Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 04-08-2022 Uruchomiony przez b.ostalak (administrator) LAP-UG-IT (HP HP ProBook 450 G6) (07-08-2022 15:24:08) Uruchomiony z \\cznnas\UGUsers$\b.ostalak\Downloads Załadowane profile: b.ostalak & MSSQL$SQLEXPRESS & ReportServer$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.1826 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Asseco Data Systems S.A. -> Certum) C:\Program Files (x86)\Certum\proCertum CardManager\cryptoCertumScanner.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (C:\Program Files (x86)\hik\update_server\startUp.exe ->) (Hangzhou Ezviz Software Co., Ltd. -> ) C:\Program Files (x86)\hik\update_server\SPUpDateServer.exe (C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files\APC\PowerChute\group1\pcns.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\APC\PowerChute\jdk-15.0.2\jre\bin\java.exe (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe (C:\Program Files\HP\Sure Click\servers\BrService.exe ->) (Bromium, Inc. -> HP) C:\Program Files\HP\Sure Click\servers\BrHostSvr.exe (C:\Program Files\HP\Sure Click\servers\BrService.exe ->) (Bromium, Inc. -> HP) C:\Program Files\HP\Sure Click\servers\BrPrintHelper.exe <2> (C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdhost.exe (C:\Users\b.ostalak\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\b.ostalak\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe (cmd.exe ->) (Bromium, Inc. -> ) C:\Program Files\HP\Sure Click\servers\BrHostHelper\BrHostHelper.exe <2> (DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxEM.exe (DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_42c4457950e50509\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_42c4457950e50509\x64\BridgeCommunication.exe (explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\b.ostalak\AppData\Local\WebEx\WebexHost.exe (explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (explorer.exe ->) (Learnpulse -> Learnpulse) C:\Users\b.ostalak\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (explorer.exe ->) (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (explorer.exe ->) (Palo Alto Networks -> Palo Alto Networks) C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPA.exe (explorer.exe ->) (Sanford, L.P. -> ) C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectLauncher.exe (explorer.exe ->) (Sanford, L.P.) [Brak podpisu cyfrowego] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe (Hangzhou Ezviz Software Co., Ltd. -> ) C:\Program Files (x86)\hik\update_server\startUp.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <37> (Naukowa i Akademicka Siec Komputerowa -> Naukowa i Akademicka Sieć Komputerowa) C:\Program Files (x86)\Certyfikaty OSE\OSECertCheckerTray.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Podpis Kwalifikowany\jre\bin\javaw.exe (QNAP Systems, Inc. -> QNAP) C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe (Sanford, L.P. -> DYMO.WebApi.Win.Host) C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.WebApi.Win.Host.exe (SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Bromium, Inc. -> HP) C:\Program Files\HP\Security Update Service\4.3.10.420\SecurityUpdateService.exe (services.exe ->) (Bromium, Inc. -> HP) C:\Program Files\HP\Sure Click\servers\BemSvc.exe (services.exe ->) (Bromium, Inc. -> HP) C:\Program Files\HP\Sure Click\servers\BrRemoteMgmtSvc.exe (services.exe ->) (Bromium, Inc. -> HP) C:\Program Files\HP\Sure Click\servers\BrService.exe (services.exe ->) (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_d501376b0829abda\x64\TouchpointAnalyticsClientService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_42c4457950e50509\x64\AppHelperCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_42c4457950e50509\x64\DiagsCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_42c4457950e50509\x64\NetworkCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_42c4457950e50509\x64\SysInfoCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_a2c05caf7c451e5a\HotKeyServiceUWP.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_a2c05caf7c451e5a\LanWlanWwanSwitchingServiceUWP.exe (services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe (services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_98ad395a329efc54\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_393549dac595e659\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_393549dac595e659\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (KYOCERA Document Solutions Inc. -> KYOCERA Document Solutions Inc.) C:\Program Files\KDService\bin\KDService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe (services.exe ->) (Naukowa i Akademicka Siec Komputerowa -> Naukowa i Akademicka Sieć Komputerowa) C:\Program Files (x86)\Certyfikaty OSE\OSECertCheckerService.exe (services.exe ->) (Palo Alto Networks -> Palo Alto Networks) C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPS.exe (services.exe ->) (QNAP Systems, Inc. -> QNAP Systems, Inc.) C:\Program Files\QNAP\NetBak\QVssService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_31adae5d99f8cd09\RtkAudUService64.exe <3> (services.exe ->) (Roger Sp. z o.o. Sp. k. -> Roger sp. z o.o. sp. k.) C:\Program Files (x86)\ROGER\RogerSVC\Roger.Racs.CommunicationServer.exe (services.exe ->) (Sanford, L.P.) [Brak podpisu cyfrowego] C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectPnPService.exe (services.exe ->) (Sanford, L.P.) [Brak podpisu cyfrowego] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe (services.exe ->) (Schneider Electric USA Inc. -> Schneider Electric) C:\Program Files\APC\PowerChute\group1\pcns.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Bromium, Inc. -> HP) C:\Program Files\HP\Sure Click\servers\BrConsole.exe (svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe (svchost.exe ->) (HP) [Brak podpisu cyfrowego] C:\Program Files (x86)\HP\HP ICS\ICS.exe (svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (QNAP Systems, Inc. -> ) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe (SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe (winlogon.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_31adae5d99f8cd09\RtkAudUService64.exe [3491768 2022-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [SimplySignDesktop] => C:\Program Files (x86)\Certum\SimplySign Desktop\SimplySignDesktop.exe [1189456 2020-06-04] (Asseco Data Systems S.A. -> Asseco Data Systems S.A.) HKLM\...\Run: [Seagull Drivers V3] => C:\Program Files\Seagull\Printer Drivers\Common\Seagull_DriverStartup.exe [533776 2021-11-15] (Seagull Scientific, Inc -> Seagull Scientific, Inc.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167552 2022-03-09] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3200856 2022-05-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM\...\Run: [GlobalProtect] => C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPA.exe [13284200 2022-04-26] (Palo Alto Networks -> Palo Alto Networks) HKLM-x32\...\Run: [SimplySignDesktop] => C:\Program Files (x86)\Certum\SimplySign Desktop\SimplySignDesktop.exe [1189456 2020-06-04] (Asseco Data Systems S.A. -> Asseco Data Systems S.A.) HKLM-x32\...\Run: [AutoRegisterCerts] => C:\Program Files (x86)\Certum\proCertum CardManager\cryptoCertumScanner.exe [171088 2020-12-01] (Asseco Data Systems S.A. -> Certum) HKLM-x32\...\Run: [Podpis Kwalifikowany] => C:\Program Files\Podpis Kwalifikowany\pksigner.exe [45937845 2020-03-06] () [Brak podpisu cyfrowego] [Plik w użyciu] HKLM-x32\...\Run: [HPNotifications] => C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [1607816 2021-02-11] (HP Inc. -> HP) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SPUpDateServerrun] => C:\Program Files (x86)\hik\update_server\startUp.exe [27352 2020-07-30] (Hangzhou Ezviz Software Co., Ltd. -> ) HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [5428752 2021-09-24] (QNAP Systems, Inc. -> QNAP) HKLM-x32\...\Run: [DLSWebSvc] => C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.DLS.Printing.Host.exe [5130240 2021-03-18] (Sanford, L.P.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [DYMOWebApi] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.WebApi.Win.Host.exe [180474904 2021-09-16] (Sanford, L.P. -> DYMO.WebApi.Win.Host) HKLM-x32\...\Run: [DymoOfficeHelper] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.OfficeHelper.exe [63488 2021-09-16] () [Brak podpisu cyfrowego] HKLM-x32\...\Run: [Monitor certyfikatu OSE] => C:\Program Files (x86)\Certyfikaty OSE\OseCertCheckerTray.exe [154832 2019-08-12] (Naukowa i Akademicka Siec Komputerowa -> Naukowa i Akademicka Sieć Komputerowa) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKU\S-1-5-21-1702512430-1667816713-2583525857-1705\...\Run: [Screenpresso] => C:\Users\b.ostalak\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [18179080 2022-06-23] (Learnpulse -> Learnpulse) HKU\S-1-5-21-1702512430-1667816713-2583525857-1705\...\Run: [] => [X] HKU\S-1-5-21-1702512430-1667816713-2583525857-1705\...\Run: [DYMOConnectLauncher] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectLauncher.exe [163456 2021-09-16] (Sanford, L.P. -> ) HKU\S-1-5-21-1702512430-1667816713-2583525857-1705\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [2033664 2021-03-18] (Sanford, L.P.) [Brak podpisu cyfrowego] HKU\S-1-5-21-1702512430-1667816713-2583525857-1705\...\Run: [CiscoMeetingDaemon] => C:\Users\b.ostalak\AppData\Local\WebEx\WebexHost.exe [7824160 2022-07-29] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-1702512430-1667816713-2583525857-1705\...\Run: [MicrosoftEdgeAutoLaunch_88A832A644D52AF379A42930260D133B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827112 2022-08-04] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\...\Windows x64\Print Processors\hpcpp210: C:\Windows\System32\spool\prtprocs\x64\hpcpp210.dll [769776 2017-08-23] (HP Inc. -> HP Inc.) HKLM\...\Windows x64\Print Processors\hpcpp250: C:\Windows\System32\spool\prtprocs\x64\hpcpp250.dll [850024 2020-08-20] (HP Inc. -> HP Inc.) HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\DYMO LabelWriter Monitor: C:\WINDOWS\system32\LW400MON.DLL [16384 2021-03-15] (Microsoft Windows Hardware Compatibility Publisher -> DYMO Corp.) HKLM\...\Print\Monitors\HP c12a Status Monitor: C:\WINDOWS\system32\hpinkstsc12aLM.dll [476336 2019-09-16] (HP Inc -> HP Inc.) HKLM\...\Print\Monitors\HPMLM190: C:\WINDOWS\system32\hpmlm190.dll [310696 2017-08-23] (HP Inc. -> HP Inc.) HKLM\...\Print\Monitors\HPMLM225: C:\WINDOWS\system32\hpmlm225.dll [315496 2020-08-20] (HP Inc. -> HP Inc.) HKLM\...\Print\Monitors\KM Language Monitor: C:\WINDOWS\system32\KMPJL64.DLL [106240 2019-04-09] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.) HKLM\...\Print\Monitors\KX Language Monitor: C:\WINDOWS\system32\KXPLM64.DLL [124376 2019-04-09] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.) HKLM\...\Print\Monitors\Seagull V3 Network Monitor: C:\WINDOWS\system32\Seagull_V3_NetMonDispatcher.dll [382168 2021-11-15] (Seagull Scientific Inc. -> Seagull Scientific, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.79\Installer\chrmstp.exe [2022-08-04] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{25CA8579-1BD8-469c-B9FC-6AC45A161C18}] -> C:\WINDOWS\system32\PanV2CredProv.dll [2022-04-26] (Palo Alto Networks -> ) Lsa: [Notification Packages] DPPassFilter scecli Startup: C:\Users\b.ostalak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2022-05-05] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) GroupPolicy: Ograniczenia - Chrome <==== UWAGA GroupPolicy\User: Ograniczenia ? <==== UWAGA GroupPolicy-Firefox: Ograniczenia <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0093C10A-AEE8-4DC3-BB31-0B264810B1D5} - System32\Tasks\HP\HP ICS\ICS => C:\Program Files (x86)\HP\HP ICS\ICS.exe [76820480 2022-04-12] (HP) [Brak podpisu cyfrowego] "C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" został odblokowany. <==== UWAGA Task: {010D810F-D834-43E9-BD78-3CA81B376DC2} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-11-19] (Microsoft Windows -> Microsoft Corporation) "C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" został odblokowany. <==== UWAGA Task: {29B52FB8-713E-4E56-BF89-5E7AAD6264A7} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-11-19] (Microsoft Windows -> Microsoft Corporation) Task: {2CB5F938-FC80-4C07-A9EC-C189AF72CB1B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {2E408094-162C-44CE-835F-BE7E86145E15} - System32\Tasks\HP\Sure Click\Sure Click 4.3.11.45 => C:\Program Files\HP\Sure Click\servers\BrLauncher.exe [2650984 2022-07-08] (Bromium, Inc. -> HP) Task: {46163C6C-DE3F-43E5-9170-560252F9ADA6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {63412DAA-CA54-4DF7-B7C3-735B0536A9B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-07-27] (HP Inc. -> HP Inc.) Task: {6CB493BA-A1E1-45AD-AF46-7BEEB95DF738} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\windows\explorer.exe /NOUACCHECK Task: {6FA10795-D4C3-4B17-A90A-F67673C74331} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {78933920-F50F-42BB-877F-A6004D3CB879} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64416 2022-07-11] (Microsoft Corporation -> Microsoft Corporation) Task: {804F3E34-3F5D-4844-90B3-A3B1BFF9159F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {8A2C74B0-3A24-49D0-900F-415ACCBB691A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {91FBA242-E33D-48F5-AFE5-C06118A96F1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-21] (Google LLC -> Google LLC) Task: {94C4E7F6-C9D8-4B10-8B26-E68DF190D80B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-21] (Google LLC -> Google LLC) Task: {96A07052-E408-42DB-A8EA-8D952A446F21} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2021-09-08] () [Brak podpisu cyfrowego] Task: {A380D303-FFDD-41FD-ADBE-41BCBE456B4D} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice Task: {A88A1623-CC1F-41CF-881E-6A9BE8F4A76D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {B471C93A-A8E2-4A30-927A-204EFF2BECFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [412744 2022-07-27] (HP Inc. -> HP Inc.) Task: {BB202C6D-A5E7-4A2E-9BB5-706BD51ACD48} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {D3523EB7-0174-48C0-99BE-496F1C5CD428} - System32\Tasks\HP\Sure Click\Tray icon 4.3.11.45 => C:\Program Files\HP\Sure Click\servers\BrConsole.exe [325480 2022-07-08] (Bromium, Inc. -> HP) Task: {E0F555E9-2C6E-4171-BC77-DD709EC0F4B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-07-27] (HP Inc. -> HP Inc.) Task: {F8B39F26-A470-46CB-AA90-02FCA0931A67} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1740816 2021-09-24] (QNAP Systems, Inc. -> ) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.71.254 Tcpip\..\Interfaces\{11580C49-940F-4B97-A4A7-2D2E889C4E6B}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{44da1c10-c2ac-444e-80f2-a92af8d0edb1}: [DhcpNameServer] 192.168.71.254 Tcpip\..\Interfaces\{48352BEC-35E4-436B-A9B3-CF2EF53899EE}: [DhcpNameServer] 178.219.96.3 178.219.96.4 194.204.152.34 194.204.159.1 Tcpip\..\Interfaces\{92dd2ebc-5786-4d50-8b24-b4854fe9b017}: [DhcpNameServer] 192.168.71.254 Tcpip\..\Interfaces\{9CF795B9-5383-4C8A-9300-136D08569C42}: [DhcpNameServer] 62.179.1.63 62.179.1.62 Tcpip\..\Interfaces\{A3A644B4-3983-4E3F-8BBA-E7958238A895}: [DhcpNameServer] 194.204.152.34 194.204.159.1 Tcpip\..\Interfaces\{b0055d46-7065-46ce-8031-d3c5000579fb}: [DhcpNameServer] 62.179.1.63 62.179.1.62 Tcpip\..\Interfaces\{E03AF257-15A3-41D5-89E4-D39558F376F0}: [DhcpNameServer] 194.204.152.34 194.204.159.1 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\b.ostalak\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-07] Edge Extension: (HP Wolf Security Extension) - C:\Users\b.ostalak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aoganjpeihhkhippgnniaclfocnihgln [2022-05-30] FireFox: ======== FF DefaultProfile: qx81afa0.default FF ProfilePath: C:\Users\b.ostalak\AppData\Roaming\Mozilla\Firefox\Profiles\qx81afa0.default [2022-08-07] FF user.js: detected! => C:\Users\b.ostalak\AppData\Roaming\Mozilla\Firefox\Profiles\qx81afa0.default\user.js [2021-12-07] FF ProfilePath: C:\Users\b.ostalak\AppData\Roaming\Mozilla\Firefox\Profiles\m454b5ma.default-release [2022-08-07] FF user.js: detected! => C:\Users\b.ostalak\AppData\Roaming\Mozilla\Firefox\Profiles\m454b5ma.default-release\user.js [2021-12-07] FF Notifications: Mozilla\Firefox\Profiles\m454b5ma.default-release -> hxxps://selfcare.upc.pl FF Extension: (Rozszerzenie Cisco Webex) - C:\Users\b.ostalak\AppData\Roaming\Mozilla\Firefox\Profiles\m454b5ma.default-release\Extensions\ciscowebexstart1@cisco.com.xpi [2022-07-22] FF Extension: (HP Wolf Security Extension) - C:\Users\b.ostalak\AppData\Roaming\Mozilla\Firefox\Profiles\m454b5ma.default-release\Extensions\firefoxhpwolfsecurityextension@bromium.com.xpi [2022-05-29] [UpdateUrl:hxxps://addons.bromium-online.com/updates.json] FF Extension: (Użyj Google Translate) - C:\Users\b.ostalak\AppData\Roaming\Mozilla\Firefox\Profiles\m454b5ma.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-30] FF Extension: (Szafir SDK Web) - C:\Users\b.ostalak\AppData\Roaming\Mozilla\Firefox\Profiles\m454b5ma.default-release\Extensions\{5e118bad-a840-4256-bd31-296194533aac}.xpi [2021-03-24] [UpdateUrl:hxxps://www.elektronicznypodpis.pl/download/webmodule/firefox/updates.json] FF Extension: (Video DownloadHelper) - C:\Users\b.ostalak\AppData\Roaming\Mozilla\Firefox\Profiles\m454b5ma.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-04-06] FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [brofox_host@bromium.com] - C:\Program Files\HP\Sure Click\4.1.6.3285\servers\FakeDir => nie znaleziono FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @DVR/npmedia,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npmedia.dll [Brak pliku] FF Plugin-x32: @DVR/npplugin,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin_V2\npPlugin.dll [2016-03-09] (Zhejiang Dahua Technology CO.,LTD. -> ) FF Plugin-x32: @DVR/npTimeGrid,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npTimeGrid.dll [2015-03-10] (Unauthorized copy) [Brak podpisu cyfrowego] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @IPC/npmedia3.0.0.2,version=3.0.0.2 -> C:\Program Files\webrec\Torch\3.0.0.2\npmedia3.0.0.2.dll [2014-04-11] (ZheJiang Dahua Technology CO.,LTD. -> ) FF Plugin-x32: @IPC/npmedia3.3.16941.0,version=3.3.16941.0 -> C:\Program Files\webrec\Torch\3.3.16941.0\npmedia3.3.16941.0.dll [2020-06-01] (Zhejiang Dahua Technology CO.,LTD. -> ) FF Plugin-x32: @IPC/npmedia3.3.192509.0,version=3.3.192509.0 -> C:\Program Files\webrec\Torch\3.3.192509.0\npmedia3.3.192509.0.dll [2020-07-03] (Zhejiang Dahua Technology CO.,LTD. -> ) FF Plugin-x32: @IPC/npmedia3.3.27645.0,version=3.3.27645.0 -> C:\Program Files\webrec\Torch\3.3.27645.0\npmedia3.3.27645.0.dll [2019-12-11] (Zhejiang Dahua Technology CO.,LTD. -> ) FF Plugin-x32: @IPC/npmedia3.3.977837.0,version=3.3.977837.0 -> C:\Program Files\webrec\Torch\3.3.977837.0\npmedia3.3.977837.0.dll [2020-07-02] (Zhejiang Dahua Technology CO.,LTD. -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @NVR/npmedia4.1.511.0,version=4.1.511.0 -> C:\Program Files (x86)\webrec\Torch\4.1.511.0\npmedia.dll [2021-01-18] (Zhejiang Dahua Technology CO.,LTD. -> ) FF Plugin-x32: @NVR/npmedia4.1.63.0,version=4.1.63.0 -> C:\Program Files (x86)\webrec\Torch\4.1.63.0\npmedia.dll [2021-05-28] () [Brak podpisu cyfrowego] FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2020-10-21] (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> ) FF Plugin HKU\S-1-5-21-1702512430-1667816713-2583525857-1705: msview -> C:\windows\system32\npmsview.dll [Brak pliku] FF Plugin HKU\S-1-5-21-2951668450-138919431-2350860387-1001: msview -> C:\windows\system32\npmsview.dll [Brak pliku] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2020-12-01] <==== UWAGA (Linkuje do pliku *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-08-07] FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2020-12-01] <==== UWAGA Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Default [2022-08-07] CHR Extension: (Prezentacje) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-21] CHR Extension: (Dokumenty) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-21] CHR Extension: (Dysk Google) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-21] CHR Extension: (YouTube) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-21] CHR Extension: (Arkusze) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-21] CHR Extension: (Dokumenty Google offline) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-21] CHR Extension: (HP Sure Click Secure Browsing) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpmlagmcbcnjhkdjiofoenkfbaclgjkk [2021-11-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-21] CHR Extension: (Gmail) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-21] CHR Profile: C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-02] CHR Profile: C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-04-02] CHR Extension: (Prezentacje) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-21] CHR Extension: (Dokumenty) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-21] CHR Extension: (Dysk Google) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-21] CHR Extension: (YouTube) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-21] CHR Extension: (Arkusze) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-21] CHR Extension: (Dokumenty Google offline) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-02] CHR Extension: (HP Sure Click Secure Browsing) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpmlagmcbcnjhkdjiofoenkfbaclgjkk [2021-11-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-21] CHR Extension: (Gmail) - C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-21] CHR Profile: C:\Users\b.ostalak\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-02] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 BrEndpointSvc; c:\Program Files\HP\Sure Click\servers\BemSvc.exe [4318056 2022-07-08] (Bromium, Inc. -> HP) R2 BrRmService; C:\Program Files\HP\Sure Click\servers\BrRemoteMgmtSvc.exe [4202344 2022-07-08] (Bromium, Inc. -> HP) R2 BrService; C:\Program Files\HP\Sure Click\servers\BrService.exe [10300264 2022-07-08] (Bromium, Inc. -> HP) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111288 2022-07-20] (Microsoft Corporation -> Microsoft Corporation) R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [529072 2019-06-20] (DigitalPersona, Inc. -> Crossmatch, Inc.) R2 DYMOConnectPnPService; C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectPnPService.exe [26112 2021-09-16] (Sanford, L.P.) [Brak podpisu cyfrowego] R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [27136 2021-03-18] (Sanford, L.P.) [Brak podpisu cyfrowego] S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [44568 2022-03-09] (ESET, spol. s r.o. -> ESET) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3143584 2022-03-09] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3143584 2022-03-09] (ESET, spol. s r.o. -> ESET) R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1459208 2021-10-21] (ESET, spol. s r.o. -> ESET) R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [350008 2020-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_a2c05caf7c451e5a\HotKeyServiceUWP.exe [1553504 2022-04-28] (HP Inc. -> HP Inc.) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.) R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_42c4457950e50509\x64\AppHelperCap.exe [770576 2022-06-21] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_42c4457950e50509\x64\DiagsCap.exe [769016 2022-06-21] (HP Inc. -> HP Inc.) R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_42c4457950e50509\x64\NetworkCap.exe [762360 2022-06-21] (HP Inc. -> HP Inc.) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149448 2020-07-23] (HP Inc. -> HP) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_42c4457950e50509\x64\SysInfoCap.exe [769016 2022-06-21] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_d501376b0829abda\x64\TouchpointAnalyticsClientService.exe [489712 2022-05-26] (HP Inc. -> HP Inc.) R2 KDService; C:\Program Files\KDService\bin\KDService.exe [529424 2019-04-09] (KYOCERA Document Solutions Inc. -> KYOCERA Document Solutions Inc.) R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_a2c05caf7c451e5a\LanWlanWwanSwitchingServiceUWP.exe [602192 2022-04-28] (HP Inc. -> HP Inc.) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [370368 2014-02-21] (Microsoft Corporation -> Microsoft Corporation) R3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation -> Microsoft Corporation) R2 NASK.OSE.CertChecker; C:\Program Files (x86)\Certyfikaty OSE\OSECertCheckerService.exe [19664 2019-08-12] (Naukowa i Akademicka Siec Komputerowa -> Naukowa i Akademicka Sieć Komputerowa) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [Brak podpisu cyfrowego] R2 PanGPS; C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPS.exe [11302760 2022-04-26] (Palo Alto Networks -> Palo Alto Networks) R2 PCNS1; C:\Program Files\APC\PowerChute\group1\pcns.exe [31224 2021-01-22] (Schneider Electric USA Inc. -> Schneider Electric) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [Brak podpisu cyfrowego] R2 QVssService; C:\Program Files\QNAP\NetBak\QVssService.exe [2203448 2019-11-08] (QNAP Systems, Inc. -> QNAP Systems, Inc.) R2 RacsCommunicationServer; C:\Program Files (x86)\ROGER\RogerSVC\Roger.Racs.CommunicationServer.exe [70432 2021-08-20] (Roger Sp. z o.o. Sp. k. -> Roger sp. z o.o. sp. k.) R2 ReportServer$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSRS12.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2450112 2014-02-21] (Microsoft Corporation -> Microsoft Corporation) R2 SECOMNService; C:\WINDOWS\System32\SECOMN64.exe [751104 2022-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) R2 SecurityUpdateService; C:\Program Files\HP\Security Update Service\4.3.10.420\SecurityUpdateService.exe [4320616 2022-05-25] (Bromium, Inc. -> HP) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6232176 2022-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2014-02-21] (Microsoft Corporation -> Microsoft Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14610864 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-28] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-28] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 A38CCID; C:\WINDOWS\system32\DRIVERS\a38ccid.sys [81264 2018-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.) S3 ACR39U; C:\WINDOWS\system32\DRIVERS\acr39u.sys [81264 2018-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.) S3 ACSSCR; C:\WINDOWS\system32\DRIVERS\a38usb.sys [81264 2018-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.) R0 bemk_4_3_11_45; C:\WINDOWS\System32\DRIVERS\bemk_4_3_11_45.sys [292240 2022-07-08] (Bromium, Inc. -> HP) R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [202456 2020-07-07] (BayHub Technology Inc. -> BayHubTech/O2Micro) R0 BrCow_4_3_11_45; C:\WINDOWS\System32\DRIVERS\BrCow_4_3_11_45.sys [70056 2022-07-08] (Bromium, Inc. -> Windows (R) Win 7 DDK provider) R2 BrFilter_4_3_11_45; C:\WINDOWS\System32\DRIVERS\BrFilter_4_3_11_45.sys [237480 2022-07-08] (Bromium, Inc. -> HP) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [184936 2022-03-09] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2022-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [203040 2022-03-09] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70776 2022-03-09] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [111624 2022-03-09] (ESET, spol. s r.o. -> ESET) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.) R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [72792 2021-12-01] (Insecure.Com LLC -> Insecure.Com LLC.) R2 NPF; C:\Program Files (x86)\SADPTool\npf64.sys [36600 2022-05-10] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 PanGpd; C:\WINDOWS\system32\DRIVERS\pangpd.sys [71968 2022-04-26] (Palo Alto Networks -> Palo Alto Networks Inc.) S4 RsFx0300; C:\WINDOWS\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation) R3 uxen; c:\Program Files\HP\Sure Click\bin\uxen.sys [1867168 2022-07-07] (Bromium, Inc. -> HP) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-07-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425192 2021-07-28] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-28] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP) S3 ax_pvi; \??\c:\Program Files\HP\Sure Click\bin\ax_pvi.sys [X] U4 npcap_wifi; Brak ImagePath S3 QDrive; \??\C:\Users\B707D~1.OST\AppData\Local\Temp\QDrive.sys [X] <==== UWAGA ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-08-07 15:23 - 2022-08-07 15:25 - 000000000 ____D C:\FRST 2022-08-06 11:07 - 2022-08-06 11:07 - 000007598 _____ C:\Users\Admin\AppData\Local\Resmon.ResmonCfg 2022-08-06 11:06 - 2022-08-06 11:06 - 000000000 ____D C:\Users\Admin\AppData\Local\Palo Alto Networks 2022-08-06 11:06 - 2022-08-06 11:06 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache 2022-08-06 10:29 - 2022-08-06 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Palo Alto Networks 2022-07-28 10:33 - 2022-07-28 10:33 - 000000000 ____D C:\Users\b.ostalak\.webstartlauncher 2022-07-20 21:16 - 2022-07-20 21:16 - 000000000 ____D C:\Program Files\Palo Alto Networks 2022-07-20 12:57 - 2022-07-20 14:03 - 000000145 _____ C:\Users\b.ostalak\AppData\HWDMdownloads.xml 2022-07-20 12:57 - 2022-07-20 12:57 - 000000000 ____D C:\Users\b.ostalak\AppData\Local\Honeywell 2022-07-20 12:57 - 2022-07-20 12:57 - 000000000 ____D C:\Program Files (x86)\Honeywell Software Downloader 2022-07-16 13:27 - 2022-07-08 01:30 - 000292240 _____ (HP) C:\WINDOWS\system32\Drivers\bemk_4_3_11_45.sys 2022-07-16 13:27 - 2022-07-08 01:30 - 000237480 _____ (HP) C:\WINDOWS\system32\Drivers\BrFilter_4_3_11_45.sys 2022-07-16 13:27 - 2022-07-08 01:30 - 000070056 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\BrCow_4_3_11_45.sys 2022-07-16 13:16 - 2022-07-16 13:16 - 000000000 ____D C:\Users\b.ostalak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebPlugin3.3.16941.0 2022-07-15 14:05 - 2022-07-15 14:05 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-07-15 14:05 - 2022-07-15 14:05 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-07-15 14:05 - 2022-07-15 14:05 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-07-15 14:05 - 2022-07-15 14:05 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll 2022-07-15 14:05 - 2022-07-15 14:05 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll 2022-07-15 14:05 - 2022-07-15 14:05 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-07-15 14:05 - 2022-07-15 14:05 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-07-15 14:05 - 2022-07-15 14:05 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-07-15 14:05 - 2022-07-15 14:05 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2022-07-15 14:05 - 2022-07-15 14:05 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-07-15 14:05 - 2022-07-15 14:05 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-07-15 14:05 - 2022-07-15 14:05 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2022-07-15 14:05 - 2022-07-15 14:05 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-07-15 14:04 - 2022-07-15 14:04 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-07-15 14:04 - 2022-07-15 14:04 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll 2022-07-15 14:04 - 2022-07-15 14:04 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll 2022-07-15 14:04 - 2022-07-15 14:04 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll 2022-07-15 14:03 - 2022-07-15 14:03 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2022-07-15 14:03 - 2022-07-15 14:03 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-07-15 13:40 - 2022-07-15 13:40 - 000000000 ___HD C:\$WinREAgent 2022-07-14 07:25 - 2022-07-14 07:25 - 000000000 ____D C:\Log Files 2022-07-13 19:28 - 2022-07-13 19:28 - 000000000 ____D C:\Users\b.ostalak\AppData\Roaming\Mikrotik 2022-07-13 19:09 - 2022-07-13 19:09 - 000000000 ____D C:\WINDOWS\Panther ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-08-07 15:24 - 2019-12-07 17:10 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2022-08-07 15:21 - 2022-02-10 12:49 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-08-07 15:20 - 2021-11-21 12:52 - 000000000 ____D C:\Program Files (x86)\Google 2022-08-07 15:20 - 2020-08-26 13:22 - 000000000 ____D C:\Users\b.ostalak\AppData\LocalLow\Mozilla 2022-08-07 15:19 - 2021-05-05 14:46 - 000000000 ___RD C:\Users\b.ostalak\OneDrive - czarnocin.pl 2022-08-07 15:18 - 2022-01-26 11:55 - 000000000 ____D C:\Program Files\TeamViewer 2022-08-07 15:18 - 2021-03-03 10:42 - 000008192 ___SH C:\DumpStack.log.tmp 2022-08-07 15:18 - 2020-11-19 01:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-08-07 15:18 - 2020-08-26 13:20 - 000000000 __SHD C:\Users\b.ostalak\IntelGraphicsProfiles 2022-08-07 15:18 - 2020-03-23 19:49 - 000000000 ___HD C:\Intel 2022-08-07 15:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-08-07 15:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-08-07 15:18 - 2019-12-07 11:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI 2022-08-07 15:13 - 2020-08-26 13:27 - 000000000 ____D C:\Users\b.ostalak\AppData\Local\CrashDumps 2022-08-07 15:04 - 2020-08-26 14:18 - 000000000 ____D C:\Users\b.ostalak\AppData\Roaming\KeePass 2022-08-07 14:11 - 2020-11-19 00:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-08-07 14:03 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-07 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-08-07 13:35 - 2021-03-03 10:52 - 002081962 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-08-07 13:35 - 2019-12-07 17:09 - 000896386 _____ C:\WINDOWS\system32\perfh015.dat 2022-08-07 13:35 - 2019-12-07 17:09 - 000197096 _____ C:\WINDOWS\system32\perfc015.dat 2022-08-07 13:35 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-08-07 13:32 - 2020-11-19 01:41 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-08-07 13:28 - 2021-03-17 10:54 - 000000000 ____D C:\Users\b.ostalak\.pksigner 2022-08-06 21:18 - 2020-09-10 09:32 - 000007625 _____ C:\Users\b.ostalak\AppData\Local\resmon.resmoncfg 2022-08-06 13:31 - 2022-07-01 17:30 - 000000000 ____D C:\Users\b.ostalak\AppData\Roaming\Wireshark 2022-08-06 11:06 - 2021-11-24 10:03 - 000000000 ____D C:\Users\Admin\.pksigner 2022-08-06 11:06 - 2020-08-26 13:04 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles 2022-08-06 10:29 - 2020-08-26 13:22 - 000000000 ____D C:\ProgramData\Mozilla 2022-08-05 16:03 - 2021-12-07 21:23 - 000000000 ____D C:\Users\b.ostalak\AppData\Local\Deployment 2022-08-05 13:13 - 2021-12-16 10:26 - 000000000 ____D C:\Users\b.ostalak\AppData\Local\WebEx 2022-08-04 14:46 - 2021-12-08 18:32 - 000000594 _____ C:\Users\b.ostalak\ezpcopensdkconfig_9ffc4da769078eeb963f0897d728be4e.xml 2022-08-04 14:45 - 2021-03-03 10:43 - 000000000 ____D C:\Users\b.ostalak 2022-08-04 10:51 - 2021-02-08 08:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2022-08-04 10:51 - 2020-08-26 13:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-08-04 07:27 - 2021-11-21 12:53 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-08-04 07:17 - 2021-02-13 14:25 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-08-03 15:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool 2022-08-03 15:09 - 2020-08-26 13:19 - 000000224 _____ C:\WINDOWS\system32\config\netlogon.ftl 2022-08-03 13:47 - 2021-12-07 20:48 - 000000000 ____D C:\Users\b.ostalak\AppData\Roaming\DYMOConnect 2022-08-03 07:35 - 2021-09-26 18:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-08-03 07:35 - 2020-08-26 13:22 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-08-03 07:35 - 2020-03-23 20:07 - 000019554 __RSH C:\ProgramData\ntuser.pol 2022-08-01 18:05 - 2020-09-10 08:09 - 000000000 ____D C:\Users\b.ostalak\AppData\Roaming\UltraVNC 2022-07-28 17:03 - 2020-10-28 15:33 - 000013796 _____ C:\Users\b.ostalak\advanced_ip_scanner_MAC.bin 2022-07-28 17:03 - 2020-10-28 15:33 - 000000015 _____ C:\Users\b.ostalak\advanced_ip_scanner_Comments.bin 2022-07-28 17:03 - 2020-10-28 15:33 - 000000015 _____ C:\Users\b.ostalak\advanced_ip_scanner_Aliases.bin 2022-07-28 10:41 - 2020-10-28 15:20 - 000000000 ____D C:\Users\b.ostalak\.librapc 2022-07-28 10:33 - 2020-10-28 14:34 - 000000000 ____D C:\Program Files (x86)\LibraPC 2022-07-27 08:06 - 2020-11-19 01:41 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-07-23 21:11 - 2021-09-24 08:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2022-07-23 21:11 - 2020-09-10 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2022-07-23 21:11 - 2020-09-10 12:43 - 000000000 ____D C:\Program Files (x86)\Java 2022-07-23 21:10 - 2020-09-10 12:44 - 000168144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2022-07-23 08:54 - 2021-12-12 15:09 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1702512430-1667816713-2583525857-1705 2022-07-23 08:54 - 2021-03-03 10:52 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1702512430-1667816713-2583525857-1705 2022-07-23 08:54 - 2021-03-03 10:43 - 000002447 _____ C:\Users\b.ostalak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-07-21 12:00 - 2020-12-21 12:01 - 000000000 ____D C:\Users\b.ostalak\AppData\Roaming\vlc 2022-07-20 21:20 - 2020-03-23 20:01 - 000000000 ____D C:\Program Files\Microsoft Office 2022-07-20 08:09 - 2020-08-26 13:20 - 000000000 ____D C:\Users\b.ostalak\AppData\Local\Packages 2022-07-20 08:04 - 2021-03-03 10:43 - 000000000 ____D C:\Users\Admin 2022-07-20 08:03 - 2021-06-23 10:30 - 000007472 _____ C:\Users\b.ostalak\PanPortalCfg_bee0784df76e7cea3fa0f66ea1b21a93.dat 2022-07-20 08:03 - 2020-10-28 16:25 - 000000000 ____D C:\Users\b.ostalak\AppData\Local\D3DSCache 2022-07-20 07:50 - 2021-06-23 10:30 - 000000016 _____ C:\Users\b.ostalak\PanPUAC_bee0784df76e7cea3fa0f66ea1b21a93.dat 2022-07-19 08:59 - 2021-06-23 10:30 - 000001084 _____ C:\Users\b.ostalak\ServerCert.pan 2022-07-18 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-07-18 07:22 - 2020-08-26 13:49 - 000000000 ____D C:\Users\b.ostalak\AppData\Local\PlaceholderTileLogoFolder 2022-07-18 07:14 - 2020-03-23 20:07 - 000000000 ____D C:\ProgramData\Bromium 2022-07-16 16:51 - 2021-12-16 14:49 - 000000000 ____D C:\Program Files (x86)\ToolBox 2022-07-16 13:27 - 2020-03-23 20:07 - 000006896 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog 2022-07-15 14:12 - 2020-11-19 00:38 - 001796040 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-07-15 14:10 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-07-15 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-07-15 14:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-07-15 14:03 - 2020-11-19 01:41 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-07-15 13:40 - 2021-02-13 19:55 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-07-15 13:09 - 2021-02-13 19:55 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-07-14 07:36 - 2022-04-02 14:20 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-07-14 07:36 - 2021-03-03 10:52 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-07-13 19:58 - 2020-11-19 00:38 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2022-07-13 15:02 - 2022-03-28 09:09 - 000000128 _____ C:\Users\b.ostalak\AppData\Roaming\winscp.rnd ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-07-21 07:37 - 2021-07-21 07:37 - 000007216 _____ () C:\Users\b.ostalak\PanPortalCfg_1af680dd2d2c61ab73fcabf0dff627a2.dat 2022-04-11 06:48 - 2022-04-11 06:48 - 000007504 _____ () C:\Users\b.ostalak\PanPortalCfg_1e6671e7247318c3a5e3c78b37bcc.dat 2022-04-06 16:31 - 2022-04-11 06:49 - 000007472 _____ () C:\Users\b.ostalak\PanPortalCfg_4aecf36dfe48642c352756181bd9238.dat 2021-07-21 08:55 - 2021-07-21 08:55 - 000007216 _____ () C:\Users\b.ostalak\PanPortalCfg_5140a21e87d2e47afbf25e8ab7329a.dat 2021-06-23 10:30 - 2022-07-20 08:03 - 000007472 _____ () C:\Users\b.ostalak\PanPortalCfg_bee0784df76e7cea3fa0f66ea1b21a93.dat 2021-07-21 07:37 - 2021-07-21 07:37 - 000000016 _____ () C:\Users\b.ostalak\PanPUAC_1af680dd2d2c61ab73fcabf0dff627a2.dat 2022-04-11 06:48 - 2022-04-11 06:48 - 000000016 _____ () C:\Users\b.ostalak\PanPUAC_1e6671e7247318c3a5e3c78b37bcc.dat 2022-04-06 16:31 - 2022-04-11 06:49 - 000000016 _____ () C:\Users\b.ostalak\PanPUAC_4aecf36dfe48642c352756181bd9238.dat 2021-07-21 08:55 - 2021-07-21 08:55 - 000000016 _____ () C:\Users\b.ostalak\PanPUAC_5140a21e87d2e47afbf25e8ab7329a.dat 2021-06-23 10:30 - 2022-07-20 07:50 - 000000016 _____ () C:\Users\b.ostalak\PanPUAC_bee0784df76e7cea3fa0f66ea1b21a93.dat 2022-03-28 09:09 - 2022-07-13 15:02 - 000000128 _____ () C:\Users\b.ostalak\AppData\Roaming\winscp.rnd 2021-11-24 15:21 - 2021-11-24 16:20 - 000000298 _____ () C:\Users\b.ostalak\AppData\Roaming\XiboClient.xml 2022-03-26 12:29 - 2022-06-29 23:11 - 000000128 _____ () C:\Users\b.ostalak\AppData\Local\PUTTY.RND 2020-09-10 09:32 - 2022-08-06 21:18 - 000007625 _____ () C:\Users\b.ostalak\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================