Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-08-2019 Uruchomiony przez Tomek (administrator) TOMEK-HP (Hewlett-Packard HP ProBook 650 G1) (07-08-2019 12:06:33) Uruchomiony z C:\Users\Tomek\Downloads Załadowane profile: Tomek (Dostępne profile: Tomek) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Broadcom Corporation) [Brak podpisu cyfrowego] C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE (Broadcom Corporation) [Brak podpisu cyfrowego] C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (Dassault Systèmes) [Brak podpisu cyfrowego] C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HP HSPA+ Mobile Broadband\CommService\CommServiceEx.exe (IDT, Inc.) [Brak podpisu cyfrowego] C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.) [Brak podpisu cyfrowego] C:\Program Files\IDT\WDM\sttray64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (N/A) [Brak podpisu cyfrowego] C:\Program Files (x86)\CORViewLite\jre\bin\java.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (PDF Complete -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Red Hat®, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\CORViewLite\server\JBOSS\jboss-as-7.1.1.Final\bin\jbosssvc.exe (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> ) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-19] (IDT, Inc.) [Brak podpisu cyfrowego] HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2934440 2015-05-07] (Synaptics Incorporated -> Synaptics Incorporated) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete -> PDF Complete Inc) HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-09-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-08-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-25] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM-x32\...\Run: [DsMgr] => C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe [270552 2013-06-18] (Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink) HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2013-08-07] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1057240 2017-11-18] (DivX, LLC -> DivX, LLC) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-3561778107-3546557315-3471389920-1002\...\Policies\Explorer: [NoInstrumentation] 1 HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{438363A8-F486-4C37-834C-4955773CB3D3}] -> msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn HKLM\Software\...\Authentication\Credential Providers: [{02AA8B83-49C5-482C-915A-B6824F665CCD}] -> C:\Windows\system32\DPCrProv.dll [2013-09-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{2A16DF2F-490B-4F2B-8C68-21EF46FCCC37}] -> C:\Windows\system32\DPCrProv.dll [2013-09-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{3ADC7042-51AF-4D0F-BD1D-4D6965A77323}] -> C:\Windows\system32\DPCrProv.dll [2013-09-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> c:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2012-12-07] (Broadcom Corporation -> Broadcom Corporation.) HKLM\Software\...\Authentication\Credential Providers: [{57E84B57-5533-4624-AB49-E29C8C5489D6}] -> C:\Windows\system32\DPCrProv.dll [2013-09-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{70099717-17C8-4BD0-B3D4-FAF721AB1A62}] -> C:\Windows\system32\DPCrProv.dll [2013-09-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2012-12-07] (Broadcom Corporation -> Broadcom Corporation.) HKLM\Software\...\Authentication\Credential Provider Filters: [{FD2AB138-F9A8-4ab6-9095-EEE7AF8B6C28}] -> C:\Windows\system32\DPCrProv.dll [2013-09-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2013-09-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.) Lsa: [Notification Packages] DPPassFilter scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2019-07-09] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {054745F0-D1B6-4D9E-BCA4-9B3FB6FE22F3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-05] (Microsoft Corporation -> Microsoft Corporation) Task: {1080F53D-1501-4CDA-B32C-0AEEB98DD9F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-05] (Microsoft Corporation -> Microsoft Corporation) Task: {17323224-33CA-4AD5-B29A-C0532D4D6871} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {247F0E01-A96F-4C16-8AC4-D721037D47F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.) Task: {275FD2EC-EFF1-488C-903D-B20824EFD526} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.) Task: {2FC04C71-410C-47B1-94E4-B309E605F0C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.) Task: {39CF5825-ACD7-4048-8401-CB7BF2B11306} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-05] (Microsoft Corporation -> Microsoft Corporation) Task: {3C82DD9A-24A9-49C7-BE18-FE31538827BA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [243576 2019-07-23] (HP Inc. -> HP Inc.) Task: {46197A5C-E842-4F0C-A4F5-41EBE9ED7295} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-10] (Adobe Inc. -> Adobe) Task: {49A12BF2-CC87-4A1D-BBD5-713B87377170} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-06] (Google Inc -> Google Inc.) Task: {4EAF96F6-B811-48FC-97E7-B0356B9000FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.) Task: {5D0A9710-8CEC-482E-A6EC-991F91A62695} - Brak ścieżki do pliku Task: {68A0A26C-9068-4294-B635-7E97791F6D55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-06] (Google Inc -> Google Inc.) Task: {75179397-91E9-4411-9E11-09DA76121773} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.) Task: {7CC029F4-554B-4C8B-9AD3-A91E3BE0FD8E} - System32\Tasks\HPCeeScheduleForTomek => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.) Task: {7F6B3960-1623-44FF-B680-DC2867DD1DA3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-10] (Adobe Inc. -> Adobe) Task: {83D570CD-E43A-49CC-9452-FC342E4E0023} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation) Task: {84D7D408-A702-4315-BA1A-3B5F9ADAE410} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-05] (Microsoft Corporation -> Microsoft Corporation) Task: {8E0E7E6D-A9FC-4DB6-B8E5-0208C61A4BE6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {8EA645D7-35D5-45AB-8854-D6F2B32E0D94} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-05] (Microsoft Corporation -> Microsoft Corporation) Task: {96D159FA-3CBC-4488-BB19-7A388066194D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1083768 2019-07-12] (HP Inc. -> HP Inc.) Task: {9B8506E7-67FB-4B8E-BBF9-AE1392A7CC3A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation) Task: {AE0B8907-EE4F-40E2-8CE2-8FA934F8C46F} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC) Task: {B76F3A9D-5A2E-4CE3-B62B-8A74479E91F0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.) Task: {C9B26217-7233-42BE-A29E-7CFB7ED073A3} - System32\Tasks\{6B360E59-6129-489D-8091-6EF97973606B} => C:\Windows\system32\pcalua.exe -a C:\Users\Tomek\Downloads\sp72931.exe -d C:\Users\Tomek\Downloads Task: {DE8949D3-4F1C-40AE-A30C-14712D365175} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-05] (Microsoft Corporation -> Microsoft Corporation) Task: {F33B3D70-C527-4E6E-8C93-DF5ADE3ADE72} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-10] (Adobe Inc. -> Adobe) Task: {F5252981-9C4A-44FF-823A-B011BCB53CF0} - System32\Tasks\AdvancedSystemRepairPro-Maintenance-Autorun => C:\Program Files (x86)\Advanced System Repair Pro 1.8.1.9.0\AdvancedSystemRepairPro.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\HPCeeScheduleForTomek.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{4BF85DB7-86E1-4F08-A6A2-76384DA7B2FD}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{A444ED3F-BCF7-40D0-B064-EAA0654420E4}: [NameServer] 194.204.159.1 194.204.152.34 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPALL14/178 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPALL14/178 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/178 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/178 HKU\S-1-5-21-3561778107-3546557315-3471389920-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.google.com/mail/u/0/#inbox HKU\S-1-5-21-3561778107-3546557315-3471389920-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/178 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-07] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-22] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-08-05] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-22] (Oracle America, Inc. -> Oracle Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc. -> HP Inc.) BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-08-07] (Hewlett-Packard Company -> Hewlett-Packard) BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL [2013-10-20] (Symantec Corporation -> Symantec Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-08-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc. -> HP Inc.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies SA -> Skype Technologies) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FireFox: ======== FF DefaultProfile: 5opfpwz7.default FF ProfilePath: C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\susjl16o.default-release [2019-07-23] FF ProfilePath: C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\5opfpwz7.default [2019-08-07] FF Homepage: Mozilla\Firefox\Profiles\5opfpwz7.default -> hxxps://www.google.pl/ FF Extension: (Cisco Webex Extension) - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\5opfpwz7.default\Extensions\ciscowebexstart1@cisco.com.xpi [2019-07-12] FF Extension: (YouTube Download Helper) - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\5opfpwz7.default\Extensions\download.helper@youtube.com.xpi [2018-11-13] FF Extension: (FireGestures) - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\5opfpwz7.default\Extensions\firegestures@xuldev.org.xpi [2018-05-10] [Przestarzałe] FF Extension: (AdBlock) - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\5opfpwz7.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2019-07-06] FF Extension: (Gesturefy) - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\5opfpwz7.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2019-07-05] FF Extension: (Youtube Downloader) - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\5opfpwz7.default\Extensions\{b6e03bad-d006-4a8b-aa38-9c92e683dce9}.xpi [2019-06-16] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\5opfpwz7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-02] FF Extension: (YouTube mp3 Downloader) - C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\5opfpwz7.default\Extensions\{defe5404-0b6f-4cce-a119-ee0df858e5f9}.xpi [2018-09-06] FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome FF Extension: (DPChrome) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-06-30] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF FF Extension: (Symantec Vulnerability Protection) - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF [2018-05-11] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-22] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-22] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> ) FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2019-03-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @surveillance.com/npnetsdkplayer -> C:\Program Files (x86)\Surveillance Viewer\Surveillance Viewer Unity NVR\npnetsdkplayer.dll [2017-07-24] (bcscctv -> Surveillance Viewer) FF Plugin-x32: @surveillance.com/npnetsdkplayer.ipc.nb -> C:\Program Files (x86)\Surveillance Viewer\Surveillance Viewer IPC\npnetsdkplayer.dll [2018-01-11] (bcscctv -> Surveillance Viewer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2013-09-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.) FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-05-17] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> ) FF Plugin HKU\S-1-5-21-3561778107-3546557315-3471389920-1002: SkypeForBusinessPlugin-16.2 -> C:\Users\Tomek\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.485\npGatewayNpapi.dll [2019-03-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-3561778107-3546557315-3471389920-1002: SkypeForBusinessPlugin64-16.2 -> C:\Users\Tomek\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.485\npGatewayNpapi-x64.dll [2019-03-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Tomek\AppData\Roaming\mozilla\plugins\npatgpc.dll [2019-01-08] Chrome: ======= CHR Profile: C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default [2019-08-05] CHR Extension: (Prezentacje) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-27] CHR Extension: (Dokumenty) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-27] CHR Extension: (Dysk Google) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-27] CHR Extension: (YouTube) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-27] CHR Extension: (Arkusze) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-27] CHR Extension: (Dokumenty Google offline) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-05] CHR Extension: (Rozszerzenie DigitalPersona) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2018-06-27] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-27] CHR Extension: (Gmail) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-27] CHR Extension: (Chrome Media Router) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-04] CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2013-09-14] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation) R2 CommService; C:\Program Files (x86)\HP HSPA+ Mobile Broadband\CommService\CommServiceEx.exe [73296 2014-06-30] (Huawei Technologies Co., Ltd. -> ) R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2013-08-14] () [Brak podpisu cyfrowego] R2 CVLITESVC; C:\Program Files (x86)\CORViewLite\server\JBOSS\jboss-as-7.1.1.Final\bin\jbosssvc.exe [61440 2018-09-21] (Red Hat®, Inc.) [Brak podpisu cyfrowego] R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-18] (CyberLink Corp. -> CyberLink) R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-18] (CyberLink Corp. -> CyberLink) R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-09-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.) R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2018-03-21] (Dassault Systèmes) [Brak podpisu cyfrowego] S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [567608 2013-09-06] (Hewlett-Packard Company -> Hewlett-Packard Company) R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-08-01] (Hewlett-Packard Company -> Hewlett-Packard Company) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [357240 2019-07-05] (HP Inc. -> HP Inc.) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete -> PDF Complete Inc) R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [144368 2013-10-20] (Symantec Corporation -> Symantec Corporation) R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe [2377984 2013-10-20] (Symantec Corporation -> Symantec Corporation) S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe [334736 2013-10-20] (Symantec Corporation -> Symantec Corporation) R2 STacSV; C:\Program Files\IDT\WDM\stacsv64.exe [340480 2014-01-19] (IDT, Inc.) [Brak podpisu cyfrowego] R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237224 2015-05-07] (Synaptics Incorporated -> Synaptics Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH -> TeamViewer GmbH) R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-29] (Microsoft Windows -> Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5894144 2019-02-10] (Broadcom Corporation) [Brak podpisu cyfrowego] S2 tscmon; C:\Program Files (x86)\Advanced System Repair Pro 1.8.1.9.0\tscmon.exe [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [44680 2015-07-11] (Hewlett-Packard Company -> Hewlett-Packard) R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20190729.001\BHDrvx64.sys [1935880 2019-06-14] (Symantec Corporation -> Symantec Corporation) R1 ccSettings_{2FF4FBED-F03A-4EE2-AC58-C985811A4FBE}; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\ccSetx64.sys [169048 2013-10-20] (Symantec Corporation -> Symantec Corporation) R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink -> CyberLink) R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] (Cisco Systems, Inc. -> ) S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-06-13] (Hewlett-Packard Company -> Hewlett-Packard Company) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [536560 2017-10-31] (Intel(R) INTELND1718 -> Intel Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-07-16] (Symantec Corporation -> Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-07-16] (Symantec Corporation -> Symantec Corporation) R3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [15744 2014-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [31880 2015-07-11] (Hewlett-Packard Company -> Hewlett-Packard) S3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2009-02-26] (Hewlett-Packard Company -> Hewlett Packard) S3 HpqKbFiltr; C:\Windows\system32\drivers\HpqKbFiltr.sys [25912 2013-06-26] (Hewlett-Packard Company -> Hewlett-Packard Company) S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [110592 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [91648 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [30720 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [245248 2014-06-30] (Microsoft Windows Hardware Compatibility Publisher -> MBB Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [40448 2017-09-14] (Intel(R) Rapid Storage Technology -> Intel Corporation) R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20190806.061\IDSvia64.sys [1309192 2019-06-11] (Symantec Corporation -> Symantec Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [201296 2017-11-28] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20190806.020\ENG64.SYS [138832 2018-11-14] (Symantec Corporation -> Symantec Corporation) R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20190806.020\EX64.SYS [2153040 2018-11-14] (Symantec Corporation -> Symantec Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-08-22] (WinMagic Inc. -> WinMagic Inc.) R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [36904 2018-05-11] (Feitian Technologies Co., Ltd. -> Feitian Technologies Co., Ltd.) S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2018-05-11] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation) R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2013-08-22] (WinMagic Inc. -> WinMagic Inc.) R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2013-08-22] (WinMagic Inc. -> WinMagic Inc.) S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [250712 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.) R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.) S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-04] (Synaptics Incorporated -> Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2015-05-07] (Synaptics Incorporated -> Synaptics Incorporated) R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSP64.SYS [797272 2013-10-20] (Symantec Corporation -> Symantec Corporation) R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSPX64.SYS [36952 2013-10-20] (Symantec Corporation -> Symantec Corporation) R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [551936 2014-01-19] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\SyDvCtrl64.sys [34800 2013-10-20] (Symantec Corporation -> Symantec Corporation) R0 SymDS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMDS64.SYS [493656 2013-10-20] (Symantec Corporation -> Symantec Corporation) R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMEFA64.SYS [1147480 2013-10-20] (Symantec Corporation -> Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2018-05-11] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\Ironx64.SYS [224856 2013-10-20] (Symantec Corporation -> Symantec Corporation) R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMNETS.SYS [437336 2013-10-20] (Symantec Corporation -> Symantec Corporation) R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [155352 2018-05-11] (Symantec Corporation -> Symantec Corporation) R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [92456 2013-10-20] (Symantec Corporation -> Symantec Corporation) S1 asrdmon; \SystemRoot\system32\drivers\asrdmon.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-08-07 12:06 - 2019-08-07 12:06 - 000057324 _____ C:\Users\Tomek\Downloads\Shortcut.txt 2019-08-07 12:02 - 2019-08-07 12:06 - 000047712 _____ C:\Users\Tomek\Downloads\Addition.txt 2019-08-07 12:00 - 2019-08-07 12:07 - 000049105 _____ C:\Users\Tomek\Downloads\FRST.txt 2019-08-07 12:00 - 2019-08-07 12:06 - 000000000 ____D C:\FRST 2019-08-07 11:59 - 2019-08-07 11:59 - 002096640 _____ (Farbar) C:\Users\Tomek\Downloads\FRST64.exe 2019-08-07 11:47 - 2019-08-07 11:48 - 000001078 _____ C:\Windows\system32dbgraw.bmp 2019-08-07 11:45 - 2019-08-07 11:45 - 001250816 _____ C:\Users\Tomek\Downloads\MicrosoftEasyFix50202(2).msi 2019-08-07 10:46 - 2019-08-07 10:46 - 000001042 _____ C:\Users\Tomek\Desktop\Win Update Fixer.lnk 2019-08-07 10:46 - 2019-08-07 10:46 - 000000000 ____D C:\Windows\SoftwareDistribution.old 2019-08-07 10:46 - 2019-08-07 10:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks 2019-08-07 10:46 - 2019-08-07 10:46 - 000000000 ____D C:\Program Files\NoVirusThanks 2019-08-07 10:45 - 2019-08-07 10:45 - 001337944 _____ (NoVirusThanks Company Srl ) C:\Users\Tomek\Downloads\win_update_fixer_setup.exe 2019-08-07 10:43 - 2019-08-07 10:43 - 000313366 _____ C:\Users\Tomek\Downloads\WindowsUpdate.diagcab 2019-08-07 10:34 - 2019-08-07 10:34 - 001250816 _____ C:\Users\Tomek\Downloads\MicrosoftEasyFix50202(1).msi 2019-08-07 10:28 - 2019-08-07 10:28 - 000002967 _____ C:\Users\Tomek\Downloads\FSS.txt 2019-08-07 10:27 - 2019-08-07 10:27 - 000899584 _____ (Farbar) C:\Users\Tomek\Downloads\FSS.exe 2019-08-06 06:29 - 2019-08-06 06:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2019-08-06 06:28 - 2019-08-07 11:47 - 000212992 _____ C:\Windows\system32\ClickToRun_Pipeline16 2019-08-05 19:13 - 2019-08-05 19:13 - 000000012 _____ C:\Users\Tomek\Downloads\Pod.powierzchnia.S02E06.PL.WEBRip.XviD-TVND.avi 2019-08-02 12:16 - 2019-08-02 12:16 - 018722752 _____ C:\Users\Tomek\Desktop\Schemat_rozszycia_Wrocław_V78C_ms.dwg 2019-07-30 11:48 - 2019-07-30 11:48 - 000000000 ____D C:\Users\Tomek\AppData\Local\Intel_Corporation 2019-07-26 02:10 - 2019-07-26 02:49 - 358002825 _____ C:\Users\Tomek\Downloads\The.Handmaids.Tale.S03E10.Witness.PL.HULU.WEB-DL.x264-666.mkv 2019-07-26 02:09 - 2019-07-26 02:46 - 334607881 _____ C:\Users\Tomek\Downloads\The.Handmaids.Tale.S03E09.Heroic.PL.HULU.WEB-DL.x264-666(1).mkv 2019-07-23 15:35 - 2019-07-23 15:36 - 103046204 _____ C:\Users\Tomek\Downloads\Windows6.0-KB947821-v4-x64.msu 2019-07-23 12:45 - 2019-07-25 10:28 - 000000167 _____ C:\Windows\restoro.ini 2019-07-23 12:45 - 2019-07-23 12:45 - 000934120 _____ (Restoro) C:\Users\Tomek\Downloads\Restoro.exe 2019-07-22 14:25 - 2019-07-22 14:25 - 000000602 _____ C:\Users\Tomek\Downloads\yciem.php 2019-07-22 13:11 - 2019-07-22 13:54 - 334607881 _____ C:\Users\Tomek\Downloads\The.Handmaids.Tale.S03E09.Heroic.PL.HULU.WEB-DL.x264-666.mkv 2019-07-22 12:58 - 2019-07-22 14:25 - 320451301 _____ C:\Users\Tomek\Downloads\The.Handmaids.Tale.S03E08.Unfit.PL.HULU.WEB-DL.x264-666.mkv 2019-07-22 12:56 - 2019-07-22 14:38 - 312397631 _____ C:\Users\Tomek\Downloads\The.Handmaids.Tale.S03E07.Under.His.Eye.PL.HULU.WEB-DL.x264-666.mkv 2019-07-22 12:54 - 2019-07-22 13:36 - 385492237 _____ C:\Users\Tomek\Downloads\The.Handmaids.Tale.S03E06.Household.PL.HULU.WEB-DL.x264-666.mkv 2019-07-21 17:19 - 2019-07-21 19:12 - 786431264 _____ C:\Users\Tomek\Downloads\Handmaids.Tale.S03E01.PL.480p.HULU.WEB-DL.XviD-H3Q.avi 2019-07-19 20:37 - 2019-07-20 08:54 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-07-15 08:18 - 2019-08-06 06:29 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk 2019-07-15 08:18 - 2019-08-06 06:29 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2019-07-15 08:18 - 2019-08-06 06:29 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2019-07-15 08:18 - 2019-08-06 06:29 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2019-07-15 08:18 - 2019-08-06 06:29 - 000002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2019-07-15 08:18 - 2019-08-06 06:29 - 000002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2019-07-12 20:16 - 2019-07-12 20:16 - 000045262 _____ C:\Users\Tomek\Downloads\2019-07-12 15-09.zip 2019-07-10 09:34 - 2019-07-10 09:37 - 545646492 _____ C:\Users\Tomek\Desktop\ENERGYLANDIA 2019.mp4 2019-07-09 16:20 - 2019-07-12 14:04 - 000000000 ____D C:\Users\Tomek\Desktop\ENERGY ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-08-07 11:53 - 2014-06-30 01:00 - 000751536 _____ C:\Windows\system32\perfh015.dat 2019-08-07 11:53 - 2014-06-30 01:00 - 000162454 _____ C:\Windows\system32\perfc015.dat 2019-08-07 11:53 - 2009-07-14 07:13 - 001703566 _____ C:\Windows\system32\PerfStringBackup.INI 2019-08-07 11:53 - 2009-07-14 06:45 - 000026832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-08-07 11:53 - 2009-07-14 06:45 - 000026832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-08-07 11:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-08-07 11:47 - 2018-09-13 10:48 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-08-07 11:47 - 2018-05-10 21:10 - 000000000 ____D C:\Users\Tomek\AppData\LocalLow\Mozilla 2019-08-07 11:47 - 2013-10-29 01:59 - 000000000 ____D C:\ProgramData\PDFC 2019-08-07 11:47 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-08-07 11:31 - 2018-05-11 08:14 - 000000000 ____D C:\ProgramData\Symantec 2019-08-07 10:47 - 2018-05-11 17:14 - 000000000 ____D C:\Users\Tomek\AppData\Local\ElevatedDiagnostics 2019-08-06 09:47 - 2018-05-11 15:43 - 000003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTomek 2019-08-06 09:47 - 2018-05-11 15:43 - 000000332 _____ C:\Windows\Tasks\HPCeeScheduleForTomek.job 2019-08-06 06:31 - 2014-06-30 00:11 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-08-06 06:28 - 2014-06-30 00:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-08-02 12:10 - 2018-11-08 13:44 - 000016101 _____ C:\Users\Tomek\Downloads\Adresy IP HE Wrocław.xlsx 2019-08-02 09:30 - 2018-05-16 09:38 - 000000000 ____D C:\Users\Tomek\Documents\Scan 2019-07-31 13:48 - 2018-05-10 20:56 - 000000000 ____D C:\Users\Tomek\AppData\Local\PDFC 2019-07-30 11:40 - 2019-05-28 17:34 - 001427282 _____ C:\Windows\ProcessedPackets.KTL 2019-07-30 11:40 - 2019-05-28 17:34 - 000549286 _____ C:\Windows\Packet.KTL 2019-07-30 11:40 - 2019-05-28 17:34 - 000035492 _____ C:\Windows\Control.KTL 2019-07-30 11:40 - 2019-05-28 17:34 - 000000143 _____ C:\Windows\NGIControl.KTL 2019-07-25 15:36 - 2018-05-11 13:29 - 000000000 ____D C:\Users\Tomek\.ccor 2019-07-23 15:15 - 2019-05-18 10:17 - 000000000 ____D C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced System Repair Pro 2019-07-23 14:33 - 2019-05-18 09:59 - 000000000 ____D C:\Windows\SysWOW64\catroot2.bak 2019-07-23 14:19 - 2019-05-18 10:17 - 000000000 ____D C:\Program Files (x86)\Advanced System Repair Pro 1.8.1.9.0 2019-07-22 06:59 - 2018-05-11 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2019-07-22 06:59 - 2018-05-11 14:05 - 000000000 ____D C:\Program Files\Java 2019-07-22 06:57 - 2018-05-11 14:05 - 000110064 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2019-07-20 08:54 - 2018-05-10 21:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-07-19 09:22 - 2019-06-29 15:40 - 000000000 ____D C:\Windows\Minidump 2019-07-19 09:22 - 2018-12-13 15:28 - 000319155 ____N C:\Windows\Minidump\071919-21418-01.dmp 2019-07-16 21:33 - 2018-07-06 15:01 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-07-16 21:33 - 2018-07-06 15:01 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-07-11 15:53 - 2009-07-14 06:45 - 000331192 _____ C:\Windows\system32\FNTCACHE.DAT 2019-07-11 08:21 - 2018-05-11 06:21 - 000003174 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3561778107-3546557315-3471389920-1002 2019-07-11 08:21 - 2018-05-10 21:12 - 000002204 _____ C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2019-07-11 08:21 - 2018-05-10 21:12 - 000000000 ___RD C:\Users\Tomek\OneDrive 2019-07-11 07:17 - 2011-02-11 15:51 - 001676172 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2019-07-11 07:15 - 2018-05-11 07:09 - 000000000 ____D C:\Windows\system32\MRT 2019-07-11 06:53 - 2018-05-11 07:09 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-07-10 08:42 - 2019-05-21 14:36 - 000004532 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2019-07-10 08:42 - 2018-06-02 08:26 - 000004424 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2019-07-10 08:42 - 2018-05-10 21:37 - 000000000 ____D C:\Windows\system32\Macromed 2019-07-10 08:42 - 2013-10-29 01:59 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-07-10 08:42 - 2013-10-29 01:59 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-07-10 08:42 - 2013-10-29 01:59 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-07-10 08:26 - 2018-05-10 21:37 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2019-07-09 22:05 - 2010-11-21 05:27 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Pliki w katalogu głównym wybranych folderów ================ 2018-07-08 09:09 - 2018-07-08 09:09 - 000004608 _____ () C:\Users\Tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-10-08 10:42 - 2018-10-08 10:42 - 000000001 _____ () C:\Users\Tomek\AppData\Local\llftool.4.40.agreement 2019-05-22 14:10 - 2019-05-22 14:18 - 000000600 _____ () C:\Users\Tomek\AppData\Local\PUTTY.RND ==================== FLock ================ 2018-05-11 05:50 C:\Windows\CSC ==================== SigCheck =============================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2019-08-01 15:43 ==================== Koniec FRST.txt ============================