Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 09-11-2024 Uruchomiony przez lukas (administrator) LAPTOP-D6LHD299 (HUAWEI MRC-WX0) (09-11-2024 13:40:21) Uruchomiony z C:\Users\lukas\Downloads\FRST64.exe Załadowane profile: lukas Platforma: Microsoft Windows 10 Home Wersja 22H2 19045.5011 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <5> (bookingDesktopApp.) [Brak podpisu cyfrowego] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe <9> (C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2> (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (C:\Program Files\Huawei\HwOsd\OSDMainService.exe ->) (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] C:\Program Files\Huawei\HwOsd\OSDListener.exe (C:\Program Files\Huawei\PCManager\MateBookService.exe ->) (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe (C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\EPP\rsHelper.exe (explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe (explorer.exe ->) (GN Hearing A/S -> GN Hearing) C:\Program Files (x86)\GN ReSound\FSW Notify\FSNotify.exe (explorer.exe ->) (GN Otometrics) [Brak podpisu cyfrowego] C:\Program Files (x86)\HI-PRO\HiProTrayApp.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <65> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <5> (explorer.exe ->) (Starkey Hearing Technologies -> Starkey Laboratories, Inc) C:\Program Files (x86)\Starkey Laboratories\Updater\ServiceManager.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_229b2ccba478410e\igfxEM.exe (Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10> (Microsoft Windows -> Microsoft Corporation) C:\Users\lukas\AppData\Local\Temp\0D679D8F-53C8-434B-9034-3F47CCE40AC7\DismHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Reason Cybersecurity Inc. -> Reason Cybersecurity Ltd.) C:\Program Files\ReasonLabs\Common\Client\v1.0.7\rsAppUI.exe <5> (Reason Cybersecurity Inc. -> Reason Cybersecurity Ltd.) C:\Program Files\ReasonLabs\Common\Client\v1.6.0\rsAppUI.exe <10> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe (services.exe ->) (GN Otometrics) [Brak podpisu cyfrowego] C:\Program Files (x86)\HI-PRO\HiProMonitorService.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] C:\Program Files\Huawei\HwOsd\OSDMainService.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] C:\Program Files\Huawei\PCManager\MateBookService.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> Microsoft) C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0a3294d3216a4a83\jhi_service.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_229b2ccba478410e\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_229b2ccba478410e\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_229b2ccba478410e\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_df0bea5643beeb1b\aesm_service.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Cybersecurity Ltd.) C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\EPP\rsClientSvc.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\EPP\rsWSC.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\VPN\rsVPNClientSvc.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\VPN\rsVPNSvc.exe (services.exe ->) (Starkey Hearing Technologies -> ) C:\Program Files (x86)\Starkey Laboratories\Inspire OS\InspireUpdaterSDK.exe (services.exe ->) (Starkey Hearing Technologies -> Microsoft) C:\Program Files (x86)\Starkey Laboratories\Inspire OS\Starkey.InspireSupport.Service.exe (services.exe ->) (Starkey Hearing Technologies -> Starkey Laboratories) C:\Program Files (x86)\Starkey Laboratories\Updater\WindowsService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2409.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\lukas\AppData\Local\Microsoft\OneDrive\24.201.1006.0005\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388424 2018-02-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488840 2018-02-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488840 2018-02-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [APP] => C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe [963376 2018-02-01] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [427304 2024-10-17] (Avast Software s.r.o. -> Gen Digital Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKU\S-1-5-21-95721451-2744450280-1209282378-1001\...\Run: [FreeYouTubeDownloader] => C:\Program Files\YouTube Downloader\YouTubeDownloader.exe [2032128 2020-07-28] (Vitzo Ltd.) [Brak podpisu cyfrowego] HKU\S-1-5-21-95721451-2744450280-1209282378-1001\...\Run: [MicrosoftEdgeAutoLaunch_4673EA686870A11B2CD74C228BB15D2C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3856424 2024-10-31] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-95721451-2744450280-1209282378-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\lukas\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Brak pliku) HKU\S-1-5-21-95721451-2744450280-1209282378-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\lukas\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Brak pliku) HKU\S-1-5-21-95721451-2744450280-1209282378-1001\...\RunOnce: [Uninstall 24.196.0929.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lukas\AppData\Local\Microsoft\OneDrive\24.196.0929.0005" [0 2024-11-07] () <==== UWAGA [zerobajtowy plik/folder] HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\130.0.6723.117\Installer\chrmstp.exe [2024-11-09] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GN Notifications.lnk [2023-06-05] ShortcutTarget: GN Notifications.lnk -> C:\Program Files (x86)\GN ReSound\FSW Notify\FSNotify.exe (GN Hearing A/S -> GN Hearing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HI-PRO Monitor.lnk [2023-06-05] ShortcutTarget: HI-PRO Monitor.lnk -> C:\Program Files (x86)\HI-PRO\HiProTrayApp.exe (GN Otometrics) [Brak podpisu cyfrowego] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inspire Updater.lnk [2019-09-25] ShortcutTarget: Inspire Updater.lnk -> C:\Program Files (x86)\Starkey Laboratories\Updater\ServiceManager.exe (Starkey Hearing Technologies -> Starkey Laboratories, Inc) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {9F9F8F83-CCDB-42DB-9861-27CE56D9DD5E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.) Task: {4F1C253F-B7DD-45E1-83F4-0550044BEC90} - System32\Tasks\App Explorer => C:\Users\lukas\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7239576 2017-09-18] (SweetLabs Inc. -> SweetLabs, Inc) <==== UWAGA Task: {89F25131-B769-44C7-B28B-1AD12E338D0B} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8199464 2024-10-08] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {34DA46F6-9CA8-48FB-97A7-0E556F1EAAAA} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5205800 2024-10-17] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {10AFD91C-E864-4388-823D-888D9979AA14} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-03] (Avast Software s.r.o. -> Avast Software) Task: {BD453A7A-D826-4AFA-AA14-0B9F182498A0} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-10-11] (bookingDesktopApp.) [Brak podpisu cyfrowego] Task: {310C2918-0994-4D27-9595-47B1AEB9EC09} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-10-11] (bookingDesktopApp.) [Brak podpisu cyfrowego] Task: {0356385C-B278-4B13-A63D-1DB0F6DF45D3} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{F070C816-33FF-4219-AA5A-062177B6A46A} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC) Task: {C7FF89B1-B52B-4DDD-A4C7-1A80854BCE83} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28643008 2024-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {7CB8D5A1-3FAD-4611-B3CD-080239A955B4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28643008 2024-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {60431536-1398-4AF3-9BCC-D7D18A91CCE0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312464 2024-11-02] (Microsoft Corporation -> Microsoft Corporation) Task: {00AE620D-2FA9-477A-AC00-06C4F5891335} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312464 2024-11-02] (Microsoft Corporation -> Microsoft Corporation) Task: {76BCAB70-17CD-4210-BBDE-1B24D0DC88CE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187600 2024-11-02] (Microsoft Corporation -> Microsoft Corporation) Task: {BDE69EC1-6E60-4B51-B84F-906C35F98BB9} - System32\Tasks\Opera scheduled assistant Autoupdate 1604349007 => C:\Users\lukas\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\lukas\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {3CD2C910-FF98-4735-A587-61D4C69372D2} - System32\Tasks\Opera scheduled Autoupdate 1604348927 => C:\Users\lukas\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Brak pliku) Task: {B55AFB9F-48A7-48B5-A3E6-809B7623C732} - System32\Tasks\Opera scheduled Autoupdate 1682667023 => C:\Users\lukas\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Brak pliku) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.237.182 Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}: [DhcpNameServer] 192.168.237.182 Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\14355535F55374: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\255646D69602E4F64756021303: [DhcpNameServer] 192.168.187.61 Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\4405F584F647F53507F647: [DhcpNameServer] 208.67.220.123 208.67.222.123 Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\7596D26496D21353939323: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\D46423833365D2436313430314: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\D4965637A7B616E69656F53333: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\D4965637A7B616E69656F53333: [DhcpDomain] Dlink Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\D4965637A7B616E69656F53333F5537486A7: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\D4965637A7B616E69656F53333F5537486A7: [DhcpDomain] Dlink Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\D4B4E45445F5235323: [DhcpNameServer] 192.168.10.1 Tcpip\..\Interfaces\{4ccca0a8-45fe-4a4e-8286-4f47e7c9fd77}\D4B4E45445F5235323: [DhcpDomain] www.tendawifi.com Tcpip\..\Interfaces\{6eee0195-b6b2-4f39-ae6a-7ee252fb7e98}: [DhcpNameServer] 40.40.1.11 Tcpip\..\Interfaces\{ba548c4a-9a2c-4a96-b3f3-fae6a5a6cf35}: [DhcpNameServer] 10.0.101.2 10.0.101.3 10.0.101.4 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-09] Edge DownloadDir: Default -> C:\Users\lukas\Downloads Edge Extension: (Authenticator\n) - C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-08-30] Edge Extension: (Off The Record History) - C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\djbaolpiihkcmmfjnjdmomeeheldhhdp [2023-06-04] Edge Extension: (Dokumenty Google offline) - C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-25] Edge Extension: (Edge relevant text changes) - C:\Users\lukas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-22] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-10-11] (bookingDesktopApp.) [Brak podpisu cyfrowego] FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-10-11] (bookingDesktopApp.) [Brak podpisu cyfrowego] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default [2024-11-09] CHR Notifications: Default -> hxxps://inpost.pl; hxxps://intrucks.com; hxxps://www.oferteo.pl CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Authenticator\n) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-09-01] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-11-02] CHR Extension: (Off The Record History) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\djbaolpiihkcmmfjnjdmomeeheldhhdp [2023-06-04] CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-10-25] CHR Extension: (Dokumenty Google offline) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-31] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10] CHR Profile: C:\Users\lukas\AppData\Local\Google\Chrome\User Data\System Profile [2023-04-28] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKU\S-1-5-21-95721451-2744450280-1209282378-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] Opera: ======= OPR Profile: C:\Users\lukas\AppData\Roaming\Opera Software\Opera Stable [2023-04-28] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\lukas\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-04-28] OPR Extension: (Amazon Assistant Promotion) - C:\Users\lukas\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-04-28] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7261480 2024-10-17] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [774952 2024-10-17] (Avast Software s.r.o. -> Gen Digital Inc.) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1221416 2024-10-17] (Avast Software s.r.o. -> Gen Digital Inc.) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-08-19] (Avast Software s.r.o. -> AVAST Software) S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-10-11] (bookingDesktopApp.) [Brak podpisu cyfrowego] S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-10-11] (bookingDesktopApp.) [Brak podpisu cyfrowego] R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13650648 2024-10-27] (Microsoft Corporation -> Microsoft Corporation) R2 Dolby DAX API Service; C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe [212784 2017-09-19] (Dolby Laboratories, Inc. -> ) R2 HiProMonitor; C:\Program Files (x86)\HI-PRO\HiProMonitorService.exe [24064 2013-03-14] (GN Otometrics) [Brak podpisu cyfrowego] R2 ImDskSvc; C:\Windows\system32\imdsksvc.exe [19552 2015-12-15] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist) R2 Inspire Updater Service; C:\Program Files (x86)\Starkey Laboratories\Updater\WindowsService.exe [94208 2017-02-06] (Starkey Hearing Technologies -> Starkey Laboratories) R2 InspireSupportService; C:\Program Files (x86)\Starkey Laboratories\Inspire OS\Starkey.InspireSupport.Service.exe [45072 2017-02-06] (Starkey Hearing Technologies -> Microsoft) R2 LCD_Service; C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe [24528 2018-03-22] (Huawei Technologies Co., Ltd. -> Microsoft) R2 MBAMainService; C:\Program Files\Huawei\PCManager\MateBookService.exe [890696 2018-04-20] (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [923064 2024-10-30] (McAfee, LLC -> McAfee, LLC) S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 OSDMainService; C:\Program Files\Huawei\HwOsd\OSDMainService.exe [166216 2018-04-20] (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] S2 PatientBaseSyncService; C:\Program Files (x86)\Starkey Laboratories\Inspire OS\PatientBaseSync\Starkey.PatientBase.Sync.Service.Host.exe [8704 2017-02-06] (Starkey Hearing Technologies) [Brak podpisu cyfrowego] S2 rsAssistant; C:\Program Files\ReasonLabs\EPP\rsAssistant.exe [1218192 2024-11-04] (Reason Cybersecurity Inc. -> Reason Cybersecurity Inc.) R2 rsClientSvc; C:\Program Files\ReasonLabs\EPP\rsClientSvc.exe [660992 2024-11-04] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsDNSClientSvc; C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe [585072 2023-03-05] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsDNSResolver; C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe [10939248 2023-03-05] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsDNSSvc; C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe [214384 2023-03-05] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsEDRSvc; C:\Program Files\ReasonLabs\EDR\rsEDRSvc.exe [167056 2024-11-04] (Reason Cybersecurity Inc. -> Reason Cybersecurity Ltd.) R2 rsEngineSvc; C:\Program Files\ReasonLabs\EPP\rsEngineSvc.exe [297104 2024-11-04] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsSyncSvc; C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe [597400 2023-01-19] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsVPNClientSvc; C:\Program Files\ReasonLabs\VPN\rsVPNClientSvc.exe [660112 2024-10-27] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsVPNSvc; C:\Program Files\ReasonLabs\VPN\rsVPNSvc.exe [239248 2024-10-27] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsWSC; C:\Program Files\ReasonLabs\EPP\rsWSC.exe [208544 2024-11-04] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 UpdaterService; C:\Program Files (x86)\Starkey Laboratories\Inspire OS\InspireUpdaterSDK.exe [13816 2017-02-06] (Starkey Hearing Technologies -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-09] (Microsoft Windows Publisher -> Microsoft Corporation) S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X] S2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\lukas\AppData\Roaming\Zoom" ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20536 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [233016 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [381496 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [294960 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27744 2024-08-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28752 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [273976 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [550456 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97848 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [951352 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1202232 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203832 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [307256 2024-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R2 AWEAlloc; C:\WINDOWS\system32\DRIVERS\awealloc.sys [21048 2015-12-15] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist) R3 hwnetstat; C:\Program Files\Huawei\PCManager\WFPDriver.sys [32784 2018-04-20] (Huawei Technologies Co.,Ltd. -> ) S3 HwOs2ECx64; C:\Program Files\Huawei\PCManager\HwOs2EC10x64.sys [51336 2018-04-20] (Huawei Technologies Co., Ltd. -> Huawei) R2 ImDisk; C:\WINDOWS\system32\DRIVERS\imdisk.sys [48704 2015-12-15] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist) R1 rsCamFilter020502; C:\WINDOWS\System32\drivers\rsCamFilter020502.sys [48944 2023-07-16] (Reason CyberSecurity Inc. -> Reason Software Company) S0 rsElam; C:\WINDOWS\System32\drivers\rsElam.sys [19944 2024-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Reason CyberSecurity Inc.) R1 rsKernelEngine; C:\WINDOWS\System32\DRIVERS\rsKernelEngine.sys [49456 2024-11-04] (Reason CyberSecurity Inc. -> Windows (R) Win 7 DDK provider) R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602504 2024-08-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-09] (Microsoft Windows -> Microsoft Corporation) R3 WDTDrv; C:\WINDOWS\System32\Drivers\WDTDrv.sys [24976 2017-08-21] (Huawei Technologies Co.,Ltd. -> Huawei Device) U1 aswbdisk; Brak ImagePath S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-11-09 13:40 - 2024-11-09 13:41 - 000035321 _____ C:\Users\lukas\Downloads\FRST.txt 2024-11-09 13:38 - 2024-11-09 13:40 - 000000000 ____D C:\FRST 2024-11-09 13:37 - 2024-11-09 13:37 - 002400768 _____ (Farbar) C:\Users\lukas\Downloads\FRST64.exe 2024-11-04 23:04 - 2024-11-04 23:04 - 000001287 _____ C:\Users\lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAV Endpoint Protection.lnk 2024-11-04 23:04 - 2024-11-04 23:03 - 000049456 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\rsKernelEngine.sys 2024-11-04 11:32 - 2024-11-04 11:32 - 001680074 _____ C:\Users\lukas\Downloads\ORD-WS (5) DOROCICZ_dp.pdf 2024-11-04 11:20 - 2024-11-04 11:20 - 000059485 _____ C:\Users\lukas\Downloads\Faktura_FS_009_102024_DP.pdf 2024-11-02 19:40 - 2024-11-02 19:40 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-11-01 14:36 - 2024-11-01 14:38 - 000000000 ____D C:\Users\lukas\Desktop\jaroszek interpretacja Dino 2024-10-31 11:43 - 2024-10-31 11:43 - 000075706 _____ C:\Users\lukas\Downloads\Faktura_FS_010_092024_DP (2).pdf 2024-10-31 11:42 - 2024-10-31 11:42 - 000075722 _____ C:\Users\lukas\Downloads\Faktura_FS_009_092024_DP (2).pdf 2024-10-27 19:31 - 2024-10-27 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom 2024-10-26 12:52 - 2024-10-27 19:32 - 000000000 ____D C:\Program Files\Temp 2024-10-26 12:52 - 2024-10-27 19:31 - 000000000 ____D C:\Program Files\Zoom 2024-10-26 12:52 - 2024-10-26 12:52 - 000000000 ____D C:\Program Files\Common Files\Zoom 2024-10-26 12:51 - 2024-10-26 12:51 - 000000000 ____D C:\Program Files\Bonjour 2024-10-26 12:51 - 2024-10-26 12:51 - 000000000 ____D C:\Program Files (x86)\Bonjour 2024-10-25 14:34 - 2024-10-17 16:52 - 000315688 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe 2024-10-22 18:05 - 2024-10-22 18:05 - 000023318 _____ C:\Users\lukas\Downloads\C31001841_SOA (2).xlsx 2024-10-22 17:54 - 2024-10-22 17:54 - 000154433 _____ C:\Users\lukas\Downloads\Pełnomocnictwo_052018_v2_INT.pdf 2024-10-22 17:53 - 2024-10-22 17:53 - 000155765 _____ C:\Users\lukas\Downloads\pelnomocnictwo-klienta-dla-pelnomocnika.pdf 2024-10-20 14:55 - 2024-10-20 14:55 - 000084595 _____ C:\Users\lukas\Downloads\FS_88294_MPZ_2024.pdf 2024-10-20 14:54 - 2024-10-20 14:54 - 000024128 _____ C:\Users\lukas\Downloads\KOR FA_FK-00034-10-2024-B_Oryginał.pdf 2024-10-20 14:40 - 2024-10-20 14:40 - 000504164 _____ C:\Users\lukas\Downloads\rozwiązanie PGE Hetmańska.pdf 2024-10-20 14:40 - 2024-10-20 14:40 - 000235767 _____ C:\Users\lukas\Downloads\rozwiązanie UNIMOT Hetmańska.pdf 2024-10-20 14:24 - 2024-10-20 14:24 - 000028418 _____ C:\Users\lukas\Downloads\FAV_2563395_70994562_2024.pdf 2024-10-20 14:05 - 2024-10-20 14:05 - 000124306 _____ C:\Users\lukas\Downloads\FS-205848_24_MEPL1_10.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-11-09 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-11-09 13:38 - 2020-06-04 23:24 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-11-09 13:38 - 2020-06-04 23:24 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-11-09 13:35 - 2020-11-03 20:38 - 000000000 ____D C:\Users\lukas\AppData\Local\CrashDumps 2024-11-09 13:31 - 2021-12-19 00:14 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-11-09 13:31 - 2019-07-06 18:53 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-11-09 13:31 - 2019-07-06 18:53 - 000002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-11-09 13:30 - 2020-08-17 23:27 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-11-09 13:30 - 2020-08-17 23:27 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-11-09 13:26 - 2020-08-17 23:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-11-07 22:19 - 2023-11-12 20:49 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-11-07 22:19 - 2023-04-28 08:30 - 000003642 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1682667023 2024-11-07 22:19 - 2022-08-19 18:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2024-11-07 22:19 - 2021-12-11 11:34 - 000003058 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-95721451-2744450280-1209282378-1001 2024-11-07 22:19 - 2020-08-17 23:27 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-95721451-2744450280-1209282378-1001 2024-11-07 18:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-11-07 18:48 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-11-07 00:41 - 2020-08-17 23:22 - 000002430 _____ C:\Users\lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-11-07 00:41 - 2019-07-06 18:48 - 000000000 ___RD C:\Users\lukas\OneDrive 2024-11-05 11:32 - 2019-08-23 15:15 - 000015758 _____ C:\WINDOWS\BRRBCOM.INI 2024-11-04 23:16 - 2021-04-13 18:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2024-11-04 23:06 - 2020-11-03 20:57 - 000000000 ____D C:\Users\lukas\AppData\Local\D3DSCache 2024-11-04 23:04 - 2024-09-13 23:29 - 000000000 ____D C:\Users\lukas\AppData\Roaming\rsappui 2024-11-04 23:04 - 2023-02-07 17:44 - 000000000 ____D C:\Program Files\ReasonLabs 2024-11-04 11:18 - 2020-08-17 23:28 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-11-04 11:18 - 2019-12-07 16:08 - 000787066 _____ C:\WINDOWS\system32\perfh015.dat 2024-11-04 11:18 - 2019-12-07 16:08 - 000152910 _____ C:\WINDOWS\system32\perfc015.dat 2024-11-04 11:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-11-03 12:57 - 2020-08-17 23:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-11-03 12:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2024-11-03 12:57 - 2019-07-06 18:46 - 000000000 __SHD C:\Users\lukas\IntelGraphicsProfiles 2024-11-03 12:57 - 2018-05-25 18:00 - 000000000 ____D C:\ProgramData\HwSynergy 2024-11-02 19:41 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-11-02 19:41 - 2019-09-17 11:40 - 000000000 ____D C:\Program Files\Microsoft Office 2024-11-01 14:38 - 2019-08-13 11:16 - 000000000 ____D C:\Users\lukas\AppData\Roaming\HwSynergy 2024-10-31 21:19 - 2023-11-12 20:49 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-10-31 21:19 - 2023-11-12 20:49 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2024-10-26 14:13 - 2023-03-24 17:01 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Zoom 2024-10-26 12:53 - 2018-05-25 17:59 - 000000000 ____D C:\ProgramData\Package Cache 2024-10-26 11:45 - 2023-10-11 21:20 - 000000000 ____D C:\Program Files\RUXIM 2024-10-25 22:20 - 2019-09-17 14:26 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Excel 2024-10-25 22:20 - 2019-09-17 11:48 - 000000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Word 2024-10-25 22:15 - 2020-08-17 23:22 - 000000000 ____D C:\Users\lukas 2024-10-25 14:50 - 2019-07-06 18:46 - 000000000 ____D C:\Users\lukas\AppData\Local\Packages 2024-10-25 14:36 - 2020-10-11 17:45 - 000000000 ____D C:\ProgramData\Avast Software 2024-10-25 14:34 - 2020-08-17 23:21 - 000439464 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-10-25 14:34 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-10-25 14:33 - 2019-12-07 16:09 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2024-10-25 14:33 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-10-25 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-10-25 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-10-25 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-10-25 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-10-25 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-10-25 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-10-25 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-10-25 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-10-25 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-10-25 14:33 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2024-10-17 16:52 - 2022-08-19 18:42 - 001202232 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000951352 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000550456 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000381496 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000307256 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000294960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000273976 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000233016 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000097848 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000028752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys 2024-10-17 16:52 - 2022-08-19 18:42 - 000020536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-08-24 19:13 - 2021-08-24 19:13 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT145E.tmp 2021-07-19 23:17 - 2021-07-19 23:17 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT1507.tmp 2021-11-28 18:48 - 2021-11-28 18:48 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT195.tmp 2021-11-16 19:03 - 2021-11-16 19:03 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT289E.tmp 2021-03-14 00:18 - 2021-03-14 00:18 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT2D22.tmp 2021-03-14 00:18 - 2021-03-14 00:18 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT2D23.tmp 2021-07-07 22:36 - 2021-07-07 22:36 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3010.tmp 2021-07-07 22:36 - 2021-07-07 22:36 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3020.tmp 2021-08-27 10:34 - 2021-08-27 10:34 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3252.tmp 2021-10-20 19:53 - 2021-10-20 19:53 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3446.tmp 2021-10-20 19:53 - 2021-10-20 19:53 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3447.tmp 2022-03-03 18:06 - 2022-03-03 18:06 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3718.tmp 2022-03-03 18:06 - 2022-03-03 18:06 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3719.tmp 2022-01-13 00:33 - 2022-01-13 00:33 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3ABF.tmp 2022-02-19 01:07 - 2022-02-19 01:07 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3BD6.tmp 2021-04-03 16:47 - 2021-04-03 16:47 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3CF0.tmp 2021-04-03 16:47 - 2021-04-03 16:47 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT3CF1.tmp 2022-01-07 00:23 - 2022-01-07 00:23 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT45E6.tmp 2021-11-07 08:03 - 2021-11-07 08:03 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT55D7.tmp 2021-07-26 14:48 - 2021-07-26 14:48 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT657B.tmp 2021-09-14 08:49 - 2021-09-14 08:49 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT7B19.tmp 2022-01-14 12:35 - 2022-01-14 12:35 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT83C4.tmp 2022-01-02 22:46 - 2022-01-02 22:46 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT897E.tmp 2021-08-05 11:56 - 2021-08-05 11:56 - 000000000 _____ () C:\Users\lukas\AppData\Local\BIT9037.tmp 2021-08-07 20:46 - 2021-08-07 20:46 - 000000000 _____ () C:\Users\lukas\AppData\Local\BITA628.tmp 2022-03-18 21:25 - 2022-03-18 21:25 - 000000000 _____ () C:\Users\lukas\AppData\Local\BITB393.tmp 2021-07-26 14:48 - 2021-07-26 14:48 - 000000000 _____ () C:\Users\lukas\AppData\Local\BITB7D2.tmp 2021-09-01 11:42 - 2021-09-01 11:42 - 000000000 _____ () C:\Users\lukas\AppData\Local\BITBC7A.tmp 2021-09-07 01:05 - 2021-09-07 01:05 - 000000000 _____ () C:\Users\lukas\AppData\Local\BITC6D9.tmp 2021-09-01 11:42 - 2021-09-01 11:42 - 000000000 _____ () C:\Users\lukas\AppData\Local\BITC7E5.tmp 2022-01-28 00:11 - 2022-01-28 00:11 - 000000000 _____ () C:\Users\lukas\AppData\Local\BITD681.tmp 2022-03-09 17:10 - 2022-03-09 17:10 - 000000000 _____ () C:\Users\lukas\AppData\Local\BITEFF9.tmp 2021-08-07 20:47 - 2021-08-07 20:47 - 000000000 _____ () C:\Users\lukas\AppData\Local\BITF87F.tmp 2021-10-26 10:31 - 2021-10-26 10:31 - 000000000 _____ () C:\Users\lukas\AppData\Local\BITFE99.tmp ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================