Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-02-2022 Uruchomiony przez jware (administrator) IGUSIA (MSI MS-7681) (06-02-2022 17:16:09) Uruchomiony z C:\Users\jware\Desktop Załadowane profile: jware Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.1466 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\54.0.3.0\crashpad_handler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11> (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [C:\WINDOWS\system32\V0770Ext.ax] => C:\WINDOWS\system32\RegSvr32.exe /s C:\WINDOWS\system32\V0770Ext.ax (Brak pliku) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [V0770Mon.exe] => C:\WINDOWS\V0770Mon.exe [43120 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.) HKLM-x32\...\Run: [C:\WINDOWS\System32\V0770Ext.ax] => C:\WINDOWS\system32\RegSvr32.exe /s C:\WINDOWS\System32\V0770Ext.ax (Brak pliku) HKLM-x32\...\Run: [TrayProcess] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayProcess.exe [1413768 2021-07-02] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe [55330648 2022-01-11] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe [55330648 2022-01-11] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2404278863-482792713-4167860027-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2404278863-482792713-4167860027-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> ) HKU\S-1-5-21-2404278863-482792713-4167860027-1002\...\Run: [CiscoMeetingDaemon] => C:\Users\jware\AppData\Local\WebEx\ciscowebexstart.exe [4525896 2021-06-26] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-2404278863-482792713-4167860027-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe [55330648 2022-01-11] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2404278863-482792713-4167860027-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7089888 2021-12-24] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe [55330648 2022-01-11] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\SSP7MPC: C:\Windows\System32\spool\prtprocs\x64\ssp7mpc.dll [36864 2011-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider) HKLM\...\Windows x64\Print Processors\us015PC: C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\Windows\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2020-01-29] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com)) HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [38824 2021-06-12] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\SSP7M Langmon: C:\WINDOWS\system32\ssp7ml6.dll [34304 2011-06-22] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\us008 Langmon: us008lm.dll HKLM\...\Print\Monitors\us015 Langmon: C:\WINDOWS\system32\us015lm.dll [31096 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-20] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {A4D79EA5-0B81-4528-BA1F-C33B03F09BC9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{24c60f65-ea72-41f4-82c0-eb3c1d1474f2}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: C:\Users\jware\Downloads Edge HomeButtonPage: HKU\S-1-5-21-2404278863-482792713-4167860027-1002 -> hxxps://www.google.pl/ Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\jware\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-06] Edge DownloadDir: Default -> C:\Users\jware\Downloads Edge Notifications: Default -> hxxps://czytam.pl; hxxps://ebok.pgnig.pl; hxxps://freebitco.in; hxxps://programtv.onet.pl; hxxps://www.pkobp.pl Edge HomePage: Default -> hxxps://www.google.pl/ Edge StartupUrls: Default -> "hxxps://google.pl/" Edge Extension: (Google Translate for Selected Text) - C:\Users\jware\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\obocpangfamkffjllmcfnieeoacoheda [2020-12-14] Edge Extension: (uBlock Origin) - C:\Users\jware\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-01-18] Edge Extension: (Super proste automatyczne odświeżanie) - C:\Users\jware\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pgkgdkdbeiajlbfglhnabmkbbfojoncd [2020-12-16] Edge Profile: C:\Users\jware\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-02-05] FireFox: ======== FF DefaultProfile: 5p3pg3hv.default FF ProfilePath: C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\5p3pg3hv.default [2020-10-29] FF user.js: detected! => C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\5p3pg3hv.default\user.js [2020-01-23] FF ProfilePath: C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562 [2022-02-06] FF Homepage: Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562 -> hxxps://www.google.pl/ FF Notifications: Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562 -> hxxps://ebok.pgnig.pl; hxxps://freebitco.in FF Extension: (Check4Change) - C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562\Extensions\check4change-owner@mozdev.org.xpi [2021-08-14] FF Extension: (Deutsch (DE) Language Pack) - C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562\Extensions\langpack-de@firefox.mozilla.org.xpi [2022-01-27] FF Extension: (Snap Links) - C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562\Extensions\snaplinks@snaplinks.mozdev.org.xpi [2021-10-22] FF Extension: (LastPass: Free Password Manager) - C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562\Extensions\support@lastpass.com.xpi [2022-02-01] FF Extension: (Google Translator for Firefox) - C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562\Extensions\translator@zoli.bod.xpi [2020-10-31] FF Extension: (uBlock Origin) - C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562\Extensions\uBlock0@raymondhill.net.xpi [2022-01-13] FF Extension: (EPUBReader) - C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2020-06-23] FF Extension: (tabs2txt) - C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562\Extensions\{70f84a3b-6308-43c7-8373-25873cdab5cc}.xpi [2021-03-27] FF Extension: (NoScript) - C:\Users\jware\AppData\Roaming\Mozilla\Firefox\Profiles\9bvbvf23.default-release-1579819269562\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-02-05] FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi => nie znaleziono FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-02-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default [2022-02-05] CHR Extension: (Prezentacje) - C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-04] CHR Extension: (Dokumenty) - C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-04] CHR Extension: (Dysk Google) - C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-12] CHR Extension: (YouTube) - C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-04] CHR Extension: (Arkusze) - C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-04] CHR Extension: (Dokumenty Google offline) - C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-22] CHR Extension: (Video Speed Controller) - C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2021-10-22] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-22] CHR Extension: (e-pity - dodatek) - C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2021-10-22] CHR Extension: (Gmail) - C:\Users\jware\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR HKU\S-1-5-21-2404278863-482792713-4167860027-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-02] (Microsoft Corporation -> Microsoft Corporation) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [43656 2021-07-02] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-14] (Microsoft Windows Publisher -> Microsoft Corporation) R3 VssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{E23EB829-BD62-418B-A17A-9D9ADC94B4BC} [21312 2020-11-10] (Microsoft Windows -> Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [74296 2021-04-25] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [54328 2021-04-25] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2021-04-25] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2021-04-25] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 V0770Vid; C:\WINDOWS\system32\DRIVERS\V0770Vid.sys [390136 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-02-06 17:16 - 2022-02-06 17:16 - 000017996 _____ C:\Users\jware\Desktop\FRST.txt 2022-02-06 17:15 - 2022-02-06 17:16 - 000000000 ____D C:\FRST 2022-02-06 17:15 - 2022-02-06 17:15 - 000000000 ____D C:\Users\jware\Desktop\FRST-OlderVersion 2022-02-06 17:13 - 2022-02-06 17:15 - 002311680 _____ (Farbar) C:\Users\jware\Desktop\FRST64.exe 2022-02-06 13:34 - 2022-02-06 13:38 - 000017851 _____ C:\Users\jware\Desktop\carapas.xlsx — skrót .lnk.xlsx 2022-02-05 23:43 - 2022-02-06 13:45 - 000001308 _____ C:\Users\jware\Desktop\ESET Online Scanner.lnk 2022-02-05 23:36 - 2022-02-05 23:36 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-02-05 23:36 - 2022-02-05 23:36 - 000003416 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b766fa6e9274 2022-02-05 23:11 - 2022-02-05 23:53 - 000000000 ____D C:\Users\jware\AppData\Roaming\Intel Rapid 2022-02-05 23:11 - 2022-02-05 23:11 - 000000000 ____D C:\Users\jware\AppData\Roaming\jerald 2022-02-05 22:26 - 2022-02-05 22:26 - 007038790 _____ C:\Users\jware\Downloads\GT-I8200_UM_Open_Jellybean_Pol_Rev.1.0_140317.pdf 2022-02-05 22:10 - 2022-02-05 22:10 - 000019146 _____ C:\Users\jware\Documents\cc_20220205_221049.reg 2022-02-05 22:07 - 2022-02-05 22:07 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2022-02-02 21:06 - 2022-02-02 21:06 - 000002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2022-02-02 20:41 - 2022-02-02 20:41 - 000035640 _____ C:\Users\jware\Desktop\caraC.rec 2022-01-29 15:33 - 2022-01-29 15:33 - 000000136 _____ C:\Users\jware\Desktop\opinia.txt 2022-01-28 16:51 - 2022-01-28 16:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-01-28 15:43 - 2022-01-28 23:36 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-01-14 01:56 - 2022-01-14 01:56 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-01-14 01:56 - 2022-01-14 01:56 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-01-14 01:56 - 2022-01-14 01:56 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-01-14 01:49 - 2022-01-14 01:49 - 000000000 ___HD C:\$WinREAgent 2022-01-11 10:06 - 2022-01-11 10:06 - 000110225 _____ C:\Users\jware\Documents\covid Kazik.pdf 2022-01-11 10:04 - 2022-01-11 10:04 - 000110222 _____ C:\Users\jware\Documents\Covid Iga.pdf 2022-01-08 16:18 - 2022-01-31 23:33 - 000000000 ____D C:\Users\jware\Documents\PITY2021 2022-01-08 16:06 - 2022-01-08 16:06 - 000001197 _____ C:\Users\jware\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\e-pity 2021 - program, pity roczne, e-deklaracje.lnk 2022-01-08 16:06 - 2022-01-08 16:06 - 000001167 _____ C:\Users\jware\Desktop\e-pity 2021 - program, pity roczne, e-deklaracje.lnk 2022-01-08 16:05 - 2022-01-08 16:05 - 035279032 _____ (e-file sp. z o.o. sp.k. ) C:\Users\jware\Downloads\setup_e-pity2021_lpephome.exe ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-02-06 17:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration 2022-02-06 17:13 - 2020-11-10 14:45 - 001768048 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-02-06 17:13 - 2019-12-07 16:09 - 000784340 _____ C:\WINDOWS\system32\perfh015.dat 2022-02-06 17:13 - 2019-12-07 16:09 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat 2022-02-06 17:13 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-02-06 17:12 - 2020-01-22 14:13 - 000000000 ____D C:\ProgramData\Mozilla 2022-02-06 17:11 - 2020-01-22 14:13 - 000000000 ____D C:\Users\jware\AppData\LocalLow\Mozilla 2022-02-06 17:09 - 2020-01-22 14:31 - 000000000 ____D C:\Program Files (x86)\Google 2022-02-06 17:07 - 2020-11-10 14:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-02-06 17:07 - 2020-11-10 14:35 - 000008192 ___SH C:\DumpStack.log.tmp 2022-02-06 17:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-02-06 17:06 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-02-06 16:57 - 2020-03-05 15:00 - 000000000 ____D C:\Users\jware\Documents\_notatki 2022-02-06 14:28 - 2020-11-10 14:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-02-06 14:26 - 2020-01-22 14:01 - 000000000 ____D C:\Program Files\KMSpico 2022-02-06 13:45 - 2020-10-07 22:05 - 000001414 _____ C:\Users\jware\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-02-06 13:30 - 2021-12-18 00:48 - 000000139 _____ C:\Users\jware\Desktop\tinytask-1-77.ini 2022-02-06 12:58 - 2020-03-10 21:36 - 000000000 ____D C:\Users\jware\AppData\Roaming\Telegram Desktop 2022-02-05 23:40 - 2020-01-22 19:25 - 000000000 ____D C:\_Wazne 2022-02-05 23:32 - 2020-12-27 20:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2022-02-05 23:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-02-05 23:15 - 2020-01-22 14:32 - 000000000 ____D C:\Program Files\CCleaner 2022-02-05 23:01 - 2020-02-04 13:45 - 000000000 ____D C:\Users\jware\Documents\IGA 2022-02-05 22:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-02-05 22:42 - 2020-01-22 13:20 - 000000000 ____D C:\Users\jware\AppData\Local\Packages 2022-02-05 18:31 - 2020-01-22 18:41 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2022-02-05 18:31 - 2020-01-22 18:41 - 000000000 ____D C:\Users\jware\AppData\Roaming\Notepad++ 2022-02-04 22:12 - 2021-01-05 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2022-02-04 12:10 - 2020-06-02 22:45 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-02-02 19:50 - 2020-07-20 00:04 - 000000000 ____D C:\Users\jware\Documents\Nagrania dźwiękowe 2022-02-02 19:38 - 2020-01-25 14:13 - 000000000 ____D C:\Users\jware\AppData\Local\ElevatedDiagnostics 2022-02-02 12:13 - 2021-04-08 20:09 - 000000000 ____D C:\Program Files\Microsoft Office 2022-01-29 23:22 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-01-28 23:36 - 2020-01-22 14:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-01-28 16:51 - 2020-01-22 14:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-01-26 21:30 - 2020-11-10 14:36 - 000002459 _____ C:\Users\jware\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-01-24 19:17 - 2021-02-09 19:11 - 000000000 ____D C:\MIOTLA 2022-01-23 16:15 - 2020-06-24 21:49 - 000000000 ____D C:\Users\jware\Downloads\Telegram Desktop 2022-01-20 02:27 - 2020-09-04 23:28 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-01-14 02:14 - 2020-01-23 00:15 - 000000000 ____D C:\Users\jware\AppData\Local\Adobe 2022-01-14 02:01 - 2020-11-10 14:35 - 000439320 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-01-14 02:00 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-01-14 02:00 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-01-14 02:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-01-14 02:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-01-14 02:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-01-14 02:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-01-14 02:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-01-14 02:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-01-14 01:49 - 2020-01-22 23:50 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-01-14 01:46 - 2020-01-22 23:50 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-01-13 22:41 - 2021-11-01 19:22 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-01-13 22:41 - 2021-11-01 19:22 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk 2022-01-12 13:40 - 2021-09-08 21:40 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2022-01-12 13:40 - 2021-09-08 21:40 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk 2022-01-12 13:40 - 2021-09-08 21:40 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2022-01-12 13:40 - 2021-09-08 21:40 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk 2022-01-08 16:06 - 2021-03-12 16:00 - 000000000 ____D C:\Users\jware\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\e-file [ID] 2022-01-08 16:06 - 2020-04-08 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-pity ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-08-03 21:03 - 2021-08-03 22:25 - 000000040 _____ () C:\Users\jware\AppData\Roaming\cdr.ini 2021-06-24 11:33 - 2021-06-24 11:33 - 000000863 _____ () C:\Users\jware\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================