Facebook

Untitled safest cryptocurrency exchange

From Sludgy Camel, 2 Years ago, written in Plain Text.
URL https://pastebin.pl/view/5e514ce8
Embed
Download Paste or View Raw
Hits: 170
  1. Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 01-04-2022
  2. Uruchomiony przez gozdz (administrator)  DESKTOP-015KTU2 (Acer Aspire A515-51G) (04-04-2022 19:27:35)
  3. Uruchomiony z C:\Users\gozdz\Downloads
  4. Załadowane profile: gozdz
  5. Platform: Microsoft Windows 10 Home Wersja 21H1 19043.1586 (X64) Język: Polski (Polska)
  6. Domyślna przeglądarka: Opera
  7. Tryb startu: Normal
  8.  
  9. ==================== Procesy (filtrowane) =================
  10.  
  11. (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
  12.  
  13. (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
  14. (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  15. (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
  16. (C:\Users\gozdz\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\gozdz\AppData\Local\Programs\Opera\84.0.4316.42\opera_crashreporter.exe
  17. (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
  18. (explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
  19. (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
  20. (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
  21. (Opera Software AS -> Opera Software) C:\Users\gozdz\AppData\Local\Programs\Opera\opera.exe <22>
  22. (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
  23. (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
  24. (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
  25. (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
  26. (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
  27. (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
  28. (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
  29. (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.22003.0_x64__8wekyb3d8bbwe\gamingservices.exe
  30. (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.22003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
  31. (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
  32. (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
  33. (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
  34. (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
  35. (services.exe ->) (Urban Cyber Security Inc. -> ) C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe
  36. (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
  37. (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
  38. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
  39. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
  40. (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
  41. (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
  42. (Urban Cyber Security Inc. -> ) C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe
  43.  
  44. ==================== Rejestr (filtrowane) ===================
  45.  
  46. (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
  47.  
  48. HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
  49. HKLM\...\Run: [UrbanVPN] => C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe [24253504 2020-11-17] (Urban Cyber Security Inc. -> )
  50. HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle America, Inc. -> Oracle Corporation)
  51. HKU\S-1-5-21-896742984-2347292954-1558493594-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33526752 2021-10-27] (Epic Games Inc. -> Epic Games, Inc.)
  52. HKU\S-1-5-21-896742984-2347292954-1558493594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-11-23] (Valve Corp. -> Valve Corporation)
  53. HKU\S-1-5-21-896742984-2347292954-1558493594-1001\...\Run: [ALLUpdate] => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" (Brak pliku)
  54. HKU\S-1-5-21-896742984-2347292954-1558493594-1001\...\Run: [Napisy24Update] => C:\Program Files\Napisy24\Napisy24Update.exe [3990528 2018-02-02] (Napisy24.pl) [Brak podpisu cyfrowego]
  55. HKU\S-1-5-21-896742984-2347292954-1558493594-1001\...\Run: [Napisy24.pl] => C:\Program Files\Napisy24\Napisy24.exe [11984896 2021-03-08] (Napisy24.pl) [Brak podpisu cyfrowego]
  56. HKU\S-1-5-21-896742984-2347292954-1558493594-1001\...\Run: [gozdz] => cmd.exe /c start www.exinariuminix.info
  57. HKU\S-1-5-21-896742984-2347292954-1558493594-1001\...\Run: [Opera Browser Assistant] => C:\Users\gozdz\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
  58. HKU\S-1-5-21-896742984-2347292954-1558493594-1001\...\Run: [utweb] => C:\Users\gozdz\AppData\Roaming\uTorrent Web\utweb.exe [5944864 2021-12-01] (BitTorrent Inc -> BitTorrent Inc.)
  59. HKU\S-1-5-21-896742984-2347292954-1558493594-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
  60. HKLM\...\Windows x64\Print Processors\sxj2mPC: C:\Windows\System32\spool\prtprocs\x64\sxj2mpc.dll [43520 2014-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
  61. HKLM\...\Print\Monitors\sxj2m Langmon: C:\Windows\system32\sxj2mlm.dll [34304 2013-12-10] (Microsoft Windows Hardware Compatibility Publisher -> )
  62. HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.60\Installer\chrmstp.exe [2022-04-04] (Google LLC -> Google LLC)
  63.  
  64. ==================== Zaplanowane zadania (filtrowane) ============
  65.  
  66. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  67.  
  68. Task: {263A5689-6480-43E8-B420-322561F9EC09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC -> Google LLC)
  69. Task: {37FEA813-D4A9-44AB-9A7B-E35063CB001C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
  70. Task: {40F783F9-BD78-44B7-891F-54F1F5850B5E} - System32\Tasks\gozdz => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v gozdz /t REG_SZ /d "cmd.exe /c start www.exinariuminix.info"
  71. Task: {42575F57-F598-4CC1-9BD5-B2D4998C7CCE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6481872 2022-03-06] (Microsoft Corporation -> Microsoft Corporation)
  72. Task: {67281399-0FD3-4F4D-9734-CA47C80735DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
  73. Task: {68A773FD-EE20-4B1D-9CFC-D9524AE47DAE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
  74. Task: {6FF75965-6009-45FD-8766-B42C0B7E0575} - System32\Tasks\Opera scheduled Autoupdate 1602429996 => C:\Users\gozdz\AppData\Local\Programs\Opera\launcher.exe [2469120 2022-04-01] (Opera Software AS -> Opera Software)
  75. Task: {71BBC53E-878D-4467-9773-54FF547EACEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
  76. Task: {770D8801-C964-4614-A864-9E1F25E1F95A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
  77. Task: {799A2573-8F51-404E-BD2C-3F3E405C57A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-09-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
  78. Task: {A25F00BE-522E-4054-A09E-5C146C96E8B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC -> Google LLC)
  79. Task: {AA550862-64D5-436D-8AB3-37E21187839C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
  80. Task: {B1A502E6-32B1-43EA-99AB-17CB4ACAB2E3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
  81. Task: {BDFF37C3-D525-49FD-B8B8-E2B29934DA4A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
  82. Task: {CD62BB9B-01C6-485C-B6B2-7EF0D45B1227} - System32\Tasks\Opera scheduled assistant Autoupdate 1602430002 => C:\Users\gozdz\AppData\Local\Programs\Opera\launcher.exe [2469120 2022-04-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\gozdz\AppData\Local\Programs\Opera\assistant" $(Arg0)
  83. Task: {CE3B25E2-AF3B-46A6-B5A5-4C1B45988A6C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-15] (Microsoft Corporation -> Microsoft Corporation)
  84. Task: {EAD41F9D-A8E7-496F-8498-FB46491BC22A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6481872 2022-03-06] (Microsoft Corporation -> Microsoft Corporation)
  85. Task: {FA0B6AEB-6B6D-4EE6-86BA-1C7C53B9968A} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
  86.  
  87. (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
  88.  
  89.  
  90. ==================== Internet (filtrowane) ====================
  91.  
  92. (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
  93.  
  94. Tcpip\Parameters: [DhcpNameServer] 31.11.173.2 89.228.4.126
  95. Tcpip\..\Interfaces\{acde3de3-03f4-465e-b686-3fe1397d2d06}: [DhcpNameServer] 31.11.173.2 89.228.4.126
  96.  
  97. Edge:
  98. =======
  99. Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono]
  100. Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono]
  101. Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono]
  102. Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono]
  103. Edge Profile: C:\Users\gozdz\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-14]
  104.  
  105. FireFox:
  106. ========
  107. FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2021-10-27] (Oracle America, Inc. -> Oracle Corporation)
  108. FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2021-10-27] (Oracle America, Inc. -> Oracle Corporation)
  109. FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
  110. FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-06] (Microsoft Corporation -> Microsoft Corporation)
  111. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-06] (Microsoft Corporation -> Microsoft Corporation)
  112. FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
  113.  
  114. Chrome:
  115. =======
  116. CHR DefaultProfile: Default
  117. CHR Profile: C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default [2021-09-07]
  118. CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=190
  119. CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=190"
  120. CHR Extension: (Prezentacje) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-25]
  121. CHR Extension: (Dokumenty) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-25]
  122. CHR Extension: (Dysk Google) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-25]
  123. CHR Extension: (YouTube) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-25]
  124. CHR Extension: (share me for pc) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbkocbeajehpllbbindkdgmianlajlf [2021-03-07]
  125. CHR Extension: (Arkusze) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-25]
  126. CHR Extension: (Dokumenty Google offline) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-07]
  127. CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-15]
  128. CHR Extension: (Gmail) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-25]
  129. CHR Extension: (Chrome Media Router) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-09-07]
  130. CHR Profile: C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-14]
  131. CHR Profile: C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-04-28]
  132. CHR Extension: (Prezentacje) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-28]
  133. CHR Extension: (Dokumenty) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-28]
  134. CHR Extension: (Dysk Google) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-28]
  135. CHR Extension: (YouTube) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-28]
  136. CHR Extension: (Arkusze) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-28]
  137. CHR Extension: (Dokumenty Google offline) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-28]
  138. CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-28]
  139. CHR Extension: (Gmail) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-28]
  140. CHR Extension: (Chrome Media Router) - C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-28]
  141. CHR Profile: C:\Users\gozdz\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-14]
  142.  
  143. Opera:
  144. =======
  145. OPR Profile: C:\Users\gozdz\AppData\Roaming\Opera Software\Opera Stable [2022-04-04]
  146. OPR Notifications: Opera Stable -> hxxps://drive.google.com; hxxps://lichess.org; hxxps://www.chess.com
  147. OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
  148. OPR Extension: (Rich Hints Agent) - C:\Users\gozdz\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-15]
  149. OPR Extension: (Amazon Assistant Promotion) - C:\Users\gozdz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-05]
  150. OPR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\gozdz\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2022-01-20]
  151. OPR Extension: (Mate Translate - translator, słownik) - C:\Users\gozdz\AppData\Roaming\Opera Software\Opera Stable\Extensions\ollghamalkmmhboihmhoaaobmamehjgn [2022-03-29]
  152.  
  153. ==================== Usługi (filtrowane) ===================
  154.  
  155. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  156.  
  157. S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128 2016-09-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
  158. R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-06] (Microsoft Corporation -> Microsoft Corporation)
  159. R2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11032728 2022-03-29] (Electronic Arts, Inc. -> Electronic Arts)
  160. S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2563288 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
  161. R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481824 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
  162. R2 UrbanVPNServiceInteractive; C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe [221072 2020-11-17] (Urban Cyber Security Inc. -> )
  163. S3 UrbanVPNUpdater; C:\Program Files\UrbanVPN\UrbanVPNUpdater.exe [1010752 2020-11-25] (Urban Cyber Security Inc. -> Urban Security)
  164. R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
  165. R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
  166.  
  167. ===================== Sterowniki (filtrowane) ===================
  168.  
  169. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  170.  
  171. R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
  172. S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [66952 2018-07-30] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
  173. S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
  174. R3 MpKsl26249c3c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E564A7FC-6A0C-4B1A-8802-F2D36AF02C8B}\MpKslDrv.sys [137464 2022-04-04] (Microsoft Windows -> Microsoft Corporation)
  175. S3 SnapCameraVirtualDevice; C:\Windows\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
  176. R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2020-12-31] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
  177. S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2022-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
  178. R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [439544 2022-03-12] (Microsoft Windows -> Microsoft Corporation)
  179. R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-12] (Microsoft Windows -> Microsoft Corporation)
  180. S3 MpKslff83b2e1; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8937BC35-9A84-4A31-839F-C1AF55F4CC56}\MpKslDrv.sys [X]
  181.  
  182. ==================== NetSvcs (filtrowane) ===================
  183.  
  184. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  185.  
  186.  
  187. ==================== Trzy miesiące (utworzone) (filtrowane) =========
  188.  
  189. (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
  190.  
  191. 2022-04-04 19:27 - 2022-04-04 19:28 - 000022633 _____ C:\Users\gozdz\Downloads\FRST.txt
  192. 2022-04-04 19:27 - 2022-04-04 19:27 - 000000000 ____D C:\Users\gozdz\Downloads\FRST-OlderVersion
  193. 2022-03-28 20:08 - 2022-03-28 20:08 - 004473128 _____ C:\Users\gozdz\Downloads\277476531_1423985311391627_3523405497044988695_n.mp4
  194. 2022-03-28 13:39 - 2022-03-28 13:39 - 000744494 _____ C:\Users\gozdz\Downloads\Inschrijfformulier NL PL en ENG 19032021.pdf
  195. 2022-03-28 13:39 - 2022-03-28 13:39 - 000738567 _____ C:\Users\gozdz\Downloads\C2_kierowanie do pracy za granice - zgoda na przetwarzanie danych 3.pdf
  196. 2022-03-28 13:39 - 2022-03-28 13:39 - 000606000 _____ C:\Users\gozdz\Downloads\Toestemmingsverklaring ENG en PL - algemeen (1).docx.pdf
  197. 2022-03-28 13:39 - 2022-03-28 13:39 - 000547280 _____ C:\Users\gozdz\Downloads\Goździewska Katarzyna Umowa kierująca _RANDSTAD INDUSTRY RRL-sig.pdf
  198. 2022-03-28 13:39 - 2022-03-28 13:39 - 000448631 _____ C:\Users\gozdz\Downloads\ABU Arbeidsmigranten Code en Charter - PL (1).pdf
  199. 2022-03-28 13:39 - 2022-03-28 13:39 - 000433433 _____ C:\Users\gozdz\Downloads\ABU Arbeidsmigranten Code en Charter - ENG (2) (1).pdf
  200. 2022-03-28 13:39 - 2022-03-28 13:39 - 000219629 _____ C:\Users\gozdz\Downloads\VUD TT - februari 2022 PL.pdf
  201. 2022-03-28 13:39 - 2022-03-28 13:39 - 000210401 _____ C:\Users\gozdz\Downloads\VUD TT - februari 2022 ENG.pdf
  202. 2022-03-28 13:39 - 2022-03-28 13:39 - 000074904 _____ C:\Users\gozdz\Downloads\C2_Oswiadczenie o otrzymaniu CAO2.pdf
  203. 2022-03-28 13:39 - 2022-03-28 13:39 - 000074826 _____ C:\Users\gozdz\Downloads\C2_Oswiadczenie o otrzymaniu manuala1.pdf
  204. 2022-03-16 17:03 - 2022-03-16 17:03 - 000151268 _____ C:\Users\gozdz\Downloads\CV Ewelina Zygmunt-Goździewska.pdf
  205. 2022-03-15 14:10 - 2022-03-15 14:10 - 000801319 _____ C:\Users\gozdz\Downloads\BSN.pdf
  206. 2022-03-15 14:10 - 2022-03-15 14:10 - 000000000 ____D C:\Users\gozdz\Downloads\dokumenty Goździewska
  207. 2022-03-13 17:55 - 2022-03-13 17:55 - 002254336 _____ C:\Windows\system32\dwmscene.dll
  208. 2022-03-13 17:55 - 2022-03-13 17:55 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
  209. 2022-03-13 17:55 - 2022-03-13 17:55 - 000011911 _____ C:\Windows\system32\DrtmAuthTxt.wim
  210. 2022-03-13 17:54 - 2022-03-13 17:54 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
  211. 2022-03-13 17:54 - 2022-03-13 17:54 - 000272896 _____ C:\Windows\system32\TpmTool.exe
  212. 2022-03-13 17:43 - 2022-03-13 17:45 - 000000000 ___HD C:\$WinREAgent
  213. 2022-03-06 12:20 - 2022-03-06 12:21 - 000000000 ____D C:\ProgramData\UrbanVPN
  214. 2022-03-06 12:20 - 2022-03-06 12:20 - 000000000 ____D C:\Users\gozdz\UrbanVPN
  215. 2022-03-06 12:20 - 2022-03-06 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UrbanVPN
  216. 2022-03-06 12:20 - 2022-03-06 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
  217. 2022-03-06 12:20 - 2022-03-06 12:20 - 000000000 ____D C:\Program Files\UrbanVPN
  218. 2022-03-06 12:20 - 2022-03-06 12:20 - 000000000 ____D C:\Program Files\TAP-Windows
  219. 2022-03-06 12:18 - 2022-03-06 12:18 - 031769416 _____ (Urban Security) C:\Users\gozdz\Downloads\UrbanVPN2.exe
  220. 2022-02-23 13:12 - 2022-02-23 13:12 - 000075775 _____ C:\Users\gozdz\Downloads\CV_GoździewskaKatarzyna.pdf
  221. 2022-02-23 13:08 - 2022-02-23 13:08 - 000085175 _____ C:\Users\gozdz\Downloads\CVKatarzyna_Goździewska.pdf
  222. 2022-02-17 14:35 - 2022-02-17 14:35 - 000000000 ____D C:\Users\gozdz\AppData\LocalLow\FreemindSA
  223. 2022-02-17 14:34 - 2022-02-17 14:34 - 000000497 _____ C:\Users\Public\Desktop\House Builder.lnk
  224. 2022-02-17 14:34 - 2022-02-17 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROKA1969
  225. 2022-02-17 13:43 - 2022-02-17 13:45 - 000000000 ____D C:\Users\gozdz\Downloads\House Builder-R69
  226. 2022-02-17 13:43 - 2022-02-17 13:43 - 000025071 _____ C:\Users\gozdz\Downloads\[Electro-Torrent.pl] House Builder [v.Build 121121] 2021 [MULTI-PL] [REPACK R69] [EXE].torrent
  227. 2022-02-16 16:14 - 2022-02-16 16:14 - 000116272 _____ C:\Users\gozdz\Downloads\LPP - List Motywacyjny.pdf
  228. 2022-02-15 00:05 - 2022-02-15 00:05 - 000028172 _____ C:\Users\gozdz\Downloads\tf02919610_win32.dotx
  229. 2022-02-15 00:00 - 2022-02-15 00:01 - 000083987 _____ C:\Users\gozdz\Downloads\CV_Katarzyna_Goździewska (1).pdf
  230. 2022-02-14 17:41 - 2022-02-14 17:41 - 001250350 _____ C:\Users\gozdz\Downloads\porozumienie stron.pdf
  231. 2022-02-14 17:39 - 2022-02-14 17:39 - 000087387 _____ C:\Users\gozdz\Downloads\z zachowaniem.pdf
  232. 2022-02-14 17:39 - 2022-02-14 17:39 - 000051803 _____ C:\Users\gozdz\Downloads\za porozumieniem.pdf
  233. 2022-02-09 23:20 - 2022-02-09 23:20 - 004096233 _____ C:\Users\gozdz\Downloads\273488208_542806123429754_5281894035368507183_n.mp4
  234. 2022-02-09 13:10 - 2022-02-09 13:10 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
  235. 2022-02-09 13:10 - 2022-02-09 13:10 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
  236. 2022-02-06 20:41 - 2022-02-06 20:41 - 000000000 ____D C:\Users\gozdz\AppData\LocalLow\Skookum Arts
  237. 2022-02-06 12:46 - 2022-02-06 12:46 - 000000000 ____D C:\Users\gozdz\AppData\Local\SwGame
  238. 2022-02-06 12:45 - 2022-02-06 12:45 - 000000000 ____D C:\ProgramData\Electronic Arts
  239. 2022-02-06 11:13 - 2022-02-06 11:13 - 000000000 ____D C:\Users\gozdz\AppData\Local\EADesktop
  240. 2022-02-06 11:09 - 2022-02-06 11:14 - 000000000 ____D C:\ProgramData\EA Desktop
  241. 2022-02-06 11:09 - 2022-02-06 11:09 - 000000000 ____D C:\Users\gozdz\AppData\Local\Electronic Arts
  242. 2022-02-06 11:09 - 2022-02-06 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
  243. 2022-02-05 23:12 - 2022-02-05 23:12 - 000000000 ___HD C:\Users\gozdz\Downloads\.opera
  244. 2022-02-05 23:12 - 2022-02-05 23:12 - 000000000 ___HD C:\Users\gozdz\.opera
  245. 2022-02-05 21:15 - 2022-02-05 21:15 - 000284894 _____ C:\Users\gozdz\Downloads\[Electro-Torrent.pl] Dying Light_ The Following Platinum Edition [v1.47.0+DLC] 2015 [MULTI-PL] [GOG] [EXE].torrent
  246. 2022-02-05 17:30 - 2022-02-13 17:58 - 000000000 ____D C:\Users\gozdz\AppData\Roaming\vlc
  247. 2022-02-05 17:30 - 2022-02-05 17:30 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
  248. 2022-02-05 17:30 - 2022-02-05 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
  249. 2022-02-05 17:30 - 2022-02-05 17:30 - 000000000 ____D C:\Program Files\VideoLAN
  250. 2022-02-04 11:30 - 2022-02-04 11:30 - 000863743 _____ C:\Users\gozdz\Downloads\272972758_683054602829574_4994653541245900614_n.mp4
  251. 2022-02-03 12:23 - 2022-02-03 12:23 - 000390727 _____ C:\Users\gozdz\Downloads\Dokument 28.pdf
  252. 2022-02-03 12:15 - 2022-02-03 12:15 - 001808057 _____ C:\Users\gozdz\Downloads\Kupno sprzedaż volvo.pdf
  253. 2022-02-03 10:40 - 2022-02-03 10:40 - 000159303 _____ C:\Users\gozdz\Downloads\potwierdzenie_oplacenia_skladek_polisa_460001411617.pdf
  254. 2022-02-03 10:39 - 2022-02-03 10:40 - 000943893 _____ C:\Users\gozdz\Downloads\wydruk.pdf
  255. 2022-02-02 17:51 - 2022-02-02 17:51 - 000140325 _____ C:\Users\gozdz\Downloads\000016737P-000845888.pdf
  256. 2022-01-25 17:47 - 2022-01-25 17:47 - 000000000 ____D C:\Users\gozdz\AppData\LocalLow\LEGO System A_S
  257. 2022-01-25 17:39 - 2022-01-25 17:39 - 000018669 _____ C:\Users\gozdz\Downloads\[Electro-Torrent.pl] LEGO Builders Journey 2019 MULTI9 [ ISO] - ELAMIGOS.torrent
  258. 2022-01-25 17:39 - 2022-01-25 17:39 - 000000000 ____D C:\Users\gozdz\Downloads\LEGO Builders Journey
  259. 2022-01-22 22:33 - 2022-01-22 22:33 - 000184515 _____ C:\Users\gozdz\Downloads\CV-Karol Albert.docx.pdf
  260. 2022-01-22 22:18 - 2022-01-22 22:22 - 000077277 _____ C:\Users\gozdz\Downloads\CV_Goździewska K..pdf
  261. 2022-01-18 23:20 - 2022-01-18 23:20 - 000001879 _____ C:\Users\gozdz\Desktop\uTorrent Web.lnk
  262. 2022-01-18 23:20 - 2022-01-18 23:20 - 000001865 _____ C:\Users\gozdz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
  263. 2022-01-18 15:45 - 2022-01-18 15:45 - 000000000 ____D C:\Users\gozdz\AppData\Local\_
  264. 2022-01-18 15:44 - 2022-01-18 15:45 - 021406304 _____ (BitTorrent, Inc.) C:\Users\gozdz\Downloads\utweb_installer (1).exe
  265. 2022-01-18 15:43 - 2022-01-18 15:43 - 000018585 _____ C:\Users\gozdz\Downloads\[Electro-Torrent.pl] Viscera Cleanup Detail 2015- V1.092 [DLC + Bonus Content] [ENG] [ISO] [CODEX].torrent
  266. 2022-01-12 15:03 - 2022-01-12 15:03 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
  267. 2022-01-12 15:03 - 2022-01-12 15:03 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
  268. 2022-01-05 10:34 - 2022-01-05 10:34 - 000000000 ____D C:\Windows\SystemTemp
  269.  
  270. ==================== Trzy miesiące (zmodyfikowane) ==================
  271.  
  272. (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
  273.  
  274. 2022-04-04 19:28 - 2021-01-21 01:57 - 000000000 ____D C:\FRST
  275. 2022-04-04 19:27 - 2021-01-21 01:56 - 002365440 _____ (Farbar) C:\Users\gozdz\Downloads\FRST64.exe
  276. 2022-04-04 19:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
  277. 2022-04-04 18:41 - 2021-01-25 12:05 - 000000000 ____D C:\Program Files (x86)\Google
  278. 2022-04-04 18:38 - 2020-10-10 20:47 - 000000000 ____D C:\Windows\system32\SleepStudy
  279. 2022-04-04 17:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
  280. 2022-04-04 17:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
  281. 2022-04-04 17:51 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
  282. 2022-04-04 16:40 - 2020-10-10 20:55 - 001767984 _____ C:\Windows\system32\PerfStringBackup.INI
  283. 2022-04-04 16:40 - 2019-12-07 17:08 - 000785594 _____ C:\Windows\system32\perfh015.dat
  284. 2022-04-04 16:40 - 2019-12-07 17:08 - 000152454 _____ C:\Windows\system32\perfc015.dat
  285. 2022-04-04 16:40 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
  286. 2022-04-04 16:36 - 2021-01-25 12:06 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  287. 2022-04-04 16:36 - 2021-01-25 12:06 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  288. 2022-04-04 16:36 - 2020-10-27 00:14 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
  289. 2022-04-04 16:36 - 2020-10-27 00:14 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
  290. 2022-04-04 16:36 - 2020-10-11 17:26 - 000004248 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1602429996
  291. 2022-04-04 16:36 - 2020-10-11 17:26 - 000001405 _____ C:\Users\gozdz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk
  292. 2022-04-04 16:33 - 2020-10-10 21:00 - 000000000 ____D C:\ProgramData\NVIDIA
  293. 2022-04-04 16:33 - 2020-10-10 20:47 - 000000006 ____H C:\Windows\Tasks\SA.DAT
  294. 2022-04-04 16:32 - 2020-10-10 20:47 - 000008192 ___SH C:\DumpStack.log.tmp
  295. 2022-03-26 21:36 - 2021-12-12 21:37 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-896742984-2347292954-1558493594-1001
  296. 2022-03-26 21:36 - 2020-10-24 20:32 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-896742984-2347292954-1558493594-1001
  297. 2022-03-26 21:36 - 2020-10-24 20:32 - 000002423 _____ C:\Users\gozdz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
  298. 2022-03-25 18:09 - 2021-11-19 21:13 - 000120296 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
  299. 2022-03-25 18:09 - 2020-11-25 14:32 - 002258408 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
  300. 2022-03-25 18:09 - 2020-11-25 14:32 - 000337384 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
  301. 2022-03-25 18:09 - 2020-11-25 14:32 - 000218600 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
  302. 2022-03-25 18:09 - 2020-11-25 14:32 - 000198120 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
  303. 2022-03-25 18:09 - 2020-11-25 14:32 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
  304. 2022-03-25 18:09 - 2020-11-25 14:32 - 000062952 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
  305. 2022-03-15 12:38 - 2020-10-24 19:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
  306. 2022-03-15 12:29 - 2020-10-10 20:47 - 000439400 _____ C:\Windows\system32\FNTCACHE.DAT
  307. 2022-03-15 12:29 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
  308. 2022-03-15 12:28 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
  309. 2022-03-15 12:28 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
  310. 2022-03-15 12:28 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
  311. 2022-03-15 12:28 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
  312. 2022-03-15 12:28 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
  313. 2022-03-15 12:28 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
  314. 2022-03-15 12:28 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
  315. 2022-03-15 12:28 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
  316. 2022-03-13 17:59 - 2021-01-22 21:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
  317. 2022-03-13 17:59 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
  318. 2022-03-13 17:54 - 2020-10-10 20:50 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
  319. 2022-03-13 17:43 - 2020-10-19 21:19 - 000000000 ____D C:\Windows\system32\MRT
  320. 2022-03-13 17:30 - 2020-10-19 21:19 - 145666720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
  321. 2022-03-12 00:14 - 2020-10-10 20:47 - 000000000 ____D C:\Windows\system32\Drivers\wd
  322. 2022-03-11 17:35 - 2020-11-22 21:23 - 000000000 ____D C:\Program Files (x86)\Origin
  323. 2022-03-11 17:28 - 2020-10-27 00:14 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
  324. 2022-03-11 17:28 - 2020-10-27 00:14 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
  325. 2022-03-06 12:20 - 2020-10-10 20:51 - 000000000 ____D C:\Users\gozdz
  326.  
  327. ==================== Pliki w katalogu głównym wybranych folderów ========
  328.  
  329. 2020-10-20 15:24 - 2020-10-20 15:24 - 000000348 _____ () C:\Users\gozdz\AppData\Local\karboncalligraphyrc
  330. 2020-10-20 15:13 - 2021-06-27 22:26 - 000002556 _____ () C:\Users\gozdz\AppData\Local\krita-sysinfo.log
  331. 2020-10-20 15:13 - 2021-06-27 23:04 - 000020448 _____ () C:\Users\gozdz\AppData\Local\krita.log
  332. 2021-06-27 23:04 - 2021-06-27 23:04 - 000000039 _____ () C:\Users\gozdz\AppData\Local\kritadisplayrc
  333. 2020-10-20 15:13 - 2021-06-27 23:04 - 000019914 _____ () C:\Users\gozdz\AppData\Local\kritarc
  334. 2021-04-28 15:58 - 2021-04-28 15:58 - 000000218 _____ () C:\Users\gozdz\AppData\Local\recently-used.xbel
  335.  
  336. ==================== SigCheckExt =========================
  337.  
  338. 2012-02-20 23:23 - 2012-02-20 23:23 - 000072192 _____ C:\Windows\system32\CDASpl.dll
  339. 2020-11-25 14:32 - 2022-03-25 18:09 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
  340. 2013-06-28 13:08 - 2013-06-28 13:08 - 000091136 _____ C:\Windows\system32\ssdevm64.dll
  341. 2013-04-08 08:54 - 2013-04-08 08:54 - 000047104 _____ (Samsung Electronics) C:\Windows\system32\ssusbp64.dll
  342. 2020-10-15 15:21 - 2014-04-10 17:34 - 001786880 ____N (Xerox/Leader Technologies) C:\Windows\Xreg.exe
  343. 2013-06-28 13:08 - 2013-06-28 13:08 - 000094208 _____ C:\Windows\SysWOW64\ssdevm.dll
  344. 2013-04-08 08:54 - 2013-04-08 08:54 - 000049152 _____ (Samsung Electronics) C:\Windows\SysWOW64\ssusbpn.dll
  345. 2021-01-21 01:56 - 2022-04-04 19:27 - 002365440 _____ (Farbar) C:\Users\gozdz\Downloads\FRST64.exe
  346. 2020-11-08 23:29 - 2020-11-08 23:29 - 008016558 _____ (SWE Sven Ritter ) C:\Users\gozdz\Downloads\gtmd85637wxpw7.exe
  347. 2021-04-28 15:44 - 2021-04-28 15:44 - 093940807 _____ C:\Users\gozdz\Downloads\inkscape-1.0.2-2-x64.exe
  348. 2021-01-27 09:57 - 2021-01-27 09:57 - 000561677 _____ (Mist Poryvaev ) C:\Users\gozdz\Downloads\MicMute_0.1.8.4_Beta_Setup.exe
  349. 2020-11-19 16:50 - 2020-11-19 16:50 - 003928192 _____ (Menonemi ) C:\Users\gozdz\Downloads\microsoft-powerpoint-2016-ks_1923851742.exe
  350. 2020-11-09 19:20 - 2020-11-09 19:20 - 153413996 _____ C:\Users\gozdz\Downloads\Phaser_3020_Windows_Print_Driver_Installer_Package (1).exe
  351. 2020-10-15 15:17 - 2020-10-15 15:17 - 153413996 _____ C:\Users\gozdz\Downloads\Phaser_3020_Windows_Print_Driver_Installer_Package.exe
  352. 2021-01-21 01:58 - 2021-01-21 01:58 - 000380928 _____ C:\Users\gozdz\Downloads\z9se08qe.exe
  353.  
  354. ==================== SigCheck ============================
  355.  
  356. (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
  357.  
  358.  
  359. ==================== BCD ================================
  360.  
  361. Firmware Boot Manager
  362. ---------------------
  363. identifier              {fwbootmgr}
  364. displayorder            {bootmgr}
  365.                         {a7da87bf-7162-11e7-85ec-806e6f6e6963}
  366.                         {a7da87c0-7162-11e7-85ec-806e6f6e6963}
  367.                         {a7da87be-7162-11e7-85ec-806e6f6e6963}
  368. timeout                 0
  369.  
  370. Windows Boot Manager
  371. --------------------
  372. identifier              {bootmgr}
  373. device                  partition=\Device\HarddiskVolume1
  374. path                    \EFI\Microsoft\Boot\bootmgfw.efi
  375. description             Windows Boot Manager
  376. locale                  pl-PL
  377. inherit                 {globalsettings}
  378. flightsigning           Yes
  379. default                 {current}
  380. resumeobject            {1c1b736e-0b31-11eb-9478-985a3f289ce5}
  381. displayorder            {current}
  382.                         {adec9d8d-0401-11eb-a104-b1ef1175610e}
  383. toolsdisplayorder       {memdiag}
  384. timeout                 0
  385.  
  386. Firmware Application (101fffff)
  387. -------------------------------
  388. identifier              {a7da87be-7162-11e7-85ec-806e6f6e6963}
  389. description             EFI USB Device
  390.  
  391. Firmware Application (101fffff)
  392. -------------------------------
  393. identifier              {a7da87bf-7162-11e7-85ec-806e6f6e6963}
  394. description             EFI DVD/CDROM
  395.  
  396. Firmware Application (101fffff)
  397. -------------------------------
  398. identifier              {a7da87c0-7162-11e7-85ec-806e6f6e6963}
  399. description             EFI Network
  400.  
  401. Firmware Application (101fffff)
  402. -------------------------------
  403. identifier              {c8db0615-2300-11ea-bccd-806e6f6e6963}
  404. device                  partition=\Device\HarddiskVolume1
  405. path                    \EFI\Microsoft\Boot\bootmgfw.efi
  406. description             Network Boot-IPV4: 98-29-A6-35-4B-A3
  407.  
  408. Firmware Application (101fffff)
  409. -------------------------------
  410. identifier              {de562d8a-230c-11ea-bfa5-806e6f6e6963}
  411. description             Network Boot-IPV6: 98-29-A6-35-4B-A3
  412.  
  413. Windows Boot Loader
  414. -------------------
  415. identifier              {current}
  416. device                  partition=C:
  417. path                    \Windows\system32\winload.efi
  418. description             Windows 10
  419. locale                  pl-PL
  420. inherit                 {bootloadersettings}
  421. recoverysequence        {1c1b7370-0b31-11eb-9478-985a3f289ce5}
  422. displaymessageoverride  Recovery
  423. recoveryenabled         Yes
  424. isolatedcontext         Yes
  425. flightsigning           Yes
  426. allowedinmemorysettings 0x15000075
  427. osdevice                partition=C:
  428. systemroot              \Windows
  429. resumeobject            {1c1b736e-0b31-11eb-9478-985a3f289ce5}
  430. nx                      OptIn
  431. bootmenupolicy          Standard
  432.  
  433. Windows Boot Loader
  434. -------------------
  435. identifier              {1c1b7370-0b31-11eb-9478-985a3f289ce5}
  436. device                  ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{1c1b7371-0b31-11eb-9478-985a3f289ce5}
  437. path                    \windows\system32\winload.efi
  438. description             Windows Recovery Environment
  439. locale                  pl-pl
  440. inherit                 {bootloadersettings}
  441. displaymessage          Recovery
  442. osdevice                ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{1c1b7371-0b31-11eb-9478-985a3f289ce5}
  443. systemroot              \windows
  444. nx                      OptIn
  445. bootmenupolicy          Standard
  446. winpe                   Yes
  447.  
  448. Windows Boot Loader
  449. -------------------
  450. identifier              {adec9d8d-0401-11eb-a104-b1ef1175610e}
  451. device                  partition=D:
  452. path                    \WINDOWS\system32\winload.efi
  453. description             Windows 10
  454. locale                  pl-PL
  455. inherit                 {bootloadersettings}
  456. recoverysequence        {db8208e7-03f9-11eb-8646-eef8846b3155}
  457. displaymessageoverride  Recovery
  458. recoveryenabled         Yes
  459. isolatedcontext         Yes
  460. allowedinmemorysettings 0x15000075
  461. osdevice                partition=D:
  462. systemroot              \WINDOWS
  463. resumeobject            {adec9d8c-0401-11eb-a104-b1ef1175610e}
  464. nx                      OptIn
  465. bootmenupolicy          Standard
  466.  
  467. Windows Boot Loader
  468. -------------------
  469. identifier              {db8208e7-03f9-11eb-8646-eef8846b3155}
  470. device                  ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{db8208e8-03f9-11eb-8646-eef8846b3155}
  471. path                    \windows\system32\winload.efi
  472. description             Windows Recovery Environment
  473. locale                  pl-PL
  474. inherit                 {bootloadersettings}
  475. displaymessage          Recovery
  476. osdevice                ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{db8208e8-03f9-11eb-8646-eef8846b3155}
  477. systemroot              \windows
  478. nx                      OptIn
  479. bootmenupolicy          Standard
  480. winpe                   Yes
  481.  
  482. Resume from Hibernate
  483. ---------------------
  484. identifier              {1c1b736e-0b31-11eb-9478-985a3f289ce5}
  485. device                  partition=C:
  486. path                    \Windows\system32\winresume.efi
  487. description             Windows Resume Application
  488. locale                  pl-PL
  489. inherit                 {resumeloadersettings}
  490. recoverysequence        {1c1b7370-0b31-11eb-9478-985a3f289ce5}
  491. recoveryenabled         Yes
  492. isolatedcontext         Yes
  493. allowedinmemorysettings 0x15000075
  494. filedevice              partition=C:
  495. filepath                \hiberfil.sys
  496. bootmenupolicy          Standard
  497. debugoptionenabled      No
  498.  
  499. Resume from Hibernate
  500. ---------------------
  501. identifier              {8ccddede-e072-11e9-ad7c-e2f4b54d7aa8}
  502. device                  partition=D:
  503. path                    \WINDOWS\system32\winresume.efi
  504. description             Windows Resume Application
  505. locale                  pl-PL
  506. inherit                 {resumeloadersettings}
  507. recoverysequence        {8ccddee0-e072-11e9-ad7c-e2f4b54d7aa8}
  508. recoveryenabled         Yes
  509. isolatedcontext         Yes
  510. allowedinmemorysettings 0x15000075
  511. filedevice              partition=D:
  512. filepath                \hiberfil.sys
  513. bootmenupolicy          Standard
  514. debugoptionenabled      No
  515.  
  516. Windows Memory Tester
  517. ---------------------
  518. identifier              {memdiag}
  519. device                  partition=\Device\HarddiskVolume1
  520. path                    \EFI\Microsoft\Boot\memtest.efi
  521. description             Diagnostyka pami©ci systemu Windows
  522. locale                  pl-PL
  523. inherit                 {globalsettings}
  524. badmemoryaccess         Yes
  525.  
  526. EMS Settings
  527. ------------
  528. identifier              {emssettings}
  529. bootems                 No
  530.  
  531. Debugger Settings
  532. -----------------
  533. identifier              {dbgsettings}
  534. debugtype               Local
  535.  
  536. RAM Defects
  537. -----------
  538. identifier              {badmemory}
  539.  
  540. Global Settings
  541. ---------------
  542. identifier              {globalsettings}
  543. inherit                 {dbgsettings}
  544.                         {emssettings}
  545.                         {badmemory}
  546.  
  547. Boot Loader Settings
  548. --------------------
  549. identifier              {bootloadersettings}
  550. inherit                 {globalsettings}
  551.                         {hypervisorsettings}
  552.  
  553. Hypervisor Settings
  554. -------------------
  555. identifier              {hypervisorsettings}
  556. hypervisordebugtype     Serial
  557. hypervisordebugport     1
  558. hypervisorbaudrate      115200
  559.  
  560. Resume Loader Settings
  561. ----------------------
  562. identifier              {resumeloadersettings}
  563. inherit                 {globalsettings}
  564.  
  565. Device options
  566. --------------
  567. identifier              {1c1b7371-0b31-11eb-9478-985a3f289ce5}
  568. description             Windows Recovery
  569. ramdisksdidevice        partition=C:
  570. ramdisksdipath          \Recovery\WindowsRE\boot.sdi
  571.  
  572. Device options
  573. --------------
  574. identifier              {db8208e8-03f9-11eb-8646-eef8846b3155}
  575. description             Windows Recovery
  576. ramdisksdidevice        partition=\Device\HarddiskVolume5
  577. ramdisksdipath          \Recovery\WindowsRE\boot.sdi
  578.  
  579. ==================== Koniec  FRST.txt ========================

Reply to "Untitled"