Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 04-08-2022 Uruchomiony przez RafałKubiak (administrator) 024RKUBIAK5 (LENOVO 20NX006QMX) (13-08-2022 15:19:17) Uruchomiony z C:\Users\RafałKubiak\Downloads Załadowane profile: False <==== UWAGA (Profil tymczasowy?) Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.1826 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\ProgramData\Anaconda3\Scripts\conda.exe <5> (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\LCC\adobe_licensing_helper.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\AdobeNotificationManager\AdobeNotificationHelper.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2> (C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2> (C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe ->) (Siemens AG -> Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe (C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oPNDiscoveryx64.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe ->) (Siemens UMC -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\um.Ris.exe (C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe ->) (Siemens UMC -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\um.sso.exe (DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxEM.exe (DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\shtctky.exe (DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tposd.exe (ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (explorer.exe ->) (EnTech Taiwan -> EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (explorer.exe ->) (Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (explorer.exe ->) (Microsoft Corporation -> Sysinternals - www.sysinternals.com) C:\Users\RafałKubiak\Downloads\ZoomIt\ZoomIt64.exe (explorer.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe (explorer.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\RafałKubiak\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <5> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Python Software Foundation) [Brak podpisu cyfrowego] C:\ProgramData\Anaconda3\python.exe <5> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe <2> (services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe (services.exe ->) (GLAVSOFT, OOO -> GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe <2> (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\ThunderboltService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe (services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe (services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\ibmpmsvc.exe (services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\LITSSvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe (services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bbb0597391852f64\RtkAudUService64.exe <3> (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (Siemens AG -> Siemens AG) C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\SmartServer.exe (services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe (services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oPNDiscoveryx64.exe (services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe (services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe (services.exe ->) (Siemens AG -> SoftwareOption GmbH) C:\Program Files\Common Files\Siemens\SimNetCom\TraceConceptX.exe (services.exe ->) (Siemens AG) [Brak podpisu cyfrowego] C:\Program Files\Common Files\Siemens\TelemetryConnector\bin\Siemens.Simatic.TelemetryConnector.WindowsService.exe (services.exe ->) (Siemens UMC -> SIEMENS AG) C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe (services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated.) C:\Windows\System32\SynRpcServer.exe (services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe (svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxext.exe (svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Siemens AG -> Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1803440 2020-12-17] (GLAVSOFT, OOO -> GlavSoft LLC.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> ) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5929680 2022-08-02] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1067528 2022-07-25] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [289560 2022-08-09] (Intel Corporation -> Intel) HKU\S-1-12-1-823460234-1297740821-3199230651-3912469372\...\Run: [com.squirrel.Teams.Teams] => C:\Users\RafałKubiak\AppData\Local\Microsoft\Teams\Update.exe [2508520 2022-08-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-12-1-823460234-1297740821-3199230651-3912469372\...\Run: [ZoomIt] => C:\Users\RafałKubiak\Downloads\ZoomIt\ZoomIt64.exe [588152 2021-05-12] (Microsoft Corporation -> Sysinternals - www.sysinternals.com) HKU\S-1-12-1-823460234-1297740821-3199230651-3912469372\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [825720 2021-04-21] (OpenVPN Inc. -> ) HKU\S-1-12-1-823460234-1297740821-3199230651-3912469372\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491920 2022-08-02] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-12-1-823460234-1297740821-3199230651-3912469372\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKU\S-1-12-1-823460234-1297740821-3199230651-3912469372\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [562179520 2021-06-10] (Manhattan Engineering Incorporated -> Kite) HKU\S-1-12-1-823460234-1297740821-3199230651-3912469372\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\RafałKubiak\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Brak pliku) HKU\S-1-12-1-823460234-1297740821-3199230651-3912469372\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\RafałKubiak\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Brak pliku) HKU\S-1-12-1-823460234-1297740821-3199230651-3912469372\...\RunOnce: [Uninstall 22.141.0703.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RafałKubiak\AppData\Local\Microsoft\OneDrive\22.141.0703.0002" (Brak pliku) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\C3851SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAXPJ_L.DLL [25496 2021-04-29] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\Software\...\AppCompatFlags\Custom\Siemens.Automation.Portal.exe: [{479eafda-32b8-47e0-9c89-d68f3b8a098f}.sdb] -> Siemens.Automation.Portal.exe HKLM\Software\...\AppCompatFlags\Custom\Siemens.Simatic.Pct.ApplicationLoader.exe: [{15861d9f-b664-4b88-9140-dad52ba7ee41}.sdb] -> SIMATIC S7-PCT Advanced Services HKLM\Software\...\AppCompatFlags\InstalledSDB\{15861d9f-b664-4b88-9140-dad52ba7ee41}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{15861d9f-b664-4b88-9140-dad52ba7ee41}.sdb [2019-03-04] HKLM\Software\...\AppCompatFlags\InstalledSDB\{479eafda-32b8-47e0-9c89-d68f3b8a098f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{479eafda-32b8-47e0-9c89-d68f3b8a098f}.sdb [2019-10-23] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.81\Installer\chrmstp.exe [2022-08-09] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-0E8A268358A0}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2021-07-20] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2021-08-03] ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2021-07-20] ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Startup: C:\Users\RafałKubiak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2022-08-10] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0104E99D-BBC0-4710-94E1-44CA2A71D129} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {02A1FBA7-BFE8-4384-8EA1-C5391D230DAD} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62152 2020-12-20] (Lenovo -> ) Task: {25760DAC-4A26-4AFB-B164-43CB0CCA3D39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2C90E53E-DD24-43E4-B0B7-C696453970E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {3C56987F-2F6F-41DF-9C68-D3D258F7C73A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {400156A3-3202-40A5-B76B-2A26647779EE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation) Task: {41AE50E6-98D6-48B0-B217-11BADD0F2720} - System32\Tasks\Opera scheduled Autoupdate 1637621702 => C:\Users\RafałKubiak\AppData\Local\Programs\Opera\launcher.exe [2527216 2022-08-03] (Opera Norway AS -> Opera Software) Task: {4DB233EC-314F-4FC8-862C-0E0BF52ACD60} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1897824 2022-03-09] (Lenovo -> ) Task: {60F81814-F2F8-49CC-A0E8-3D6DA99C76D7} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {699B42C6-8DD9-40AB-8312-020ACD798991} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-02-25] () [Brak podpisu cyfrowego] Task: {6B5541E8-E66C-4EB4-A151-13D52F810B9C} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [66480 2021-12-04] (Microsoft Corporation -> Microsoft) Task: {702B57EA-7C4D-41AE-9CF4-1030F42C1FBC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {7452FDE2-8649-4EAF-8005-50D446B570F7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-12] (Google LLC -> Google LLC) Task: {75468531-5813-4384-ADDF-94B89C0E033E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1897824 2022-03-09] (Lenovo -> ) Task: {7A6E924D-1F96-4696-8F85-85E78F2AB778} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {91312BA2-14BF-4F5F-B31A-C8484744B548} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-12] (Google LLC -> Google LLC) Task: {9157468C-CAAF-4FB8-90BE-DC0302C05F90} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bbb0597391852f64\RtkAudUService64.exe [3495904 2022-05-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {A4CD8B6D-F9C2-47EA-B3CE-20DDEC6BF897} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-08] (Microsoft Corporation -> Microsoft Corporation) Task: {C657CE73-8FB6-4E50-9F8A-7509B3C2B256} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo) Task: {C9423ABA-528A-462E-BAC8-179C1A4B205B} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation) Task: {DF782307-E2E4-4749-9FB4-9DF613ECB342} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-08] (Microsoft Corporation -> Microsoft Corporation) Task: {E312B61C-E490-404E-A739-BFCD039A3B0A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-08] (Microsoft Corporation -> Microsoft Corporation) Task: {E5D26E6B-ED91-466B-B7CF-3C15EC35FD18} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0985aab2-c8fd-4fa1-8255-f36123ccc6dd}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{654989df-5305-4c0f-8be1-0ca1741ba7e4}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\RafałKubiak\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-11] FireFox: ======== FF DefaultProfile: bo3m9pso.default FF DefaultProfile: 9nrhdhsq.default FF ProfilePath: C:\Users\RafałKubiak\AppData\Roaming\Zotero\Zotero\Profiles\bo3m9pso.default [2022-03-08] FF ProfilePath: C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\9nrhdhsq.default [2022-08-13] FF ProfilePath: C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release [2022-08-13] FF Extension: (Facebook Container) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\@contain-facebook.xpi [2022-03-17] FF Extension: (I don't care about cookies) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2022-08-13] FF Extension: (NordVPN - A VPN Proxy Extension for Firefox) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\nordvpnproxy@nordvpn.com.xpi [2022-08-10] FF Extension: (uBlock Origin) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-06-22] FF Extension: (Zotero Connector) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\zotero@chnm.gmu.edu.xpi [2022-07-03] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json] FF Extension: (Startpage.com – prywatna wyszukiwarka) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2021-11-14] FF Extension: (Bitwarden - darmowy menedżer haseł) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2022-08-09] FF Extension: (Absolute Right Click) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\{9350bc42-47fb-4598-ae0f-825e3dd9ceba}.xpi [2022-02-14] FF Extension: (Selenium IDE) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2022-02-11] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2022-04-19] FF Extension: (Video DownloadHelper) - C:\Users\RafałKubiak\AppData\Roaming\Mozilla\Firefox\Profiles\ke6sep4l.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-03] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-04-27] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-03-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-03-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-07-25] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-07-25] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\RafałKubiak\AppData\Local\Google\Chrome\User Data\Default [2022-08-13] CHR Notifications: Default -> hxxps://www.inea.pl CHR Extension: (uBlock Origin) - C:\Users\RafałKubiak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-06-22] CHR Extension: (Adobe Acrobat: edycja plików PDF, konwertowanie, narzędzia podpisywania) - C:\Users\RafałKubiak\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-07-27] CHR Extension: (I don't care about cookies) - C:\Users\RafałKubiak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-06-22] CHR Extension: (Dokumenty Google offline) - C:\Users\RafałKubiak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-22] CHR Extension: (Selenium IDE) - C:\Users\RafałKubiak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mooikfkahbdckldjjndioackbalphokd [2021-12-08] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\RafałKubiak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-12] CHR Extension: (Bitwarden - darmowy menedżer haseł) - C:\Users\RafałKubiak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-08-10] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= OPR Profile: C:\Users\RafałKubiak\AppData\Roaming\Opera Software\Opera Stable [2022-08-13] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\RafałKubiak\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-04] OPR Extension: (Opera Crypto Wallet) - C:\Users\RafałKubiak\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-07-20] OPR Extension: (Amazon Assistant Promotion) - C:\Users\RafałKubiak\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-23] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) "MpKsl6e89fc6e" => serwis nie został odblokowany. <==== UWAGA HKLM\SYSTEM\ControlSet001\Services\MpKsl6e89fc6e => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{277E4CC0-1F5C-4C7C-87F5-F249CE2D6301}\MpKslDrv.sys <==== UWAGA (Rootkit!/Zablokowana usługa) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [923656 2022-07-25] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated) R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [2240376 2019-09-13] (Siemens AG -> SIEMENS AG) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-08] (Microsoft Corporation -> Microsoft Corporation) R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [12002208 2019-12-16] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) U2 cortsmartserver; C:\Program Files (x86)\Siemens\Automation\WinCC RT Advanced\SmartServer.exe [906616 2019-10-23] (Siemens AG -> Siemens AG) R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe [2305576 2021-12-08] (Dolby Laboratories, Inc. -> Dolby Laboratories) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [40728 2022-08-09] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [188696 2022-08-09] (Intel Corporation -> Intel) R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [437680 2022-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) R2 KiteService; C:\Program Files\Kite\KiteService.exe [140864 2021-06-10] (Manhattan Engineering Incorporated -> Kite) R2 Lenovo Instant On; C:\WINDOWS\SysWOW64\EasyResume.exe [2351304 2020-12-20] (Lenovo -> Lenovo Group Limited) R2 LITSSVC; C:\WINDOWS\System32\LITSSvc.exe [1217488 2022-04-12] (Lenovo -> Lenovo.) S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-11] (Malwarebytes Inc. -> Malwarebytes) R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73592 2021-04-21] (OpenVPN Inc. -> The OpenVPN Project) S2 S7DOS SCP Remote; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\S7O.TunnelServiceHost.exe [67304 2019-02-27] (Siemens AG -> Siemens AG) R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [161144 2019-10-16] (Siemens AG -> SIEMENS AG) R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [276344 2019-10-16] (Siemens AG -> SIEMENS AG) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6232176 2022-07-17] (Microsoft Windows Publisher -> Microsoft Corporation) S3 Siemens Diagnostics Data Collector Service; C:\Program Files\Common Files\Siemens\ETWEventCollector\bin\Siemens.Automation.Tracing.ETW.EventCollector.ServiceHost.exe [30160 2019-10-23] (SIEMENS AG -> Siemens AG) R2 Siemens Telemetry Connector Service; C:\Program Files\Common Files\Siemens\TelemetryConnector\bin\Siemens.Simatic.TelemetryConnector.WindowsService.exe [8704 2019-10-16] (Siemens AG) [Brak podpisu cyfrowego] R2 SiemensTiaAdmin; C:\Program Files\Siemens\Automation\TIAADMIN\server\node.exe [20608664 2019-10-14] (Node.js Foundation -> Node.js) R2 SIMATIC PnDiscovery Service; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oPNDiscoveryx64.exe [781688 2019-10-16] (Siemens AG -> SIEMENS AG) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-09-24] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-09-24] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 SynHsaService; C:\WINDOWS\System32\SynRpcServer.exe [196040 2022-06-13] (Synaptics Incorporated -> Synaptics Incorporated.) R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [254088 2021-10-11] (Intel Corporation -> Intel Corporation) R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\TPHKLOAD.exe [465192 2021-03-30] (Lenovo -> Lenovo Group Limited) R2 TraceConceptX; C:\Program Files\Common Files\Siemens\SimNetCom\TraceConceptX.exe [87416 2019-04-09] (Siemens AG -> SoftwareOption GmbH) R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1803440 2020-12-17] (GLAVSOFT, OOO -> GlavSoft LLC.) S4 UMC Service; C:\Program Files\Siemens\Automation\UserManagement\BIN\UMCService.exe [341344 2019-09-26] (Siemens UMC -> SIEMENS AG) R2 umscsvc; C:\Program Files\Siemens\Automation\UserManagement\BIN\IPCSecCom.exe [476512 2019-09-26] (Siemens UMC -> SIEMENS AG) S4 UP Service; C:\Program Files\Siemens\Automation\UserManagement\BIN\UPService.exe [197472 2019-09-26] (Siemens UMC -> SIEMENS AG) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746736 2021-10-18] (Oracle Corporation -> Oracle Corporation) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-26] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-26] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AKCCID; C:\WINDOWS\System32\drivers\AKCCID.sys [96384 2019-11-26] (Alcorlink Corp. -> Generic) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R3 cortkbdrtmwdf; C:\WINDOWS\system32\drivers\cortkbdrtmwdf.sys [25576 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dpmconv; C:\WINDOWS\System32\drivers\dpmconv.sys [275504 2019-02-27] (Siemens AG -> Siemens AG) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [192960 2022-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [74704 2022-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-08-13] (Malwarebytes Inc. -> Malwarebytes) R1 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38888 2022-03-27] (Lenovo -> Lenovo) S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [1140584 2022-04-19] (Realtek Semiconductor Corp. -> Realtek Corporation) R3 s7odpx2x64; C:\WINDOWS\System32\drivers\s7odpx2x64.sys [94432 2019-02-27] (Siemens AG -> SIEMENS AG) R3 s7oppilx64; C:\WINDOWS\System32\Drivers\s7oppilx64.sys [47448 2019-02-27] (Siemens AG -> SIEMENS AG) R3 s7oppinx64; C:\WINDOWS\System32\drivers\s7oppinx64.sys [117472 2019-02-27] (Siemens AG -> SIEMENS AG) R3 s7oserix64; C:\WINDOWS\System32\Drivers\s7oserix64.sys [148312 2019-02-27] (Siemens AG -> SIEMENS AG) R3 s7osmcax64; C:\WINDOWS\System32\drivers\s7osmcax64.sys [228064 2019-02-27] (Siemens AG -> SIEMENS AG) R3 s7osobux64; C:\WINDOWS\System32\drivers\s7osobux64.sys [120608 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> SIEMENS AG) R3 s7otmcd64x; C:\WINDOWS\System32\Drivers\s7otmcd64x.sys [202976 2019-02-27] (Siemens AG -> SIEMENS AG) R3 s7otranx64; C:\WINDOWS\System32\drivers\s7otranx64.sys [281904 2019-02-27] (Siemens AG -> SIEMENS AG) R3 s7otsadx64; C:\WINDOWS\System32\drivers\s7otsadx64.sys [221920 2019-02-27] (Siemens AG -> SIEMENS AG) R2 s7ousbu64x; C:\WINDOWS\System32\drivers\s7ousbu64x.sys [157528 2019-02-27] (Siemens AG -> SIEMENS AG) R2 s7PnDiscoveryDriver; C:\WINDOWS\system32\DRIVERS\s7PnDiscoveryDriver.sys [46384 2019-02-27] (Siemens AG -> SIEMENS AG) R2 Snpnio; C:\WINDOWS\system32\DRIVERS\snpnio.sys [107568 2019-02-27] (Siemens AG -> Windows (R) Win 7 DDK provider) R2 SNTIE; C:\WINDOWS\system32\DRIVERS\sntie.sys [305856 2019-02-27] (Siemens AG -> Siemens AG) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-06-17] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 TbtP2pNdisDrv; C:\WINDOWS\System32\drivers\TbtP2pNdisDrv.sys [435664 2019-12-18] (TBT_DCH_DRV_PROD -> Intel Corporation) S3 usbaud; C:\WINDOWS\System32\drivers\usbaud64w10.sys [99672 2021-07-27] (Synaptics Incorporated -> Synaptics Inc.) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239664 2021-10-18] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249568 2021-10-18] (Oracle Corporation -> Oracle Corporation) R3 vsnl2ada; C:\WINDOWS\System32\drivers\vsnl2ada.sys [143920 2019-02-27] (Siemens AG -> SIEMENS AG) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [452856 2022-06-26] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-26] (Microsoft Windows -> Microsoft Corporation) R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2020-03-18] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_c34c898c5c4d0406\WiMan\WiMan.sys [168008 2021-12-08] (Intel Corporation -> Intel Corporation) R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-06-17] (WireGuard LLC -> WireGuard LLC) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-08-13 15:17 - 2022-08-13 15:17 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2022-08-13 15:17 - 2022-08-13 15:17 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2022-08-13 15:17 - 2022-08-13 15:17 - 000074704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2022-08-13 15:17 - 2022-08-13 15:17 - 000000004 ____H C:\ProgramData\cm-lock 2022-08-13 15:17 - 2022-08-13 15:17 - 000000000 ____D C:\Users\RafałKubiak\AppData\LocalLow\IGDump 2022-08-13 15:14 - 2022-08-13 15:16 - 000003461 _____ C:\Users\RafałKubiak\Downloads\Fixlog.txt 2022-08-11 18:47 - 2022-08-11 18:47 - 000071609 _____ C:\Users\RafałKubiak\Downloads\Shortcut.txt 2022-08-11 18:45 - 2022-08-11 18:47 - 000111236 _____ C:\Users\RafałKubiak\Downloads\Addition.txt 2022-08-11 18:43 - 2022-08-13 15:20 - 000045002 _____ C:\Users\RafałKubiak\Downloads\FRST.txt 2022-08-11 18:43 - 2022-08-13 15:20 - 000000000 ____D C:\FRST 2022-08-11 18:42 - 2022-08-11 18:43 - 002370048 _____ (Farbar) C:\Users\RafałKubiak\Downloads\FRST64.exe 2022-08-11 18:29 - 2022-08-11 18:29 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-08-11 18:29 - 2022-08-11 18:29 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-08-11 18:29 - 2022-08-11 18:29 - 000000000 ____D C:\Users\RafałKubiak\AppData\Local\mbam 2022-08-11 18:28 - 2022-08-11 18:28 - 002556344 _____ (Malwarebytes) C:\Users\RafałKubiak\Downloads\MBSetup.exe 2022-08-11 18:28 - 2022-08-11 18:28 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-08-11 18:28 - 2022-08-11 18:28 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-08-11 18:28 - 2022-08-11 18:28 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-08-11 18:28 - 2022-08-11 18:28 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-08-11 18:28 - 2022-08-11 18:28 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-08-11 18:28 - 2022-08-11 18:28 - 000000000 ____D C:\Program Files\Malwarebytes 2022-08-10 20:33 - 2022-08-10 20:33 - 000062047 _____ C:\Users\RafałKubiak\Downloads\APK-33603-2022-08-36.pdf 2022-08-10 20:30 - 2022-08-10 20:30 - 000208104 _____ C:\Users\RafałKubiak\Downloads\wypowiedzenie PO6VC82.pdf 2022-08-10 19:57 - 2022-08-10 19:57 - 000144829 _____ C:\Users\RafałKubiak\Downloads\pinsyg.zip 2022-08-10 19:56 - 2022-08-10 19:56 - 000112720 _____ C:\Users\RafałKubiak\Downloads\Oferta_4187175_2.pdf 2022-08-10 19:50 - 2022-08-10 19:50 - 000041003 _____ C:\Users\RafałKubiak\Downloads\Propozycja+ubezpieczenia+nr+T1315602824.pdf 2022-08-10 19:06 - 2022-08-10 19:06 - 000776662 _____ C:\Users\RafałKubiak\Downloads\RKU 911028152956.pdf 2022-08-10 18:52 - 2022-08-10 18:52 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2022-08-10 18:25 - 2022-08-10 18:25 - 000190240 _____ C:\Users\RafałKubiak\Downloads\Dokument_2022-15-15181-1_3675.pdf 2022-08-10 18:04 - 2022-08-13 15:17 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-08-09 18:33 - 2022-08-09 18:33 - 000000112 ___SH C:\bootTel.dat 2022-08-09 18:08 - 2022-08-09 18:08 - 000712787 _____ C:\Users\RafałKubiak\Downloads\zlommebdruk.pdf 2022-08-08 20:18 - 2022-08-08 20:18 - 000034237 _____ C:\Users\RafałKubiak\Downloads\transfer_20220808.pdf 2022-08-08 19:45 - 2022-08-08 19:45 - 000212314 _____ C:\Users\RafałKubiak\Downloads\giemza VFR wypowiedzenie 2021.pdf 2022-08-08 19:35 - 2022-08-08 19:35 - 000290910 _____ C:\Users\RafałKubiak\Downloads\RKU KMHP1225294.pdf 2022-08-08 19:34 - 2022-08-08 19:34 - 000061800 _____ C:\Users\RafałKubiak\Downloads\pobierz APK.pdf 2022-08-08 19:23 - 2022-08-08 19:24 - 000000000 ___HD C:\adobeTemp 2022-08-08 16:28 - 2022-08-08 16:28 - 000025800 _____ C:\Users\RafałKubiak\Downloads\config.bin 2022-08-06 14:30 - 2022-08-06 14:30 - 000000020 _____ C:\Users\RafałKubiak\Downloads\marianna.txt 2022-08-06 13:32 - 2022-08-06 13:32 - 000005967 _____ C:\Users\RafałKubiak\Downloads\client(3).ovpn 2022-08-05 16:29 - 2022-08-05 16:29 - 000045399 _____ C:\Users\RafałKubiak\Downloads\Faktura FBV 14_2022-1.pdf 2022-08-05 16:27 - 2022-08-05 16:27 - 000045399 _____ C:\Users\RafałKubiak\Downloads\Faktura FBV 14_2022.pdf 2022-07-31 23:29 - 2022-07-31 23:29 - 000411125 _____ C:\Users\RafałKubiak\Downloads\polisa+920025845667.pdf 2022-07-28 13:12 - 2022-07-04 18:27 - 001319536 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCtrl.exe 2022-07-28 13:12 - 2022-07-04 18:27 - 000732808 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys 2022-07-28 13:12 - 2022-07-04 18:27 - 000642160 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCmds.dll 2022-07-28 13:12 - 2022-07-04 18:27 - 000483464 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\ETDApix.dll 2022-07-28 13:12 - 2022-07-04 18:27 - 000474224 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDFavorite.dll 2022-07-28 13:12 - 2022-07-04 18:27 - 000446064 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDUn_inst.exe 2022-07-28 13:12 - 2022-07-04 18:27 - 000434288 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\LenovoAPI.dll 2022-07-28 13:12 - 2022-07-04 18:27 - 000255600 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDService.exe 2022-07-28 13:12 - 2022-07-04 18:27 - 000040048 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys 2022-07-28 13:12 - 2022-07-04 18:27 - 000035952 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETDHSA.sys 2022-07-28 13:12 - 2022-07-04 18:27 - 000029808 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDMiniPTP.sys 2022-07-28 13:12 - 2022-05-01 16:09 - 008818272 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys 2022-07-28 13:12 - 2022-05-01 16:09 - 002687540 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat 2022-07-28 13:12 - 2022-05-01 16:09 - 001626216 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll 2022-07-28 11:59 - 2022-07-28 13:22 - 000016775 _____ C:\Users\RafałKubiak\Downloads\OBWODY ELEKTRYCZNE.xlsx 2022-07-28 11:59 - 2022-07-28 11:59 - 000000165 ____H C:\Users\RafałKubiak\Downloads\~$OBWODY ELEKTRYCZNE.xlsx 2022-07-27 12:59 - 2022-07-27 12:59 - 000371984 _____ C:\Users\RafałKubiak\Desktop\czerniak.pdf 2022-07-25 22:05 - 2022-07-25 22:06 - 000000000 ____D C:\Users\RafałKubiak\Downloads\sowin 2022-07-25 17:04 - 2022-07-25 17:04 - 000001394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2022-07-20 17:49 - 2022-07-20 17:49 - 005425155 _____ C:\Users\RafałKubiak\Desktop\pdfjs.pdf 2022-07-20 14:35 - 2022-07-20 14:35 - 000190017 _____ C:\Users\RafałKubiak\Downloads\Dokument_2022-14-15181-1_9005.pdf 2022-07-20 14:35 - 2022-07-20 14:35 - 000189994 _____ C:\Users\RafałKubiak\Downloads\Dokument_2022-13-15181-1_6003.pdf 2022-07-20 14:34 - 2022-07-20 14:34 - 000190157 _____ C:\Users\RafałKubiak\Downloads\Dokument_2022-12-15181-1_7088.pdf 2022-07-20 14:33 - 2022-07-20 14:33 - 000392448 _____ C:\Users\RafałKubiak\Downloads\Niezbędnik_inspekcja_zdjeciowa_AC.pdf 2022-07-20 14:12 - 2022-07-20 14:12 - 000000194 _____ C:\WINDOWS\system32\k900_type_0_restore.txt 2022-07-19 09:18 - 2022-07-19 09:18 - 001168434 _____ C:\Users\RafałKubiak\Downloads\287CECD185.pdf 2022-07-19 08:48 - 2022-07-19 08:48 - 000000000 ____D C:\Users\RafałKubiak\Downloads\820002251387 2022-07-18 23:03 - 2022-05-19 01:01 - 051057688 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2022-07-17 18:51 - 2022-07-17 18:51 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-07-17 18:51 - 2022-07-17 18:51 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-07-17 18:51 - 2022-07-17 18:51 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-07-17 18:51 - 2022-07-17 18:51 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2022-07-17 18:51 - 2022-07-17 18:51 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-07-17 18:51 - 2022-07-17 18:51 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2022-07-17 18:50 - 2022-07-17 18:50 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-07-17 18:50 - 2022-07-17 18:50 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2022-07-17 18:50 - 2022-07-17 18:50 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-07-17 18:50 - 2022-07-17 18:50 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-07-17 18:50 - 2022-07-17 18:50 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll 2022-07-17 18:50 - 2022-07-17 18:50 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll 2022-07-17 18:50 - 2022-07-17 18:50 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll 2022-07-17 18:50 - 2022-07-17 18:50 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll 2022-07-17 18:50 - 2022-07-17 18:50 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-07-17 18:50 - 2022-07-17 18:50 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll 2022-07-17 18:50 - 2022-07-17 18:50 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-07-17 18:50 - 2022-07-17 18:50 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-07-17 18:50 - 2022-07-17 18:50 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-07-17 18:43 - 2022-07-17 18:43 - 000000000 ___HD C:\$WinREAgent 2022-07-15 10:11 - 2022-07-15 10:12 - 000209060 _____ C:\Users\RafałKubiak\Downloads\wypowiedzenie CLIO klimacki.pdf 2022-07-15 10:09 - 2022-07-15 10:09 - 000771005 _____ C:\Users\RafałKubiak\Downloads\wydruk (25).pdf 2022-07-14 21:13 - 2022-06-13 01:55 - 002251288 _____ (Intel Corporation) C:\WINDOWS\system32\qve.signed.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 002104328 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_dcap_quoteverify.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000805928 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_quote_ex.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000693768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_quote_ex.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000693768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_epid.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000688136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_launch.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000173064 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_dcap_ql.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000130600 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_urts.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000106504 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_urts.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000057864 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_enclave_common.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000047128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_platform.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000042528 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_uae_service.dll 2022-07-14 21:13 - 2022-06-13 01:55 - 000035848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_uae_service.dll 2022-07-14 21:13 - 2022-06-13 01:54 - 001113120 _____ (Intel Corporation) C:\WINDOWS\system32\qe3.signed.dll 2022-07-14 21:13 - 2022-06-13 01:54 - 000806432 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_epid.dll 2022-07-14 21:13 - 2022-06-13 01:54 - 000801824 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_launch.dll 2022-07-14 21:13 - 2022-06-13 01:54 - 000712216 _____ (Intel Corporation) C:\WINDOWS\system32\pce.signed.dll 2022-07-14 21:13 - 2022-06-13 01:54 - 000145944 _____ (Intel Corporation) C:\WINDOWS\system32\id_enclave.signed.dll 2022-07-14 21:13 - 2022-06-13 01:54 - 000072736 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_enclave_common.dll 2022-07-14 21:13 - 2022-06-13 01:54 - 000057896 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_platform.dll ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-08-13 15:19 - 2022-02-19 12:15 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-08-13 15:19 - 2021-12-11 15:09 - 000003612 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-12-1-823460234-1297740821-3199230651-3912469372 2022-08-13 15:19 - 2021-05-12 10:18 - 000000000 ____D C:\Program Files (x86)\Google 2022-08-13 15:19 - 2021-04-30 08:11 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-12-1-823460234-1297740821-3199230651-3912469372 2022-08-13 15:19 - 2021-04-30 08:09 - 000002453 _____ C:\Users\RafałKubiak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-08-13 15:18 - 2021-10-12 19:20 - 000000000 ___RD C:\Users\RafałKubiak\Creative Cloud Files 2022-08-13 15:18 - 2021-04-30 08:12 - 000000000 ____D C:\Users\RafałKubiak\AppData\LocalLow\Mozilla 2022-08-13 15:17 - 2021-04-30 08:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-08-13 15:17 - 2021-04-30 08:09 - 000000000 __SHD C:\Users\RafałKubiak\IntelGraphicsProfiles 2022-08-13 15:17 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\ServiceState 2022-08-13 15:17 - 2021-04-30 01:00 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-08-13 15:17 - 2021-04-30 00:59 - 000000000 ____D C:\WINDOWS\INF 2022-08-13 15:17 - 2021-04-30 00:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-08-13 15:17 - 2021-04-30 00:08 - 000000000 ____D C:\Intel 2022-08-13 15:17 - 2021-04-30 00:07 - 000008192 ___SH C:\DumpStack.log.tmp 2022-08-13 15:16 - 2021-04-30 08:09 - 000000000 ____D C:\Users\RafałKubiak 2022-08-13 15:16 - 2021-04-30 00:57 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-08-13 15:16 - 2021-04-30 00:57 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-08-13 15:15 - 2021-05-14 13:41 - 000000000 ____D C:\Users\RafałKubiak\AppData\LocalLow\Temp 2022-08-13 15:08 - 2021-04-30 00:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-08-13 12:05 - 2021-04-30 08:18 - 000000000 ____D C:\Program Files\Microsoft Office 2022-08-13 12:04 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-08-13 12:03 - 2021-04-30 01:00 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-13 12:02 - 2021-05-13 22:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-08-13 12:02 - 2021-04-30 00:08 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-08-11 18:29 - 2021-10-26 19:36 - 000000000 ____D C:\Users\RafałKubiak\AppData\Local\CrashDumps 2022-08-11 18:29 - 2021-05-13 22:40 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2022-08-11 18:29 - 2021-05-13 22:40 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-08-11 18:28 - 2021-04-30 01:00 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-08-11 18:27 - 2021-10-11 16:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-08-11 18:27 - 2021-04-30 08:12 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-08-11 00:41 - 2022-03-01 00:39 - 000000000 ____D C:\Users\RafałKubiak\Desktop\Proseminarium 2022-08-11 00:41 - 2021-08-08 20:41 - 000000000 ____D C:\Users\RafałKubiak\GRAPHISOFT 2022-08-11 00:40 - 2021-08-08 20:41 - 000000000 ____D C:\Users\RafałKubiak\AppData\Local\GRAPHISOFT 2022-08-11 00:23 - 2021-04-30 08:04 - 001769048 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-08-11 00:23 - 2021-04-30 01:02 - 000787304 _____ C:\WINDOWS\system32\perfh015.dat 2022-08-11 00:23 - 2021-04-30 01:02 - 000153148 _____ C:\WINDOWS\system32\perfc015.dat 2022-08-10 21:00 - 2021-04-30 08:09 - 000000000 ____D C:\Users\RafałKubiak\AppData\Local\D3DSCache 2022-08-10 18:53 - 2021-05-13 22:32 - 000000000 ____D C:\ProgramData\Package Cache 2022-08-10 18:52 - 2021-10-21 18:37 - 000000000 ____D C:\Program Files (x86)\Intel 2022-08-10 18:26 - 2021-04-30 09:08 - 000002406 _____ C:\Users\RafałKubiak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2022-08-10 18:18 - 2021-04-30 12:44 - 000000000 ____D C:\Users\RafałKubiak\AppData\Roaming\Signal 2022-08-10 18:00 - 2021-04-30 08:16 - 000000000 ____D C:\WINDOWS\TempInst 2022-08-09 10:00 - 2021-05-12 10:18 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-08-08 19:23 - 2021-05-13 22:31 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-08-05 23:05 - 2021-04-30 00:08 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc 2022-08-05 10:48 - 2021-11-23 00:55 - 000004248 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1637621702 2022-08-05 10:48 - 2021-11-23 00:55 - 000001505 _____ C:\Users\RafałKubiak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2022-08-04 22:08 - 2021-04-30 00:57 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-07-31 17:54 - 2021-04-30 08:57 - 000000000 ____D C:\Users\RafałKubiak\AppData\Local\PlaceholderTileLogoFolder 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\SystemResources 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\system32\setup 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-07-31 17:31 - 2021-04-30 01:00 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-07-31 17:31 - 2021-04-30 00:07 - 000795920 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-07-28 11:59 - 2021-04-30 08:09 - 000000000 ____D C:\Users\RafałKubiak\AppData\Local\Packages 2022-07-27 12:26 - 2021-04-30 00:08 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-07-27 12:26 - 2021-04-30 00:08 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-07-27 12:26 - 2021-04-30 00:08 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG 2022-07-25 17:04 - 2021-10-21 18:33 - 000000000 ____D C:\Users\RafałKubiak\AppData\Roaming\com.adobe.dunamis 2022-07-25 17:04 - 2021-05-13 22:31 - 000000000 ____D C:\Program Files\Adobe 2022-07-25 17:04 - 2021-05-13 22:31 - 000000000 ____D C:\Program Files (x86)\Adobe 2022-07-17 18:50 - 2021-04-30 08:02 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-07-16 23:31 - 2021-05-03 15:27 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-07-16 23:31 - 2021-05-03 15:27 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-07-14 21:11 - 2021-04-30 01:00 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns ==================== Pliki w katalogu głównym wybranych folderów ======== 2022-02-22 01:57 - 2022-06-30 23:10 - 000004254 _____ () C:\Users\RafałKubiak\AppData\Roaming\LTspiceXVII.ini 2021-12-14 15:29 - 2022-04-25 23:23 - 000000000 _____ () C:\Users\RafałKubiak\AppData\Roaming\Spyder.launch.pyw.log 2021-12-14 19:56 - 2021-12-14 19:56 - 000007755 _____ () C:\Users\RafałKubiak\AppData\Roaming\Wartości oddzielone przecinkami.EML 2021-10-08 20:10 - 2021-10-08 20:10 - 000000891 _____ () C:\Users\RafałKubiak\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================