Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 08-08-2021 Uruchomiony przez USER (administrator) DESKTOP-OT70G5D (HP HP Pavilion Laptop 15-cc5xx) (10-08-2021 20:45:21) Uruchomiony z C:\Users\USER\AppData\Local\Temp\scoped_dir1016_1037992200 Załadowane profile: USER & oracle Platform: Windows 10 Home Wersja 2004 19041.1110 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe () [Brak podpisu cyfrowego] C:\Users\USER\Desktop\sql\bin\oravssw.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\USER\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\USER\AppData\Local\Microsoft\Teams\current\Teams.exe <8> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Opera Software AS -> Opera Software) C:\Users\USER\AppData\Local\Programs\Opera\77.0.4054.277\opera.exe <39> (Opera Software AS -> Opera Software) C:\Users\USER\AppData\Local\Programs\Opera\77.0.4054.277\opera_crashreporter.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation) [Brak podpisu cyfrowego] C:\Users\USER\Desktop\sql\bin\omtsreco.exe (Oracle Corporation) [Brak podpisu cyfrowego] C:\Users\USER\Desktop\sql\bin\oracle.exe (Oracle Corporation) [Brak podpisu cyfrowego] C:\Users\USER\Desktop\sql\bin\tnslsnr.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe (wondershare) [Brak podpisu cyfrowego] C:\Program Files (x86)\Wondershare\drfone\WsidService.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-931140680-2595042536-2124207976-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\USER\AppData\Local\Microsoft\Teams\Update.exe [2454240 2021-07-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-931140680-2595042536-2124207976-1001\...\Run: [Napisy24Update] => "C:\Program Files\Napisy24\Napisy24Update.exe" "sleep" HKU\S-1-5-21-931140680-2595042536-2124207976-1001\...\Run: [Napisy24.pl] => "C:\Program Files\Napisy24\Napisy24.exe" AutoStart HKU\S-1-5-21-931140680-2595042536-2124207976-1001\...\Run: [Opera Browser Assistant] => C:\Users\USER\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4096720 2021-08-02] (Opera Software AS -> Opera Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-05] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01775AA6-9200-4F63-A0F4-AD4C69B46139} - System32\Tasks\Opera scheduled assistant Autoupdate 1602361036 => C:\Users\USER\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\USER\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {06496420-B0A4-4B2C-AE6E-E60C151ADB56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4EA1CB99-5BA7-46FD-875E-65DA7E57BDE4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {56AD1C06-9D05-4B73-909A-50E9A8D24F7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {56D0DE23-073F-4EEA-8A3E-9B6CC628A3CF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {6E6ABFA6-A333-48DE-B14B-9878EA5A0164} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-10] (Google LLC -> Google LLC) Task: {8326CEF1-DAE5-4885-8373-E4C408AE767F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {935B4CAC-CB5E-4132-AA0B-E23FDF4A38A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-10] (Google LLC -> Google LLC) Task: {94A968CE-2D37-43DA-A308-5C1FAD788461} - System32\Tasks\Opera scheduled Autoupdate 1602361034 => C:\Users\USER\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software) Task: {9785242D-F49C-4AF0-8C8E-F7B0E7ACEAD8} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64936 2020-11-17] (Microsoft Corporation -> Microsoft) Task: {A162B0A1-6FE6-4173-9271-D62DF98FB240} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {C0A1A9E9-F31C-4D94-B08D-544EABB409AA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-12-27] (Mozilla Corporation -> Mozilla Foundation) Task: {D5AD604E-A815-41AC-8ABA-E883A61AD76E} - System32\Tasks\MATLAB R2020b Startup Accelerator => C:\Program Files\MATLAB\R2020b\bin\win64\MATLABStartupAccelerator.exe [53760 2020-07-29] () [Brak podpisu cyfrowego] Task: {E5B4D3B9-BC72-4F27-AB17-7ED9323A80D7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {E6A39CE1-9A1E-4F79-B4EC-D68135D56624} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {FA96E6D9-D7A5-4E5C-BDE9-E020A0DBC4DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\MATLAB R2020b Startup Accelerator.job => C:\Program Files\MATLAB\R2020b\bin\win64\MATLABStartupAccelerator.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{f46327a6-0f9c-4d34-b8bb-539e88c608f9}: [DhcpNameServer] 31.11.173.2 89.228.4.126 Edge: ======= DownloadDir: C:\Users\USER\Downloads Edge HomeButtonPage: HKU\S-1-5-21-931140680-2595042536-2124207976-1001 -> hxxp://google.pl/ Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge Profile: C:\Users\USER\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-10] Edge DownloadDir: Default -> C:\Users\USER\Downloads Edge HomePage: Default -> hxxp://google.pl/ Edge StartupUrls: Default -> "hxxp://googlew.pl/" FireFox: ======== FF DefaultProfile: ni4m3sao.default FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\ni4m3sao.default [2020-10-08] FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\p7twkx9o.default-release [2021-03-19] FF Homepage: Mozilla\Firefox\Profiles\p7twkx9o.default-release -> google.pl FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-03-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-03-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default [2021-08-10] CHR Extension: (Prezentacje) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-10] CHR Extension: (Dokumenty) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-10] CHR Extension: (Dysk Google) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-03] CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-10] CHR Extension: (Arkusze) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-10] CHR Extension: (Dokumenty Google offline) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-10] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-10] CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-03] CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-10] Opera: ======= OPR Profile: C:\Users\USER\AppData\Roaming\Opera Software\Opera Stable [2021-08-10] OPR Notifications: Opera Stable -> hxxps://1.bro4.biz; hxxps://1.linstersbig.com; hxxps://4f.com.pl; hxxps://meet.google.com; hxxps://teams.microsoft.com; hxxps://www.poradnikzdrowie.pl OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (alerabat.com | kupony i kody rabatowe) - C:\Users\USER\AppData\Roaming\Opera Software\Opera Stable\Extensions\dacdinoicboceafielngnmjjplncljhj [2021-07-27] OPR Extension: (Rich Hints Agent) - C:\Users\USER\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-25] OPR Extension: (Zainstaluj rozszerzenia Chrome) - C:\Users\USER\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2021-04-06] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 DFWSIDService; C:\Program Files (x86)\Wondershare\drfone\WsidService.exe [1051136 2021-05-27] (wondershare) [Brak podpisu cyfrowego] R2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe [913408 2021-06-04] () [Brak podpisu cyfrowego] S4 OracleJobSchedulerORCL; c:\users\user\desktop\sql\Bin\extjob.exe [105984 2019-05-29] () [Brak podpisu cyfrowego] R2 OracleOraDB19Home1MTSRecoveryService; C:\Users\USER\Desktop\sql\bin\omtsreco.exe [72704 2019-05-10] (Oracle Corporation) [Brak podpisu cyfrowego] R2 OracleOraDB19Home1TNSListener; C:\Users\USER\Desktop\sql\BIN\TNSLSNR.exe [826368 2019-05-14] (Oracle Corporation) [Brak podpisu cyfrowego] S3 OracleRemExecServiceV2; C:\Users\USER\AppData\Local\Temp\InstallActions2021-03-24_07-41-46PM\\oraremservicev2\RemoteExecService.exe [224256 2019-05-20] () [Brak podpisu cyfrowego] <==== UWAGA R2 OracleServiceORCL; c:\users\user\desktop\sql\bin\ORACLE.EXE [314813440 2019-05-30] (Oracle Corporation) [Brak podpisu cyfrowego] R2 OracleVssWriterORCL; C:\Users\USER\Desktop\sql\bin\OraVSSW.exe [252416 2019-05-29] () [Brak podpisu cyfrowego] S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-06-04] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation) R1 vmkbd3; C:\Windows\system32\DRIVERS\vmkbd.sys [60344 2020-11-17] (VMware, Inc. -> VMware, Inc.) R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [68544 2020-11-17] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2021-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [434424 2021-07-24] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [78072 2021-07-24] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-08-10 20:44 - 2021-08-10 20:45 - 000000000 ____D C:\FRST 2021-08-10 20:43 - 2021-08-10 20:43 - 002300416 _____ (Farbar) C:\Users\USER\Downloads\FRST64.exe 2021-08-10 20:26 - 2021-08-10 20:26 - 000000000 ____D C:\Users\USER\Desktop\audit 2021-08-10 15:53 - 2021-08-10 15:53 - 001846492 _____ C:\Windows\Minidump\081021-21421-01.dmp 2021-08-10 01:09 - 2021-08-10 01:10 - 000000000 ____D C:\AdwCleaner 2021-08-10 00:35 - 2021-08-10 00:35 - 008553680 _____ (Malwarebytes) C:\Users\USER\Downloads\adwcleaner_8.3.0.exe 2021-08-09 22:42 - 2021-08-09 22:43 - 000000348 _____ C:\Users\USER\Desktop\linki.txt 2021-08-09 20:51 - 2021-08-09 20:53 - 000000000 ___RD C:\Users\USER\Documents\Scanned Documents 2021-08-09 20:51 - 2021-08-09 20:51 - 000000000 ____D C:\Users\USER\Documents\Fax 2021-08-07 18:10 - 2021-08-07 18:10 - 000000584 _____ C:\Users\USER\Downloads\attribute.txt 2021-08-01 17:00 - 2021-08-01 17:00 - 000362173 _____ C:\Users\USER\Downloads\Automation Support for CPE Retrieval.en.pl.pdf 2021-08-01 16:58 - 2021-08-01 16:58 - 000699273 _____ C:\Users\USER\Downloads\Automation Support for CVE Retrieval.en.pl.pdf 2021-08-01 16:57 - 2021-08-01 16:57 - 000347015 _____ C:\Users\USER\Downloads\Automation Support for CVE Retrieval.pdf 2021-08-01 16:56 - 2021-08-01 16:56 - 000188802 _____ C:\Users\USER\Downloads\Automation Support for CPE Retrieval.pdf 2021-07-19 18:16 - 2021-07-19 18:16 - 000035700 _____ C:\Users\USER\Downloads\000048029243_4181537322_IN.pdf 2021-07-19 16:33 - 2021-07-19 16:33 - 000223652 _____ C:\Users\USER\Downloads\Potwierdzenie przelewu.pdf 2021-07-19 16:17 - 2021-07-19 16:17 - 000154807 _____ C:\Users\USER\Downloads\deklaracja_1_rok_lic.pdf 2021-07-19 16:12 - 2021-07-19 16:12 - 000383090 _____ C:\Users\USER\Downloads\Ankieta osobowa.pdf 2021-07-19 16:05 - 2021-07-19 16:05 - 000334637 _____ C:\Users\USER\Downloads\Podanie o ELS.pdf 2021-07-19 16:05 - 2021-07-19 16:05 - 000053021 _____ C:\Users\USER\Downloads\Oświadczenie o zapoznaniu się z wysokością opłat.pdf 2021-07-18 22:43 - 2021-07-18 23:10 - 000755455 _____ C:\Users\USER\Downloads\PREOFFERB2C_SNM_100_070721.zip 2021-07-18 22:43 - 2021-07-18 22:48 - 003924836 _____ C:\Users\USER\Downloads\PREOFFERB2C_ENM_SMN_190721.zip 2021-07-18 22:23 - 2021-07-18 22:39 - 003924675 _____ C:\Users\USER\Downloads\OFFERB2C_ENM_SMN_190721.zip 2021-07-18 22:23 - 2021-07-18 22:35 - 003914748 _____ C:\Users\USER\Downloads\OFFERB2C_SNM_100_190721.zip 2021-07-16 23:51 - 2021-07-16 23:51 - 000011357 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-07-16 23:51 - 2021-07-16 23:51 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb 2021-07-16 23:51 - 2021-07-16 23:51 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb 2021-07-16 23:51 - 2021-07-16 23:51 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb 2021-07-16 23:51 - 2021-07-16 23:51 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb 2021-07-16 23:50 - 2021-07-16 23:50 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-07-16 16:24 - 2021-07-16 17:11 - 000000000 ____D C:\Users\USER\Desktop\doWywolania 2021-07-14 23:33 - 2021-07-14 23:33 - 002063164 _____ C:\Users\USER\Downloads\oferta.jrxml 2021-07-14 23:27 - 2021-07-14 23:27 - 000001638 _____ C:\Users\USER\Downloads\jasper.txt 2021-07-14 22:28 - 2021-07-15 00:08 - 000002516 _____ C:\Users\USER\Downloads\pokaz.txt 2021-07-13 16:02 - 2021-07-13 16:02 - 001607881 _____ C:\Users\USER\Downloads\APD - Student.pdf 2021-07-11 18:43 - 2021-07-11 18:43 - 000049980 _____ C:\Users\USER\Downloads\potwierdzenie_Zuzanna_Zak.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-08-10 20:27 - 2020-10-10 22:12 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-10 20:26 - 2020-10-08 11:37 - 000000000 __SHD C:\Users\USER\IntelGraphicsProfiles 2021-08-10 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-10 20:25 - 2020-12-22 17:50 - 000000000 ____D C:\ProgramData\VMware 2021-08-10 20:25 - 2020-12-18 14:52 - 000001527 _____ C:\Windows\system32\config\VSMIDK 2021-08-10 20:25 - 2020-10-08 11:40 - 000000000 ____D C:\ProgramData\NVIDIA 2021-08-10 20:25 - 2020-10-08 11:37 - 000000000 ____D C:\Intel 2021-08-10 20:25 - 2020-10-08 11:19 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-08-10 20:25 - 2020-10-08 11:18 - 000008192 ___SH C:\DumpStack.log.tmp 2021-08-10 20:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState 2021-08-10 20:25 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI 2021-08-10 19:57 - 2020-10-10 22:12 - 000000000 ____D C:\Users\USER\AppData\Local\Google 2021-08-10 19:21 - 2020-10-08 11:18 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-08-10 16:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-10 16:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2021-08-10 15:57 - 2020-10-08 11:31 - 001686516 _____ C:\Windows\system32\PerfStringBackup.INI 2021-08-10 15:57 - 2019-12-07 17:08 - 000753158 _____ C:\Windows\system32\perfh015.dat 2021-08-10 15:57 - 2019-12-07 17:08 - 000146378 _____ C:\Windows\system32\perfc015.dat 2021-08-10 15:57 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2021-08-10 15:54 - 2020-12-24 03:17 - 000000000 ____D C:\Windows\Minidump 2021-08-10 15:53 - 2021-03-24 20:51 - 000000000 ____D C:\Users\oracle 2021-08-10 15:53 - 2020-12-24 03:17 - 1708527305 _____ C:\Windows\MEMORY.DMP 2021-08-10 01:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports 2021-08-07 17:31 - 2020-10-08 11:22 - 000000000 ____D C:\Users\USER\AppData\Local\Packages 2021-08-06 14:27 - 2020-10-14 00:30 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-05 00:00 - 2020-10-10 22:13 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-04 23:54 - 2020-10-10 22:12 - 000003570 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-04 23:54 - 2020-10-10 22:12 - 000003446 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-08-04 23:46 - 2020-10-08 11:32 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-931140680-2595042536-2124207976-1001 2021-08-04 23:46 - 2020-10-08 11:32 - 000000000 ___RD C:\Users\USER\OneDrive 2021-08-04 23:46 - 2020-10-08 11:21 - 000002420 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-08-03 15:09 - 2020-10-10 22:17 - 000004450 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1602361036 2021-08-02 15:50 - 2020-10-14 00:29 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-02 15:50 - 2020-10-14 00:29 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-07-30 11:03 - 2020-10-10 22:49 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-27 15:47 - 2020-10-10 22:17 - 000004240 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1602361034 2021-07-27 15:47 - 2020-10-10 22:17 - 000001402 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2021-07-24 16:52 - 2020-11-05 17:42 - 000002359 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2021-07-24 16:52 - 2020-11-05 17:42 - 000002351 _____ C:\Users\USER\Desktop\Microsoft Teams.lnk 2021-07-24 15:03 - 2020-10-10 22:28 - 000000000 ____D C:\Users\USER\Desktop\POLE_DANCE 2021-07-24 14:43 - 2020-10-08 11:19 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-07-17 00:02 - 2020-10-08 11:18 - 000438296 _____ C:\Windows\system32\FNTCACHE.DAT 2021-07-17 00:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2021-07-17 00:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-07-17 00:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2021-07-17 00:01 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-07-16 23:53 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2021-07-16 18:45 - 2020-10-08 11:29 - 000000000 ____D C:\Windows\system32\MRT 2021-07-16 18:42 - 2020-10-08 11:29 - 133422552 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-07-16 00:32 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-07-16 00:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2021-07-16 00:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2021-07-16 00:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-07-16 00:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup 2021-07-16 00:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2021-07-16 00:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2021-07-16 00:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2021-07-14 21:32 - 2021-06-01 20:25 - 000001122 _____ C:\Users\Public\Desktop\TIBCO Jaspersoft Studio-6.17.0.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-12-14 12:13 - 2020-12-14 12:13 - 000001804 _____ () C:\Users\USER\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================