Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 06-12-2020 Uruchomiony przez AnnaBlacker (administrator) ANIA-NB (ASUSTeK COMPUTER INC. K56CB) (07-12-2020 23:29:55) Uruchomiony z C:\Users\AnnaBlacker\Downloads Załadowane profile: AnnaBlacker Platform: Windows 8.1 Pro (Update) (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (EJIE Technology) [Brak podpisu cyfrowego] C:\Program Files (x86)\Clover\clover.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe (Opera Software AS -> Opera Software) C:\Users\AnnaBlacker\AppData\Local\Programs\Opera\72.0.3815.400\opera.exe <20> (Opera Software AS -> Opera Software) C:\Users\AnnaBlacker\AppData\Local\Programs\Opera\72.0.3815.400\opera_crashreporter.exe (OPSWAT, Inc. -> OPSWAT, Inc.) C:\Program Files (x86)\OPSWAT\GEARS Client\Gears.exe (OPSWAT, Inc. -> OPSWAT, Inc.) C:\Program Files (x86)\OPSWAT\GEARS Client\GearsAgentService.exe (OPSWAT, Inc. -> OPSWAT, Inc.) C:\Program Files (x86)\OPSWAT\GEARS Client\GearsHelper.exe (OPSWAT, Inc. -> OPSWAT, Inc.) C:\Program Files (x86)\OPSWAT\GEARS Client\ondemands\bs\wabpoes.exe (OPSWAT, Inc. -> OPSWAT, Inc.) C:\Program Files (x86)\OPSWAT\GEARS Client\ondemands\wd\waodwd.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1570512 2017-12-23] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [GEARS] => C:\Program Files (x86)\OPSWAT\GEARS Client\GEARS.exe [790992 2020-12-04] (OPSWAT, Inc. -> OPSWAT, Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {0e523199-13a3-11e9-83d5-806e6f6e6963} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {12213cf0-f497-11e3-82a8-681729c80955} - "H:\setup.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {181aaae8-67e4-11e4-82e0-d850e607dd4c} - "I:\setup.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {211df38c-6812-11e7-8378-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {33a08610-a888-11e7-837d-d850e607dd4c} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {34031c5f-8019-11e6-8351-681729c80955} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {36e49854-e1b2-11e3-82a0-681729c80955} - "F:\Autorun.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {36e498e8-e1b2-11e3-82a0-681729c80955} - "G:\Autorun.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {50fc70d7-f3de-11e7-838d-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {53fcf27b-2aef-11e4-82c8-681729c80955} - "H:\setup.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {5c53438f-e81b-11e3-82a3-681729c80955} - "F:\Autorun.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {5c5344a5-e81b-11e3-82a3-681729c80955} - "F:\Autorun.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {70047798-ea51-11e3-82a5-681729c80955} - "H:\setup.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {70226176-af7a-11e6-8358-681729c80955} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {7a2d89b4-d029-11e6-835c-681729c80955} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {7e92b353-6033-11e3-824c-681729c80955} - "F:\Autoplay.exe" -auto HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {832e7220-9cc0-11e8-83b0-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {874efe87-12bb-11e8-8392-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {8a2091fc-b203-11e5-832b-681729c80955} - "I:\setup.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {98d9558b-5f7a-11e7-8375-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {a846183a-e9c9-11e3-82a4-681729c80955} - "F:\Autorun.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {a8461864-e9c9-11e3-82a4-681729c80955} - "G:\Autorun.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {b8375e0e-3919-11e8-839b-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {cef86663-f650-11e5-8344-681729c80955} - "I:\autorun.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {d1e77ec4-cd73-11e7-8388-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {d4123293-aaa0-11e8-83b1-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {d547fa8f-65ee-11ea-8430-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {d984ffed-dc9b-11e8-83ca-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {dcdcf609-f7de-11e3-82ae-681729c80955} - "F:\setup.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {dcdcf693-f7de-11e3-82ae-681729c80955} - "G:\Autorun.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {f7ba15ff-ab61-11ea-8443-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {f7dffdea-d7c7-11e5-833c-681729c80955} - "I:\autorun.exe" HKU\S-1-5-21-2666162162-467456769-3201493010-1001\...\MountPoints2: {fa8dc08d-5cb1-11e9-83e2-d850e607dd4c} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\LIDIL hpzllwn7: C:\Windows\system32\hpzllwn7.dll [51712 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-20] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{BE423CF8-7C59-4179-B70C-88901B6EC506}] -> IVTcPhoneProvider.dll Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" Startup: C:\Users\AnnaBlacker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk [2018-06-03] ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0EF29C4A-90D8-4E83-BD9D-9CA913430440} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) Task: {30287792-49EC-4859-B2AD-12B0B8BBC9B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) Task: {313096FB-7410-4E49-82E8-B97FB29E3251} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-04-01] (Adobe Inc. -> Adobe) Task: {4207301F-8A6B-4FD3-AA65-2493CB9D78E5} - System32\Tasks\{F4FC5DEB-1687-4901-A349-D6C344166AF8} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.21.0.100/pl/abandoninstall?page=tsProgressBar Task: {69475244-6F8C-4C8B-AA43-F5FD2A4E1D5A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [1456128 2019-01-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {6AAAA75E-0244-4642-B29D-E7DB1D25E68D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-01] (Adobe Inc. -> Adobe) Task: {70C2524B-662E-4E13-AC14-EBFE5543E0B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) Task: {72483A7B-404A-433A-A5E0-5817CDA3CAC0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {8880F4B5-B974-400A-92FC-D934AC37E541} - System32\Tasks\{97B89F0D-5A44-4C1C-B80C-B1FA02D9D45E} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.21.0.100/pl/abandoninstall?page=tsProgressBar Task: {AAAF2089-4AFA-4AC1-9B5D-CC8D8C29CC94} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {C00C54DB-C171-4836-A441-A6871D703FF9} - System32\Tasks\Opera scheduled assistant Autoupdate 1550331107 => C:\Users\AnnaBlacker\AppData\Local\Programs\Opera\launcher.exe [1721368 2020-11-25] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\AnnaBlacker\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {CE20DAF0-9F20-4B4A-B2C1-40073E52E1FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {D0028C1C-91CD-4760-BD9E-11F09D27DE90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) Task: {E71C2300-57CA-43BC-83FE-65A82330B3A4} - System32\Tasks\Opera scheduled Autoupdate 1547191555 => C:\Users\AnnaBlacker\AppData\Local\Programs\Opera\launcher.exe [1721368 2020-11-25] (Opera Software AS -> Opera Software) Task: {EA9DFB79-9558-4A07-B9FA-4917869B1236} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 217.172.224.170 89.231.1.206 Tcpip\..\Interfaces\{A98FFD1E-B132-4F15-9565-60CBD1E2F5DA}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{CB33EFD5-C3A7-4F60-9D71-15574F90A856}: [DhcpNameServer] 217.172.224.170 89.231.1.206 Edge: ====== Edge DefaultProfile: Default Edge Profile: C:\Users\AnnaBlacker\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-07] FireFox: ======== FF ProfilePath: C:\Users\AnnaBlacker\AppData\Roaming\Mozilla\MetroFirefox\Profiles\cwoxggpa.default [2013-12-08] FF ProfilePath: C:\Users\AnnaBlacker\AppData\Roaming\Mozilla\Firefox\Profiles\ff86mjqt.default [2020-12-07] FF Extension: (Web Developer) - C:\Users\AnnaBlacker\AppData\Roaming\Mozilla\Firefox\Profiles\ff86mjqt.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2018-03-22] FF Extension: (Adblock Plus) - C:\Users\AnnaBlacker\AppData\Roaming\Mozilla\Firefox\Profiles\ff86mjqt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-03-22] FF Extension: (Greasemonkey) - C:\Users\AnnaBlacker\AppData\Roaming\Mozilla\Firefox\Profiles\ff86mjqt.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2020-03-18] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] (Adobe Systems Incorporated -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Brak pliku] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] (Adobe Systems Incorporated -> ) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [Brak podpisu cyfrowego] FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll [Brak pliku] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default [2020-12-07] CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.facebook.com/" CHR Extension: (Prezentacje) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-11] CHR Extension: (pliki do pobrania) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahigpjeolkfgjdaeodlmaceggigbpeoh [2015-10-18] CHR Extension: (Dokumenty) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Dysk Google) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27] CHR Extension: (Web Developer) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2020-01-13] CHR Extension: (YouTube) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-18] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-10] CHR Extension: (Google Search) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Pixlr-o-matic) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2014-06-15] CHR Extension: (Arkusze) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-11] CHR Extension: (Dokumenty Google offline) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-05] CHR Extension: (Avast Online Security) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-02] CHR Extension: (Sugester) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmobpbgkjfdopnicmlaaaefaeinfohca [2017-05-01] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-04-05] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05] CHR Extension: (e-pity - dodatek) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2020-02-24] CHR Extension: (Gmail) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23] CHR Extension: (Chrome Media Router) - C:\Users\AnnaBlacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-26] CHR HKU\S-1-5-21-2666162162-467456769-3201493010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] Opera: ======= OPR Notifications: hxxps://www.filmweb.pl OPR Extension: (AdBlocker for YouTube™) - C:\Users\AnnaBlacker\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2020-04-02] OPR Extension: (Rich Hints Agent) - C:\Users\AnnaBlacker\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-30] OPR Extension: (Google Translate) - C:\Users\AnnaBlacker\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2020-09-01] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-01] (Adobe Inc. -> Adobe) S4 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (Intervideo, Inc. -> InterVideo Inc.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> ) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-12-08] () [Brak podpisu cyfrowego] R2 OPSWATGEARSHelper; C:\Program Files (x86)\OPSWAT\GEARS Client\GearsHelper.exe [276432 2020-12-04] (OPSWAT, Inc. -> OPSWAT, Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 WAOnDemand; C:\Program Files (x86)\OPSWAT\GEARS Client\GearsAgentService.exe [4224976 2020-12-04] (OPSWAT, Inc. -> OPSWAT, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S4 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [22568 2014-08-12] (IVT CORPORATION -> IVT Corporation.) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-19] (Disc Soft Ltd -> Disc Soft Ltd) S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn, Inc. -> LogMeIn Inc.) S3 HWHandSet; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT CORPORATION -> IVT Corporation.) S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT CORPORATION -> IVT Corporation.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Brak podpisu cyfrowego] S3 usbser; C:\Windows\system32\DRIVERS\USBSER.sys [33280 2018-12-12] (Microsoft Corporation) [Brak podpisu cyfrowego] S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 BlueletAudio; \SystemRoot\system32\DRIVERS\blueletaudio.sys [X] S3 BT; \SystemRoot\system32\DRIVERS\btnetdrv.sys [X] S3 BTCOM; \SystemRoot\system32\DRIVERS\btcomport.sys [X] S3 Btcsrusb; \SystemRoot\System32\Drivers\btcusb.sys [X] S3 IvtComBusSrv; \SystemRoot\System32\Drivers\btcombus.sys [X] S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-12-07 23:29 - 2020-12-07 23:31 - 000027006 _____ C:\Users\AnnaBlacker\Downloads\FRST.txt 2020-12-07 23:28 - 2020-12-07 23:31 - 000000000 ____D C:\FRST 2020-12-07 23:28 - 2020-12-07 23:28 - 002288640 _____ (Farbar) C:\Users\AnnaBlacker\Downloads\FRST64.exe 2020-12-07 21:55 - 2020-12-07 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OPSWAT 2020-12-07 21:55 - 2020-12-07 21:55 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Local\OPSWAT Client 2020-12-07 21:55 - 2020-12-07 21:55 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Local\OPSWAT 2020-12-07 21:55 - 2020-12-07 21:55 - 000000000 ____D C:\ProgramData\waapi-dlp-433432 2020-12-07 21:54 - 2020-12-07 23:00 - 000000000 ____D C:\Program Files (x86)\OPSWAT 2020-12-07 21:54 - 2020-12-07 21:54 - 020393984 _____ C:\Users\AnnaBlacker\Downloads\OPSWAT_GEARS_Client_3445-7c867995737c1853977386e89a5560c5-0.msi 2020-12-07 21:54 - 2020-12-07 21:54 - 000000000 ____D C:\ProgramData\OPSWAT 2020-12-07 20:46 - 2020-12-07 20:46 - 008447152 _____ (Malwarebytes) C:\Users\AnnaBlacker\Downloads\adwcleaner_8.0.8.exe 2020-12-07 20:41 - 2020-12-07 20:41 - 000002259 _____ C:\Windows\epplauncher.mif 2020-12-07 20:00 - 2020-12-07 20:00 - 000000000 ____D C:\Users\Public\Documents\The Witcher 2020-12-07 20:00 - 2020-12-07 20:00 - 000000000 ____D C:\ProgramData\Documents\The Witcher 2020-11-26 16:24 - 2020-11-26 16:24 - 000004346 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1550331107 2020-11-24 15:55 - 2020-11-24 15:55 - 000590237 _____ C:\Users\AnnaBlacker\Downloads\Wewnętrzna-presja.pdf 2020-11-24 15:54 - 2020-11-24 15:54 - 000590237 _____ C:\Users\AnnaBlacker\Desktop\Wewnętrzna presja.pdf 2020-11-22 19:06 - 2020-11-22 19:06 - 003144715 _____ C:\Users\AnnaBlacker\Downloads\WOPFU Miłosz Resztak.pdf 2020-11-22 18:57 - 2020-11-22 18:57 - 003593271 _____ C:\Users\AnnaBlacker\Downloads\WOPFU Aleksandra Urban.pdf 2020-11-21 19:10 - 2020-11-21 19:10 - 038389392 _____ C:\Users\AnnaBlacker\Downloads\TL-WN722N(EU)_V3_190409_Win8.1.zip 2020-11-21 19:10 - 2020-11-21 19:10 - 000000000 ____D C:\ProgramData\TP-Link 2020-11-21 19:09 - 2020-11-21 19:09 - 038553647 _____ C:\Users\AnnaBlacker\Downloads\TL-WN722N(EU)_V3_190409_Win10.zip 2020-11-21 19:09 - 2020-11-21 19:09 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Local\TP-Link 2020-11-21 18:55 - 2020-12-03 21:17 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Roaming\discord 2020-11-21 18:54 - 2020-12-07 19:21 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Local\Discord 2020-11-21 18:53 - 2020-11-21 18:53 - 062636856 _____ (Discord Inc.) C:\Users\AnnaBlacker\Downloads\DiscordSetup.exe 2020-11-20 13:52 - 2020-11-20 13:52 - 000204041 _____ C:\Users\AnnaBlacker\Documents\IMG_20201120_0001.pdf 2020-11-19 16:30 - 2020-11-19 16:30 - 000036925 _____ C:\Users\AnnaBlacker\Downloads\Pasek_20200702.zip 2020-11-19 16:28 - 2020-11-19 16:28 - 000037409 _____ C:\Users\AnnaBlacker\Downloads\Pasek_20200703.zip 2020-11-16 21:09 - 2020-11-16 21:09 - 001479837 _____ C:\Users\AnnaBlacker\Downloads\Fioletowy i Różowy Nowoczesny Praca z Domu Prosty Prezentacja.pdf 2020-11-16 20:49 - 2020-11-16 20:50 - 006745336 _____ C:\Users\AnnaBlacker\Downloads\Kopia Środki psychoaktywne wśród młodzieży.pdf 2020-11-15 22:47 - 2020-11-15 22:47 - 002315857 _____ C:\Users\AnnaBlacker\Downloads\UKW_Zaangazowanie-w-hazard-mlodziezy.pdf 2020-11-15 20:45 - 2020-11-15 20:45 - 004727338 _____ C:\Users\AnnaBlacker\Downloads\uzaleznienia_behawioralne_-_przyczyny_uzaleznien,_sposoby_zaradcze_i_pomoc.pdf 2020-11-15 20:44 - 2020-11-15 20:45 - 010320279 _____ C:\Users\AnnaBlacker\Downloads\uzaleznienia_behawioralne_-_rodzaje_oraz_skala_zjawiska._sygnaly_ostrzegawcze_i_skutki.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-12-07 23:09 - 2013-12-08 19:18 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2666162162-467456769-3201493010-1001 2020-12-07 23:04 - 2014-01-03 22:44 - 000000000 ___DO C:\Users\AnnaBlacker\SkyDrive 2020-12-07 22:56 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp 2020-12-07 22:47 - 2013-12-08 19:13 - 001817498 _____ C:\Windows\system32\PerfStringBackup.INI 2020-12-07 22:47 - 2013-08-23 00:12 - 000802458 _____ C:\Windows\system32\perfh015.dat 2020-12-07 22:47 - 2013-08-23 00:12 - 000161148 _____ C:\Windows\system32\perfc015.dat 2020-12-07 22:47 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2020-12-07 22:43 - 2014-09-20 15:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-12-07 22:42 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-12-07 22:24 - 2014-01-25 21:32 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Local\ElevatedDiagnostics 2020-12-07 21:55 - 2013-12-10 19:47 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Local\cache 2020-12-07 21:05 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\ModemLogs 2020-12-07 20:58 - 2020-09-02 14:25 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Roaming\Zoom 2020-12-07 20:57 - 2013-12-08 19:13 - 000000000 ____D C:\Users\AnnaBlacker 2020-12-07 20:57 - 2013-08-22 14:25 - 001310720 ___SH C:\Windows\system32\config\BBI 2020-12-07 20:48 - 2020-05-02 12:16 - 000000000 ____D C:\AdwCleaner 2020-12-07 20:34 - 2013-08-22 16:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2020-12-07 20:21 - 2013-12-08 19:13 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Local\Packages 2020-12-07 20:21 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-07 20:21 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness 2020-12-07 20:13 - 2013-12-20 10:13 - 000000000 ____D C:\GRY 2020-12-07 20:12 - 2014-01-29 18:52 - 000000000 ____D C:\Program Files (x86)\Free HD Converter 2020-12-07 20:06 - 2014-06-19 18:56 - 000000000 ____D C:\Program Files (x86)\Winamp 2020-12-07 20:05 - 2014-07-17 14:54 - 000000000 ____D C:\Hermes 2020-12-07 20:03 - 2014-01-04 14:11 - 000000000 ____D C:\ProgramData\Apple 2020-12-07 20:02 - 2018-07-03 22:58 - 000000000 ____D C:\Program Files\Common Files\Vectric 2020-12-07 19:53 - 2015-11-05 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2020-12-07 19:50 - 2014-11-25 20:12 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Local\ABBYY 2020-12-07 19:46 - 2014-09-20 15:24 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Roaming\TeamViewer 2020-12-07 19:46 - 2014-01-29 18:57 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Local\CrashDumps 2020-12-07 19:46 - 2014-01-17 21:33 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Roaming\PhotoScape 2020-12-07 19:46 - 2013-12-21 10:16 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Roaming\MPC-HC 2020-12-07 19:28 - 2020-01-02 15:29 - 000000000 ____D C:\Users\AnnaBlacker\Desktop\STUDIA I KURSY 2020-12-07 19:22 - 2017-05-26 20:49 - 000000032 _____ C:\Windows\0 2020-12-07 09:32 - 2020-07-07 21:28 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-07 09:25 - 2019-10-31 11:22 - 000000000 ____D C:\ProgramData\CanonIJPLM 2020-12-03 21:15 - 2019-01-11 08:25 - 000001416 _____ C:\Users\AnnaBlacker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2020-11-25 16:39 - 2020-07-07 21:27 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-25 16:39 - 2020-07-07 21:27 - 000003282 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-24 15:55 - 2016-10-28 17:03 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-11-21 18:55 - 2020-07-13 21:41 - 000000000 ____D C:\Users\AnnaBlacker\AppData\Local\SquirrelTemp 2020-11-15 22:18 - 2013-12-16 17:56 - 000000000 ____D C:\Windows\system32\MRT 2020-11-15 21:31 - 2013-12-16 17:56 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2020-11-15 20:51 - 2015-03-16 10:55 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-05-02 12:02 - 2020-05-02 12:02 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2020-05-02 12:02 - 2020-05-02 12:02 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2017-05-13 19:26 - 2017-05-13 19:26 - 374428160 _____ () C:\Users\AnnaBlacker\AppData\Roaming\Launcher.dat 2014-09-01 09:18 - 2014-09-01 09:18 - 000001248 _____ () C:\Users\AnnaBlacker\AppData\Roaming\VHBNHBS 2016-02-13 19:21 - 2016-07-26 16:44 - 000000132 _____ () C:\Users\AnnaBlacker\AppData\Roaming\WB.CFG 2020-05-02 12:02 - 2020-05-02 12:02 - 000000561 _____ () C:\Users\AnnaBlacker\AppData\Local\bowsakkdestx.txt 2014-01-04 12:54 - 2018-10-13 22:10 - 000014336 _____ () C:\Users\AnnaBlacker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2020-12-07 21:55 - 2020-12-07 21:55 - 000000000 _____ () C:\Users\AnnaBlacker\AppData\Local\infection.log 2020-06-09 15:57 - 2020-06-09 15:57 - 000002491 _____ () C:\Users\AnnaBlacker\AppData\Local\recently-used.xbel 2020-05-02 12:02 - 2020-05-02 12:02 - 000000049 _____ () C:\Users\AnnaBlacker\AppData\Local\script.ps1 2020-06-19 15:01 - 2020-06-19 15:01 - 000000000 _____ () C:\Users\AnnaBlacker\AppData\Local\{CD2B5232-E5DE-40B8-94C3-FBFBE85A2DBB} ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-12-07 21:10 ==================== Koniec FRST.txt ========================