Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 06.04.2024 01 Uruchomiony przez Baza (administrator) ARKA (07-04-2024 19:27:40) Uruchomiony z C:\Users\Baza\Downloads\FRST64.exe Załadowane profile: Baza & DevToolsUser Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.2251 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (explorer.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\OSCAR Editor X7\OSCAR Editor X7\OscarEditor.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Baza\AppData\Local\Microsoft\BingSvc\BingSvc.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Baza\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe (services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\sshd.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe (services.exe ->) (Microsoft) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe (services.exe ->) (Microsoft) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [85928 2020-11-03] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2017-04-05] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3140608 2021-01-29] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3588608 2021-04-02] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKU\S-1-5-21-3938486455-4291143557-1419522551-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor X7\OSCAR Editor X7\OscarEditor.exe [5861376 2015-04-27] () [Brak podpisu cyfrowego] HKU\S-1-5-21-3938486455-4291143557-1419522551-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45285792 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3938486455-4291143557-1419522551-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3938486455-4291143557-1419522551-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-3938486455-4291143557-1419522551-1001\...\Run: [MicrosoftEdgeAutoLaunch_A028EBF83B476E3C95C7A0AD1A070DCC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063784 2024-04-04] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3938486455-4291143557-1419522551-1001\...\Run: [BingSvc] => C:\Users\Baza\AppData\Local\Microsoft\BingSvc\BingSvc.exe [6669856 2024-01-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3938486455-4291143557-1419522551-1001\...\Run: [BingWallpaperApp] => C:\Users\Baza\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [14046648 2024-01-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3938486455-4291143557-1419522551-1001\...\MountPoints2: {82b80764-5d51-11ed-8570-002215a0f971} - "D:\autorun.exe" HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2022-10-02] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\chrmstp.exe [2024-04-05] (Google LLC -> Google LLC) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {6ED5E81E-F5EB-4169-A6F9-1A72EDDBFD32} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {EA1801FE-F739-4A58-B67D-74FC916E7487} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "b08b23f3-a1cc-4faa-9ae0-ef12897f08dd" --version "6.22.10977" --silent Task: {3FDF00CB-6EC8-4183-8EFF-90F219814064} - System32\Tasks\CCleanerSkipUAC - Baza => C:\Program Files\CCleaner\CCleaner.exe [39024544 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {1581F69D-DE62-45EB-8A92-BBA77D5AB0AE} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [3834384 2024-01-24] (Corel Corporation -> Corel Corporation) Task: {93772CD6-C848-4F19-A338-58821EDD39DA} - System32\Tasks\CorelUpdateHelperTask-DDF9C79F1D6011BF416EAD7D1F670779 => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [3834384 2024-01-24] (Corel Corporation -> Corel Corporation) Task: {99D1D140-C323-449B-8141-D2333D298AE5} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{FD3555E4-C3EF-4E3E-A78F-C6FDF280B813} => C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC) Task: {93817A13-FE9B-4CBD-AB3E-96D74D5E98FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4436749D-CF01-4BCB-AA25-56CB52B0DD02} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B5B87A8D-39F6-4C33-97F7-1B52A4FF9252} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4C7D4B50-4901-47B9-90DB-EA8B1AD473E2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{851f62b2-57e3-45a9-a798-944f5abca208}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{851f62b2-57e3-45a9-a798-944f5abca208}: [DhcpDomain] home Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Baza\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-07] Edge Extension: (Dokumenty Google offline) - C:\Users\Baza\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-02] Edge Extension: (Bitdefender Password Manager) - C:\Users\Baza\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hjiaiapigbnlahicmcacnmhfckgjdgbl [2023-12-09] Edge Extension: (Edge relevant text changes) - C:\Users\Baza\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26] FireFox: ======== FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2022-11-26] (Adobe Systems Incorporated -> ) Chrome: ======= CHR DefaultProfile: Profile 6 CHR Profile: C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-15] CHR Profile: C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-04-07] CHR Notifications: Profile 6 -> hxxps://www.youtube.com CHR StartupUrls: Profile 6 -> "hxxp://istart.webssearches.com/?type=hp&ts=1404513516&from=amt&uid=TOSHIBAXMK5055GSX_79RJS13JSXX79RJS13JS","hxxps://start.allianz.pl/","hxxps://www.google.pl/" CHR Session Restore: Profile 6 -> [funkcja włączona] CHR Extension: (TooManyTabs for Chrome) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2022-11-23] CHR Extension: (Turn Off the Lights) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2023-12-08] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-04-03] CHR Extension: (OneTab) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2023-12-08] CHR Extension: (BlockSite: Block Websites & Stay Focused) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2024-02-11] CHR Extension: (Readium) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2022-11-23] CHR Extension: (EditThisCookie) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2022-11-23] CHR Extension: (Dokumenty Google offline) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-17] CHR Extension: (Szafir SDK Web) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gjalhnomhafafofonpdihihjnbafkipc [2022-11-23] CHR Extension: (Redaktor Microsoft: sprawdzanie pisowni i gramatyki) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2024-02-03] CHR Extension: (Bitdefender Password Manager) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ibkoenhablealnikeefmjineccmgegmh [2024-03-09] CHR Extension: (Kopiowanie i wklejanie w aplikacjach Office Online) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2022-11-23] CHR Extension: (Disconnect) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2022-11-23] CHR Extension: (EPUBReader) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2022-11-23] CHR Extension: (Chrome Notes) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lnfempckkegmaeleniojhjplemmebgfi [2023-12-08] CHR Extension: (Mailtrack i Mail Merge dla Gmaila) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2024-04-02] CHR Extension: (Edytor PDF w Internecie) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\njbdnibcpdbppaidpkopicbkgnbnkkhi [2024-02-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-22] CHR Extension: (WiseStamp email signature) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pbcgnkmbeodkmiijjfnliicelkjfcldg [2024-03-21] CHR Extension: (SiteBlock) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj [2022-11-23] CHR Extension: (Speedtest by Ookla) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2023-12-08] CHR Extension: (Unfollow everyone on facebook with one click) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pijkodjelolnmbehifeokihlodnajela [2022-11-23] CHR Extension: (Click to start / stop recording) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjnefijmagpdjfhhkpljicbbpicelgko [2024-03-21] CHR Profile: C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 7 [2024-03-27] CHR Extension: (Dokumenty Google offline) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-25] CHR Profile: C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 8 [2024-03-15] CHR Session Restore: Profile 8 -> [funkcja włączona] CHR Extension: (Bitdefender Wallet) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2022-11-26] CHR Extension: (Dokumenty Google offline) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-26] CHR Extension: (Zoom) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2022-11-26] CHR Extension: (Anti-tracker Bitdefender) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2023-12-18] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-26] CHR Extension: (WiseStamp email signature) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pbcgnkmbeodkmiijjfnliicelkjfcldg [2024-02-11] CHR Profile: C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 9 [2024-04-04] CHR Session Restore: Profile 9 -> [funkcja włączona] CHR Extension: (Dokumenty Google offline) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Baza\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-25] CHR Profile: C:\Users\Baza\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-25] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ArmouryLiveUpdate; C:\Windows\System32\DriverStore\FileRepository\rogms.inf_amd64_94d9766656ff6011\ArmouryLiveUpdate.exe [576216 2021-08-30] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [681832 2024-03-22] (ASUSTeK COMPUTER INC. -> ASUS) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [320000 2021-01-29] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1081248 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-08-18] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2350048 2023-12-08] (GOG sp. z o.o -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-12-08] (GOG sp. z o.o -> GOG.com) S2 GoogleUpdaterInternalService125.0.6386.0; C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC) S2 GoogleUpdaterService125.0.6386.0; C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-08-22] (HP Inc. -> HP Inc.) R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2022-05-24] (Microsoft) [Brak podpisu cyfrowego] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19968 2022-05-24] (Microsoft) [Brak podpisu cyfrowego] S4 BDSafepaySrv; "C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe" "settings/services/configs/bdsafepaysrv_config.json" [X] R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [68376 2024-03-11] (FinalWire Kft. -> ) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 HWiNFO_160; C:\Windows\system32\drivers\HWiNFO64A_160.SYS [64536 2021-08-15] (Martin Malik - REALiX -> REALiX(tm)) R3 int0800; C:\Windows\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation) R3 L1E; C:\Windows\System32\drivers\L1E62x64.sys [59904 2019-12-07] (Microsoft Windows -> Atheros Communications, Inc.) R3 ROGMS; C:\Windows\System32\DriverStore\FileRepository\rogms.inf_amd64_94d9766656ff6011\ROGMS.sys [33184 2021-08-30] (ASUSTeK Computer Inc. -> ) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> ) S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2021-04-09] (Microsoft Corporation) [Brak podpisu cyfrowego] R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation) S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-04-07 19:25 - 2024-04-07 19:28 - 000022692 _____ C:\Users\Baza\Downloads\FRST.txt 2024-04-07 19:06 - 2024-04-07 19:28 - 000000000 ____D C:\FRST 2024-04-07 19:05 - 2024-04-07 19:05 - 002393600 _____ (Farbar) C:\Users\Baza\Downloads\FRST64.exe 2024-04-07 18:38 - 2024-04-07 18:38 - 000000000 ___HD C:\$Windows.~WS 2024-04-07 18:38 - 2024-04-07 18:38 - 000000000 ____D C:\$WINDOWS.~BT 2024-04-07 18:27 - 2024-04-07 18:27 - 000000000 ___HD C:\OneDriveTemp 2024-04-07 18:16 - 2024-04-07 18:16 - 000001034 _____ C:\Users\Baza\Desktop\spwaw Megacamps.lnk 2024-04-07 14:26 - 2024-04-07 14:26 - 000001269 _____ C:\Users\Baza\Desktop\Steel Panthers World At War Generals Edition — skrót .lnk 2024-04-07 14:26 - 2024-04-07 14:26 - 000001087 _____ C:\Users\Baza\Desktop\SPWaW 2016 + — skrót .lnk 2024-04-07 14:19 - 2024-04-07 14:19 - 000000000 ___HD C:\$WinREAgent 2024-04-06 22:51 - 2024-04-06 22:51 - 000840980 _____ C:\Windows\Minidump\040624-8546-01.dmp 2024-04-06 22:00 - 2024-04-06 22:00 - 000002223 _____ C:\Users\Public\Desktop\SPWaW Field Manual .lnk 2024-04-06 22:00 - 2024-04-06 22:00 - 000002206 _____ C:\Users\Public\Desktop\MATRIX Manual.lnk 2024-04-06 22:00 - 2024-04-06 22:00 - 000001784 _____ C:\Users\Public\Desktop\SPWaW.lnk 2024-04-06 22:00 - 2024-04-06 22:00 - 000001178 _____ C:\Users\Public\Desktop\Mr.Find.lnk 2024-04-06 22:00 - 2024-04-06 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Depot 2024-04-06 21:56 - 2024-04-06 21:56 - 000000000 ____D C:\The Depot 2024-04-06 20:59 - 2024-04-06 20:59 - 000001981 _____ C:\Users\Baza\Desktop\Steel Panthers World at War General's Edition Game Menu.lnk 2024-04-06 20:59 - 2024-04-06 20:59 - 000000000 ____D C:\Users\Baza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steel Panthers World At War Generals Edition 2024-04-05 22:44 - 2024-04-06 22:51 - 597140447 _____ C:\Windows\MEMORY.DMP 2024-04-05 22:44 - 2024-04-05 22:44 - 000842308 _____ C:\Windows\Minidump\040524-8546-01.dmp 2024-04-05 22:35 - 2024-04-05 22:36 - 060017233 _____ C:\Users\Baza\Downloads\Enhanced FR Scenarios and Campaigns.zip 2024-04-05 22:24 - 2024-04-05 22:29 - 787002651 _____ (The Depot) C:\Users\Baza\Downloads\ENH-FR Full Install.exe 2024-04-05 22:24 - 2024-04-05 22:26 - 787002651 _____ (The Depot) C:\Users\Baza\Downloads\Niepotwierdzony 758773.crdownload 2024-04-05 22:19 - 2024-04-07 18:22 - 000000000 ____D C:\Matrix Games 2024-04-05 22:19 - 2024-04-05 22:19 - 000000000 ____D C:\Windows\Steel Panthers World At War Generals Edition 2024-04-05 22:17 - 2024-04-06 20:59 - 003575323 _____ C:\Windows\Steel Panthers World At War Generals Edition Setup Log.txt 2024-04-04 08:36 - 2024-04-04 08:36 - 000048889 _____ C:\Users\Baza\Downloads\umowa_orsy_kth_2024-03-28.pdf 2024-04-04 08:36 - 2024-04-04 08:36 - 000022378 _____ C:\Users\Baza\Downloads\umowa_orsy_kth_zalacznik__2024-03-28.pdf 2024-04-03 21:54 - 2024-04-06 23:55 - 000003434 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTask-DDF9C79F1D6011BF416EAD7D1F670779 2024-03-26 17:49 - 2024-03-26 17:49 - 000337265 _____ C:\Users\Baza\Downloads\Alarm Lista_25.03.2024_Regiony.xlsx 2024-03-26 16:06 - 2024-03-26 16:06 - 000095625 _____ C:\Users\Baza\Downloads\OFERTA 0132337388 ROBERT BOSCH SP. Z O.O. (1).PDF 2024-03-26 15:58 - 2024-03-26 15:58 - 000095625 _____ C:\Users\Baza\Downloads\OFERTA 0132337388 ROBERT BOSCH SP. Z O.O..PDF 2024-03-22 17:37 - 2024-03-22 17:37 - 000000000 ____D C:\Users\Baza\AppData\Local\ArmouryLiveUpdate 2024-03-22 17:37 - 2024-03-22 17:37 - 000000000 ____D C:\Users\Baza\AppData\Local\AcLoader 2024-03-22 17:37 - 2024-03-22 17:37 - 000000000 ____D C:\ProgramData\ASUS 2024-03-22 17:37 - 2024-03-22 17:37 - 000000000 ____D C:\Program Files (x86)\ASUS 2024-03-22 13:29 - 2024-03-22 13:29 - 001439146 _____ C:\Users\Baza\Downloads\MDK 2024 - Nysa - Biskupów - 22.03.2024.pdf 2024-03-19 10:59 - 2024-03-19 10:59 - 000000000 ____D C:\ProgramData\Piriform 2024-03-19 10:59 - 2024-03-19 10:59 - 000000000 ____D C:\ProgramData\Norton 2024-03-15 21:29 - 2024-03-15 21:29 - 000512523 _____ C:\Users\Baza\Documents\pistolet.rbxl 2024-03-14 22:50 - 2024-03-14 22:50 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2024-03-14 22:50 - 2024-03-14 22:50 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2024-03-13 14:14 - 2024-03-13 14:14 - 000001252 _____ C:\Users\Baza\Desktop\AIDA64 Extreme.lnk 2024-03-13 14:14 - 2024-03-13 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire 2024-03-13 14:13 - 2024-03-13 14:13 - 000000000 ____D C:\Program Files (x86)\FinalWire 2024-03-13 14:08 - 2024-03-13 14:08 - 068877624 _____ (FinalWire Ltd. ) C:\Users\Baza\Downloads\aida64extreme720.exe 2024-03-13 14:07 - 2024-03-13 14:07 - 000110660 _____ C:\ProgramData\vpn.uninstall.1710331547.bdinstall.v2.bin 2024-03-13 14:07 - 2024-03-13 14:07 - 000083920 _____ C:\ProgramData\agent.uninstall.1710331647.bdinstall.v2.bin 2024-03-13 14:06 - 2024-03-13 14:07 - 000001179 _____ C:\Users\Baza\Desktop\EVEREST Home Edition.lnk 2024-03-13 14:06 - 2024-03-13 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys 2024-03-13 14:06 - 2024-03-13 14:06 - 000000000 ____D C:\Program Files (x86)\Lavalys 2024-03-13 14:05 - 2024-03-13 14:05 - 004179293 _____ (Lavalys, Inc. ) C:\Users\Baza\Downloads\everesthome220(dobreprogramy.pl).exe 2024-03-12 21:53 - 2024-03-12 21:53 - 000000000 ____D C:\Users\Baza\Documents\zrzuty steam 2024-03-10 00:01 - 2024-03-10 00:01 - 000457348 _____ C:\ProgramData\cl.uninstall.1710021625.bdinstall.v2.bin ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-04-07 19:25 - 2021-08-06 16:40 - 000000000 ___RD C:\Users\Baza\OneDrive 2024-04-07 19:24 - 2021-08-06 16:41 - 000000000 ____D C:\ProgramData\NVIDIA 2024-04-07 19:24 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-04-07 19:22 - 2021-08-06 16:27 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-04-07 19:22 - 2021-08-06 16:25 - 000008192 ___SH C:\DumpStack.log.tmp 2024-04-07 19:22 - 2021-04-09 15:54 - 000000000 ____D C:\ProgramData\ssh 2024-04-07 19:21 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI 2024-04-07 19:15 - 2021-08-06 16:40 - 001768984 _____ C:\Windows\system32\PerfStringBackup.INI 2024-04-07 19:15 - 2019-12-07 17:09 - 000784578 _____ C:\Windows\system32\perfh015.dat 2024-04-07 19:15 - 2019-12-07 17:09 - 000152474 _____ C:\Windows\system32\perfc015.dat 2024-04-07 19:15 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2024-04-07 18:38 - 2021-08-06 17:24 - 000000000 ____D C:\Windows\Panther 2024-04-07 18:19 - 2021-08-06 16:39 - 000000000 ____D C:\Users\Baza\AppData\Local\Packages 2024-04-07 14:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-04-07 14:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2024-04-07 14:29 - 2023-06-03 19:08 - 000000000 ____D C:\Log 2024-04-07 00:23 - 2021-08-06 16:38 - 000000000 ____D C:\Users\Baza 2024-04-06 23:08 - 2022-12-13 01:03 - 000000000 ____D C:\Users\Baza\AppData\Local\CrashDumps 2024-04-06 23:00 - 2021-08-06 16:39 - 000000000 ____D C:\Users\Baza\AppData\Local\D3DSCache 2024-04-06 22:52 - 2022-09-10 00:56 - 000000000 ____D C:\Windows\Minidump 2024-04-06 22:51 - 2021-08-06 16:25 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-04-06 20:12 - 2021-08-06 16:27 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-04-06 20:12 - 2021-08-06 16:27 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-04-05 22:35 - 2021-08-06 19:05 - 000000000 ____D C:\Users\Baza\AppData\Local\WarThunder 2024-04-05 21:49 - 2022-02-16 21:44 - 000000000 ____D C:\Windows\SystemTemp 2024-04-05 21:49 - 2021-08-06 16:45 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-04-05 21:49 - 2021-08-06 16:45 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-04-04 00:07 - 2021-08-06 22:42 - 000000000 ____D C:\Program Files (x86)\Steam 2024-04-03 21:51 - 2021-08-06 16:27 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-04-03 21:51 - 2021-08-06 16:27 - 000003442 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-04-03 00:04 - 2022-12-13 01:03 - 000001507 _____ C:\Users\Baza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk 2024-04-03 00:04 - 2021-08-06 20:34 - 000000000 ____D C:\Users\Baza\AppData\Local\NVIDIA Corporation 2024-04-02 22:48 - 2022-11-21 15:54 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3938486455-4291143557-1419522551-1001 2024-04-02 22:48 - 2021-08-06 16:40 - 000003356 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3938486455-4291143557-1419522551-1001 2024-04-02 22:48 - 2021-08-06 16:38 - 000002458 _____ C:\Users\Baza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-04-02 22:40 - 2022-11-08 21:47 - 000000000 ____D C:\Program Files (x86)\Corel 2024-03-21 00:54 - 2022-11-21 11:53 - 000000000 ____D C:\Program Files\Bitdefender 2024-03-21 00:54 - 2022-10-01 22:49 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2024-03-21 00:54 - 2021-08-06 21:20 - 000000000 ____D C:\Program Files\CCleaner 2024-03-20 20:47 - 2021-08-06 21:20 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update 2024-03-19 17:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\catroot2.bak 2024-03-19 10:58 - 2022-10-26 02:02 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2024-03-15 20:32 - 2024-02-29 20:40 - 000000258 _____ C:\Users\Baza\AppData\LocalLow\rbxcsettings.rbx 2024-03-15 20:31 - 2024-02-11 13:18 - 000001428 _____ C:\Users\Baza\Desktop\Roblox Studio.lnk 2024-03-15 20:31 - 2024-02-11 13:18 - 000000000 ____D C:\Users\Baza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2024-03-15 17:28 - 2021-08-12 22:10 - 000000000 ____D C:\Users\Baza\AppData\Roaming\discord 2024-03-14 22:59 - 2021-08-06 21:23 - 000000000 ____D C:\Windows\system32\MRT 2024-03-14 22:53 - 2021-08-06 21:23 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-03-14 22:50 - 2021-08-06 16:45 - 000000000 ____D C:\Program Files\Google 2024-03-13 16:06 - 2021-08-06 17:28 - 000000000 ____D C:\Users\Baza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-03-13 15:32 - 2021-08-06 16:27 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-03-13 13:38 - 2021-08-06 23:17 - 000000000 ____D C:\Users\Baza\AppData\Roaming\paradox-launcher-v2 2024-03-10 00:02 - 2019-12-07 11:03 - 000065536 _____ C:\Windows\system32\config\ELAM 2024-03-10 00:01 - 2022-11-21 11:53 - 000000000 ____D C:\ProgramData\Bitdefender 2024-03-10 00:01 - 2021-08-06 18:46 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2024-03-08 23:38 - 2022-11-14 11:35 - 000000000 ____D C:\Program Files\RUXIM ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================