Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 11-11-2020 Uruchomiony przez Natalia (administrator) NATI (LENOVO 20238) (11-11-2020 22:33:56) Uruchomiony z C:\Users\Natalia\Desktop Załadowane profile: Natalia Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Qualcomm Atheros -> Atheros Commnucations) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Qualcomm Atheros -> Atheros) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET, spol. s r.o. -> ESET) HKU\S-1-5-21-513659798-3782439895-4201574420-1000\...\MountPoints2: F - F:\SETUP.EXE HKLM\...\Print\Monitors\HP 9a11 Status Monitor: C:\Windows\system32\hpinksts9a11LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.193\Installer\chrmstp.exe [2020-11-09] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-10-15] (Qualcomm Atheros -> Atheros Commnucations) [Brak podpisu cyfrowego] HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-10-15] (Qualcomm Atheros -> Atheros Commnucations) [Brak podpisu cyfrowego] ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {2CF6010D-6683-4E2F-B663-6AD2A2D462CC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation) Task: {5EAC71D6-BFF6-4C6F-A594-5BA2CAEFDD0E} - System32\Tasks\{F1F786A0-2C2C-419F-AEF8-4C50933B1689} => C:\Windows\system32\pcalua.exe -a "C:\drivers\13. Bluetooth Driver\Setup.exe" -d "C:\drivers\13. Bluetooth Driver" Task: {61F9812E-FC03-42BD-BD2B-2536232507E6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation) Task: {85AC5D07-3241-426C-8760-60D321AF3358} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {8E3D79BD-8DE4-4568-B835-6DE6689E3030} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-07] (Google LLC -> Google LLC) Task: {B34D131E-B41D-40DE-91AD-9A8CA934EBB2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {B3555349-1536-46BC-9429-6D79D8B8B4C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-07] (Google LLC -> Google LLC) Task: {CD2EEA4D-9F74-4BAF-9BF0-E2D92199C5AE} - System32\Tasks\Opera scheduled Autoupdate 1593184927 => C:\Users\Natalia\AppData\Local\Programs\Opera\launcher.exe Task: {CF1C07A2-1C9D-41BA-A806-FC5BD8C71FE9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {F786435E-A03A-4953-A805-17931D51F35D} - System32\Tasks\Opera scheduled assistant Autoupdate 1593185050 => C:\Users\Natalia\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Natalia\AppData\Local\Programs\Opera\assistant" $(Arg0) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8C9FA4B6-B07F-481B-B46A-93F14CB3E5C5}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C86DAA36-7AAE-40BA-9E94-0EBBC5B71B4C}: [DhcpNameServer] 192.168.42.129 Edge: ====== Edge DefaultProfile: Default Edge Profile: C:\Users\Natalia\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-10] FireFox: ======== FF ProfilePath: C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\s3f335ga.Natalia [2020-11-11] FF Homepage: Mozilla\Firefox\Profiles\s3f335ga.Natalia -> www.google.pl FF NetworkProxy: Mozilla\Firefox\Profiles\s3f335ga.Natalia -> type", 0 FF Extension: (LastPass: Free Password Manager) - C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\s3f335ga.Natalia\Extensions\support@lastpass.com.xpi [2020-10-13] FF Extension: (Nano Adblocker) - C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\s3f335ga.Natalia\Extensions\{af881826-e0f9-4b97-898a-a416dc473545}.xpi [2020-10-17] FF Extension: (Foxy Gestures) - C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\s3f335ga.Natalia\Extensions\{e839c3f9-298e-4cd0-99e0-464431cb7c34}.xpi [2020-10-09] FF Extension: (Nano Defender for Firefox) - C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\s3f335ga.Natalia\Extensions\{fcf60470-b210-4c17-969e-9ae01491071e}.xpi [2020-10-13] FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2019-05-05] [Przestarzałe] FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2019-05-05] FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-15] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-15] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default [2020-11-11] CHR Extension: (Prezentacje) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-07] CHR Extension: (Dokumenty) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-07] CHR Extension: (Dysk Google) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03] CHR Extension: (YouTube) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-07] CHR Extension: (Arkusze) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-07] CHR Extension: (Dokumenty Google offline) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-07] CHR Extension: (Gmail) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03] CHR Extension: (Chrome Media Router) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-11] CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05] CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-15] (Qualcomm Atheros -> Atheros Commnucations) [Brak podpisu cyfrowego] R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET, spol. s r.o. -> ESET) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Brak podpisu cyfrowego] R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-04-27] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [934328 2020-04-27] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-06-10] (Microsoft Windows -> Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-10-15] (Qualcomm Atheros -> Atheros) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [36480 2012-10-15] (Qualcomm Atheros -> Atheros) R3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [341120 2012-10-15] (Qualcomm Atheros -> Atheros) R3 btath_avdt; C:\Windows\System32\drivers\btath_avdt.sys [111232 2012-10-15] (Qualcomm Atheros -> Atheros) R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [30848 2012-10-15] (Qualcomm Atheros -> Atheros) R3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [168064 2012-10-15] (Qualcomm Atheros -> Atheros) R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [68736 2012-10-15] (Qualcomm Atheros -> Atheros) R3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [281728 2012-10-15] (Qualcomm Atheros -> Atheros) R3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [551040 2012-10-15] (Qualcomm Atheros -> Atheros) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET, spol. s r.o. -> ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET, spol. s r.o. -> ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET, spol. s r.o. -> ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET, spol. s r.o. -> ESET) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2020-06-26] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) U3 avgbdisk; Brak ImagePath S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X] S3 SmbDrvI; system32\DRIVERS\Smb_driver_Intel.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-11-11 22:33 - 2020-11-11 22:35 - 000016543 _____ C:\Users\Natalia\Desktop\FRST.txt 2020-11-11 22:30 - 2020-11-11 22:35 - 000000000 ____D C:\FRST 2020-11-11 22:28 - 2020-11-11 22:28 - 002298368 _____ (Farbar) C:\Users\Natalia\Desktop\FRST64.exe 2020-11-11 15:23 - 2020-11-11 15:23 - 000083939 _____ C:\Users\Natalia\Desktop\PLAN-2020-2021-ZIMA.xlsx 2020-11-11 12:57 - 2020-11-11 12:57 - 000753114 _____ C:\Users\Natalia\Desktop\NL 190 Marketing 2 - dla studentów.pdf 2020-11-10 23:45 - 2020-11-10 23:45 - 007466056 _____ (Piriform Software Ltd) C:\Users\Natalia\Downloads\dfsetup222.exe 2020-11-10 23:45 - 2020-11-10 23:45 - 000001688 _____ C:\Users\Public\Desktop\Defraggler.lnk 2020-11-10 23:45 - 2020-11-10 23:45 - 000001688 _____ C:\ProgramData\Desktop\Defraggler.lnk 2020-11-10 23:45 - 2020-11-10 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2020-11-10 23:45 - 2020-11-10 23:45 - 000000000 ____D C:\Program Files\Defraggler 2020-11-10 20:18 - 2020-11-10 20:18 - 000000000 ____D C:\Users\Natalia\AppData\Local\CEF 2020-11-10 20:13 - 2020-11-10 20:59 - 000000000 ____D C:\ProgramData\AVG 2020-11-10 19:39 - 2020-11-10 19:39 - 000000687 _____ C:\Users\Natalia\Desktop\Studia Marek.lnk 2020-11-10 19:23 - 2020-11-10 19:31 - 000000000 ____D C:\Users\Natalia\Desktop\Pliki Excela 2013 2020-11-10 14:35 - 2020-11-10 14:35 - 000000000 ___SD C:\Users\Natalia\Documents\Moje źródła danych 2020-11-08 17:29 - 2020-11-08 17:58 - 000017904 _____ C:\Users\Natalia\Documents\proba.xlsm 2020-11-04 13:43 - 2020-11-04 13:43 - 000387396 _____ C:\Users\Natalia\Desktop\Oświadczenie HANASIUK.pdf 2020-11-04 13:42 - 2020-11-04 13:42 - 000148972 _____ C:\Users\Natalia\Desktop\Ślubowanie HANASIUK.pdf 2020-10-23 10:22 - 2020-11-10 11:39 - 000002809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2020-10-23 10:22 - 2020-11-10 11:39 - 000002803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-11-11 22:32 - 2020-06-05 17:28 - 000000000 ____D C:\Users\Natalia\AppData\LocalLow\Mozilla 2020-11-11 19:10 - 2009-07-14 05:45 - 000038256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-11-11 19:10 - 2009-07-14 05:45 - 000038256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-11-11 19:00 - 2011-04-12 14:21 - 000741402 _____ C:\Windows\system32\perfh015.dat 2020-11-11 19:00 - 2011-04-12 14:21 - 000156442 _____ C:\Windows\system32\perfc015.dat 2020-11-11 19:00 - 2009-07-14 06:13 - 001672684 _____ C:\Windows\system32\PerfStringBackup.INI 2020-11-11 19:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2020-11-11 18:54 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-11-11 18:44 - 2015-06-11 18:46 - 000000000 ____D C:\Windows\system32\MRT 2020-11-11 18:40 - 2015-06-11 18:46 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2020-11-10 21:02 - 2020-06-05 16:40 - 000110360 _____ C:\Users\Natalia\AppData\Local\GDIPFONTCACHEV1.DAT 2020-11-10 20:59 - 2020-06-05 18:48 - 000000000 ____D C:\Program Files\WinRAR 2020-11-10 20:59 - 2020-06-05 12:36 - 000413472 _____ C:\Windows\system32\FNTCACHE.DAT 2020-11-10 20:46 - 2020-06-05 18:48 - 000000000 ____D C:\Users\Natalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-11-10 20:46 - 2020-06-05 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-11-10 20:40 - 2020-10-11 07:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2020-11-10 20:33 - 2020-08-23 14:06 - 000000000 ____D C:\Users\Natalia\AppData\Local\CrashDumps 2020-11-10 20:33 - 2015-06-11 19:25 - 000000000 ____D C:\Windows\Panther 2020-11-10 11:39 - 2020-06-07 11:42 - 000002853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2020-11-10 11:39 - 2020-06-07 11:42 - 000002797 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2020-11-10 11:39 - 2020-06-07 11:42 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office 2016 2020-11-10 10:17 - 2020-06-07 11:37 - 000000000 ____D C:\Users\Natalia\AppData\Local\Microsoft Help 2020-11-10 10:02 - 2020-06-05 16:32 - 000000000 __SHD C:\Users\Natalia\IntelGraphicsProfiles 2020-11-09 20:55 - 2020-06-07 21:13 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-11-09 20:55 - 2020-06-07 21:13 - 000002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-11-09 20:55 - 2020-06-07 21:13 - 000002199 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-11-03 18:48 - 2020-06-05 12:42 - 000000000 ____D C:\Users\Natalia 2020-11-02 08:20 - 2020-06-05 17:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-11-01 22:32 - 2020-06-05 17:28 - 000000000 ____D C:\ProgramData\Mozilla 2020-11-01 22:19 - 2020-06-05 17:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-10-23 10:47 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2020-10-16 10:03 - 2020-06-07 21:12 - 000003482 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-10-16 10:03 - 2020-06-07 21:12 - 000003354 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-11-03 11:42 ==================== Koniec FRST.txt ========================