression Reading Bars) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kebomdjipbhpnlhamgnckhlobfgnabhk [2021-09-29] CHR Extension: (Simple Downloader for Vimeo™) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffmjlddchdccijipncbjhoabgmphjfb [2023-03-27] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02] CHR Extension: (Open Multiple URLs) - C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifijhaokejakekmnjmphonojcfkpbbh [2022-06-09] CHR Profile: C:\Users\Domek\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-11] CHR Profile: C:\Users\Domek\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-11] Opera: ======= OPR Profile: C:\Users\Domek\AppData\Roaming\Opera Software\Opera Stable [2023-04-13] OPR Notifications: Opera Stable -> hxxps://www.ceneo.pl; hxxps://www.skapiec.pl OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.pl/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding} OPR DefaultSearchKeyword: Opera Stable -> g OPR Extension: (Bulk URL Opener) - C:\Users\Domek\AppData\Roaming\Opera Software\Opera Stable\Extensions\aohlmdjhlikgookdbgebjikjmijipnkf [2020-05-17] OPR Extension: (Avira Safe Shopping) - C:\Users\Domek\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2022-04-27] OPR Extension: (Rich Hints Agent) - C:\Users\Domek\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-13] OPR Extension: (Opera Wallet) - C:\Users\Domek\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-03-28] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Domek\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-13] OPR Extension: (Opera AI Prompts) - C:\Users\Domek\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-04-03] OPR Extension: (Avira Password Manager) - C:\Users\Domek\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2023-03-21] OPR Extension: (Multi-links) - C:\Users\Domek\AppData\Roaming\Opera Software\Opera Stable\Extensions\ochefmbcabndfcmfbhgiddmondlagdke [2020-05-17] OPR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\Domek\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2019-09-05] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.) S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6515704 2023-03-15] (Avira Operations GmbH -> Avira Operations GmbH) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [266416 2023-03-27] (Avira Operations GmbH -> Avira Operations GmbH) S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [296432 2023-03-27] (Avira Operations GmbH -> Avira Operations GmbH) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-07] (Microsoft Corporation -> Microsoft Corporation) R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8970104 2023-04-12] (Avira Operations GmbH -> Avira Operations GmbH) S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8970104 2023-04-12] (Avira Operations GmbH -> Avira Operations GmbH) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2023-03-02] (HP Inc. -> HP Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9094440 2023-03-25] (Malwarebytes Inc. -> Malwarebytes) R2 MSSQL$ELFIN; C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELFIN\MSSQL\Binn\sqlservr.exe [62218696 2012-06-29] (Microsoft Corporation -> Microsoft Corporation) S4 SQLAgent$ELFIN; C:\Program Files\Microsoft SQL Server\MSSQL10_50.ELFIN\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-29] (Microsoft Corporation -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-08-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [780328 2019-08-16] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.243\WsAppService.exe [495392 2019-06-13] (Wondershare Technology Co.,Ltd -> Wondershare) R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare) S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ACSSCR; C:\WINDOWS\system32\DRIVERS\a38usb.sys [86880 2018-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.) R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [190712 2023-03-15] (Avira Operations GmbH -> Avira Operations GmbH) R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [263000 2023-01-31] (Avira Operations GmbH -> Avira Operations GmbH) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation -> Microsoft Corporation) S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28632 2023-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH) R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [203120 2023-04-02] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [200048 2023-04-02] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [67272 2023-03-07] (Avira Operations GmbH -> Avira Operations GmbH) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-04-13 02:59 - 2023-04-13 03:02 - 000032748 _____ C:\Users\Domek\Downloads\FRST.txt 2023-04-13 00:29 - 2023-04-13 00:29 - 000057411 _____ C:\Users\Domek\Desktop\Shortcut.txt 2023-04-13 00:14 - 2023-04-13 00:29 - 000057466 _____ C:\Users\Domek\Desktop\Addition.txt 2023-04-13 00:06 - 2023-04-13 00:29 - 000044410 _____ C:\Users\Domek\Desktop\FRST.txt 2023-04-13 00:02 - 2023-04-13 00:03 - 002379776 _____ (Farbar) C:\Users\Domek\Downloads\FRST64.exe 2023-04-12 16:19 - 2023-04-12 16:19 - 000000000 ____D C:\Users\Domek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2023-04-12 16:19 - 2023-04-12 16:19 - 000000000 ____D C:\Users\Domek\AppData\Local\Zoom 2023-04-12 15:37 - 2023-04-12 15:37 - 000000000 ___HD C:\$WinREAgent 2023-04-11 22:32 - 2023-04-11 22:32 - 000018406 _____ C:\Users\Domek\Downloads\Excel_do_obliczania_wartosci_oczekiwanej_wygranej.xlsx 2023-04-08 01:49 - 2023-04-09 02:46 - 000011948 _____ C:\Users\Domek\Desktop\Buki.xlsx 2023-04-03 23:58 - 2023-04-03 23:58 - 000252628 _____ C:\Users\Domek\Downloads\Obciążenie 2023-04.pdf 2023-04-02 16:04 - 2023-04-02 16:04 - 093610234 _____ C:\Users\Domek\Downloads\wetransfer_fumiko-takatsu-ultime-guide-pdf_2023-03-18_1711.zip 2023-04-01 13:40 - 2023-04-01 13:40 - 001003085 _____ C:\Users\Domek\Downloads\Świadectwo_Pracy6.pdf 2023-04-01 13:40 - 2023-04-01 13:40 - 000883984 _____ C:\Users\Domek\Downloads\Świadectwo_Pracy8.pdf 2023-04-01 13:39 - 2023-04-01 13:39 - 000985991 _____ C:\Users\Domek\Downloads\Świadectwo_Pracy4.pdf 2023-04-01 13:34 - 2023-04-01 13:34 - 000857622 _____ C:\Users\Domek\Downloads\Świadectwo ukończenia szkoły.pdf 2023-04-01 13:27 - 2023-04-01 13:27 - 000479158 _____ C:\Users\Domek\Downloads\Dyplom.pdf 2023-04-01 13:27 - 2023-04-01 13:27 - 000406538 _____ C:\Users\Domek\Downloads\Zaświadczenie.pdf 2023-04-01 13:24 - 2023-04-01 13:37 - 001004189 _____ C:\Users\Domek\Downloads\Świadectwo_Pracy1.pdf 2023-04-01 13:20 - 2023-04-01 12:31 - 001005622 _____ C:\Users\Domek\Downloads\Świadectwo_Pracy7.pdf 2023-04-01 12:43 - 2023-04-01 13:28 - 000966214 _____ C:\Users\Domek\Downloads\Świadectwo_Pracy5.pdf 2023-04-01 12:37 - 2023-04-01 13:29 - 000809344 _____ C:\Users\Domek\Downloads\Świadectwo_Pracy3.pdf 2023-04-01 12:31 - 2023-04-01 13:38 - 000866341 _____ C:\Users\Domek\Downloads\Świadectwo_Pracy2.pdf 2023-03-31 15:51 - 2023-03-31 15:51 - 000910947 _____ C:\Users\Domek\Downloads\Dokumenty_Szyfrowane_Plus (2).pdf 2023-03-31 15:51 - 2023-03-31 15:51 - 000619303 _____ C:\Users\Domek\Downloads\Dokumenty_Szyfrowane_Plus (1).pdf 2023-03-31 15:50 - 2023-03-31 15:50 - 000940067 _____ C:\Users\Domek\Downloads\Dokumenty_Szyfrowane_Plus.pdf 2023-03-30 18:00 - 2023-03-30 18:00 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance 2023-03-30 18:00 - 2023-03-30 18:00 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog 2023-03-30 18:00 - 2023-03-30 18:00 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray 2023-03-27 16:18 - 2023-03-27 16:18 - 000283526 _____ C:\Users\Domek\Downloads\pit (23).pdf 2023-03-27 14:41 - 2023-03-27 14:41 - 000252755 _____ C:\Users\Domek\Downloads\pit (22).pdf 2023-03-24 02:31 - 2023-03-24 02:31 - 000160185 _____ C:\Users\Domek\Downloads\plus3.pdf 2023-03-21 20:16 - 2023-03-21 20:16 - 000252634 _____ C:\Users\Domek\Downloads\pit (21).pdf 2023-03-21 19:54 - 2023-03-21 19:54 - 000247938 _____ C:\Users\Domek\Downloads\pit (20).pdf 2023-03-20 19:53 - 2023-03-20 19:53 - 000062774 _____ C:\Users\Domek\Downloads\7681712069_20_2_2023(18_53)_wydruk.pdf 2023-03-20 16:43 - 2023-03-20 16:43 - 000248118 _____ C:\Users\Domek\Downloads\pit (19).pdf 2023-03-18 17:53 - 2023-03-18 17:53 - 000048980 _____ C:\Users\Domek\Downloads\DOK_49103789.pdf 2023-03-16 16:15 - 2023-03-16 16:15 - 000234700 _____ C:\Users\Domek\Downloads\Przedmiot zamówienia_SRMSRM302297_ZOG07_ Przeniesienie szlabanu drogowego typu Bayt 980 z terenu ZP Śląsk na teren ZP Pomorze.pdf 2023-03-16 16:15 - 2023-03-16 16:15 - 000064505 _____ C:\Users\Domek\Downloads\Purchase Order-29829239pl.pdf 2023-03-14 12:49 - 2023-03-14 12:49 - 000050787 _____ C:\Users\Domek\Downloads\7680001490_14_2_2023(11_49)_wydruk.pdf 2023-03-14 12:49 - 2023-03-14 12:49 - 000042240 _____ C:\Users\Domek\Downloads\7680001490_14_2_2023(11_49)_wydruk (1).pdf 2023-03-14 12:44 - 2023-03-14 12:44 - 000050787 _____ C:\Users\Domek\Downloads\7680001490_14_2_2023(11_44)_wydruk.pdf 2023-03-14 12:44 - 2023-03-14 12:44 - 000042240 _____ C:\Users\Domek\Downloads\7680001490_14_2_2023(11_44)_wydruk (1).pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-04-13 03:01 - 2019-09-05 10:32 - 000000000 ____D C:\FRST 2023-04-13 02:57 - 2018-01-20 15:48 - 000000000 ____D C:\ProgramData\NVIDIA 2023-04-13 02:56 - 2020-07-31 00:01 - 001762106 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-04-13 02:56 - 2019-12-07 17:08 - 000781572 _____ C:\WINDOWS\system32\perfh015.dat 2023-04-13 02:56 - 2019-12-07 17:08 - 000151638 _____ C:\WINDOWS\system32\perfc015.dat 2023-04-13 02:56 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2023-04-13 02:55 - 2023-03-09 20:09 - 000000000 ____D C:\Users\Domek\AppData\Local\Discord 2023-04-13 02:55 - 2018-01-20 15:56 - 000000000 ____D C:\Program Files (x86)\Google 2023-04-13 02:54 - 2023-03-09 20:09 - 000000000 ____D C:\Users\Domek\AppData\Roaming\discord 2023-04-13 02:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-04-13 02:51 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-04-13 02:49 - 2020-07-31 00:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-04-13 02:48 - 2020-07-30 23:52 - 000008192 ___SH C:\DumpStack.log.tmp 2023-04-13 02:47 - 2023-02-16 03:20 - 005483048 _____ C:\WINDOWS\system32\rtp.db 2023-04-13 02:47 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-04-13 02:44 - 2020-07-30 23:53 - 000309024 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-04-13 02:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-04-13 01:31 - 2018-01-20 15:56 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-04-13 01:31 - 2018-01-20 15:56 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-04-13 00:32 - 2020-07-30 23:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-04-12 21:01 - 2018-07-20 10:55 - 000000000 ____D C:\Users\Domek\AppData\Local\D3DSCache 2023-04-12 17:14 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-04-12 17:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-04-12 16:56 - 2020-07-30 23:57 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-04-12 16:19 - 2021-09-16 23:56 - 000000000 ____D C:\Users\Domek\AppData\Roaming\Zoom 2023-04-12 15:31 - 2018-02-09 23:20 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-04-12 15:29 - 2020-06-10 12:02 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-04-12 15:29 - 2020-06-10 12:02 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-04-12 15:25 - 2022-10-13 22:58 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2023-04-12 15:25 - 2022-10-13 22:58 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk 2023-04-12 15:22 - 2018-02-09 23:19 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-04-11 23:13 - 2019-08-22 13:12 - 000000000 ____D C:\Users\Domek\Desktop\Shouder&Hip_Blueprint 2023-04-11 22:33 - 2018-02-23 17:29 - 000000000 ____D C:\Users\Domek\AppData\Local\Packages 2023-04-11 16:23 - 2020-07-31 00:22 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-04-11 16:17 - 2020-07-31 00:22 - 000003864 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2023-04-11 16:16 - 2020-07-31 00:22 - 000003740 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2023-04-07 23:26 - 2021-12-13 16:28 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-292459351-3630904960-2125800452-1001 2023-04-07 23:26 - 2020-07-31 00:22 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-292459351-3630904960-2125800452-1001 2023-04-07 23:26 - 2020-07-30 22:45 - 000002423 _____ C:\Users\Domek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-04-07 23:19 - 2018-11-09 15:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2023-04-07 15:40 - 2021-10-19 14:57 - 000001389 _____ C:\Users\Domek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2023-04-07 15:40 - 2020-07-31 00:22 - 000004248 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1567707967 2023-04-06 15:33 - 2019-05-22 20:52 - 000000000 ____D C:\Users\Domek\Documents\Mała firma 2023-04-05 18:02 - 2023-01-08 17:25 - 000000000 ____D C:\Users\Domek\Documents\WIBIS 2023 2023-04-04 16:38 - 2020-03-18 22:03 - 000000000 ____D C:\Users\Domek\Desktop\Dokumenty 2023-04-04 01:50 - 2020-07-31 00:22 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-04-04 01:50 - 2020-07-31 00:22 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-04-02 17:52 - 2022-06-29 12:10 - 000203120 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys 2023-04-02 17:52 - 2022-06-29 12:10 - 000200048 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys 2023-03-30 18:00 - 2021-04-16 19:33 - 000001078 _____ C:\Users\Public\Desktop\Avira.lnk 2023-03-30 18:00 - 2020-11-26 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2023-03-30 18:00 - 2020-07-31 00:22 - 000003478 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update 2023-03-24 17:49 - 2018-02-22 20:05 - 000000000 ____D C:\Users\Domek\AppData\Local\CrashDumps 2023-03-24 13:43 - 2023-03-09 20:09 - 000002227 _____ C:\Users\Domek\Desktop\Discord.lnk 2023-03-24 13:43 - 2022-06-29 12:10 - 000028632 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_elam.sys 2023-03-23 19:53 - 2022-01-13 20:03 - 000000000 ____D C:\Users\Domek\Documents\WIBIS 2022 2023-03-15 17:52 - 2022-06-29 12:10 - 000190712 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\BdNet.sys 2023-03-15 14:04 - 2022-12-17 16:05 - 000003706 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater ==================== FLock ============================== 2018-02-09 23:21 C:\WINDOWS\UpdateAssistant ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================