Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-08-2021
Uruchomiony przez Admin (administrator)  RYSIEK (FUJITSU SIEMENS ESPRIMO E3510) (19-08-2021 19:59:46)
Uruchomiony z C:\Users\Admin\Desktop\FRST - Komputer Nr.2
Załadowane profile: Admin
Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska)
Domyślna przeglądarka: FF
Tryb startu: Normal

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Asseco Data Systems S.A. -> Certum) C:\Program Files (x86)\Certum\proCertum CardManager\cryptoCertumScanner.exe
(Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <10>
(QNAP Systems, Inc. -> ) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(QNAP Systems, Inc. -> QNAP Systems, Inc.) C:\Program Files\QNAP\NetBak\QVssService.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [832744 2016-10-25] (Oki Data Corporation -> Oki Data Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [165928 2021-08-13] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [8228664 2016-07-06] (QNAP Systems, Inc. -> )
HKLM-x32\...\Run: [AutoRegisterCerts] => C:\Program Files (x86)\Certum\proCertum CardManager\cryptoCertumScanner.exe [161224 2016-10-18] (Asseco Data Systems S.A. -> Certum)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-12-07] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
HKU\S-1-5-21-1798140932-2068760221-4240190395-1000\...\MountPoints2: E - E:\Lenovo_Suite.exe
HKU\S-1-5-21-1798140932-2068760221-4240190395-1000\...\MountPoints2: {12654baa-19c7-11e7-a5ac-0019995b36b3} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-1798140932-2068760221-4240190395-1000\...\MountPoints2: {82356ed5-7fc9-11e6-88d0-0019995b36b3} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2018-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp160: C:\Windows\System32\spool\prtprocs\x64\hpcpp160.dll [602912 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\OKX05HPP: C:\Windows\System32\spool\prtprocs\x64\OKX05HPP.DLL [52224 2015-12-23] (Oki Data Corporation) [Brak podpisu cyfrowego]
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW081.DLL [74016 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Print\Monitors\HPMLM135: C:\Windows\system32\hpmlm135.dll [237344 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\Windows\system32\OPPFLM64.DLL [24064 2011-07-04] (Oki Data Corporation) [Brak podpisu cyfrowego]
HKLM\...\Print\Monitors\PJL Language Monitor: C:\Windows\system32\PJLMON.DLL [22016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-05-28] (Adobe Inc. -> Adobe Systems, Inc.)
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0DFCCA90-241C-41A8-825D-86E52D79FCE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-13] (Google Inc -> Google Inc.)
Task: {32559C57-72DC-4AC3-8078-70136F2787AF} - System32\Tasks\Mozilla\Firefox Default Browser Agent D02ED4FEE9577B7E => C:\Program Files (x86)\mozilla firefox\default-browser-agent.exe [619448 2021-08-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {6AF17DA5-AD03-4C3D-B8E2-358D82AA5234} - System32\Tasks\{5112AB9B-03FE-46B8-8DB2-874C30AD1A55} => Z:\GRATYF3\SYSTEM\GRATYFIK.EXE
Task: {7F23F8DE-4974-4C78-95E0-3E544C3AF3BA} - System32\Tasks\{68E57A3F-C51C-4D3D-B9CE-36AE7591BEC7} => Z:\GRATYF3\SYSTEM\GRATYFIK.EXE
Task: {8EC4C75A-9C82-48E1-A772-888C1E726F2F} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1739576 2016-07-06] (QNAP Systems, Inc. -> )
Task: {8F9A9932-0ED5-4F6C-8E04-C3F3AED03654} - System32\Tasks\{E1E8949F-EEAC-4769-8248-726ED3ECFC68} => Z:\GRATYF3\SYSTEM\GRATYFIK.EXE
Task: {97D08542-193D-43F2-AADF-AB6F4D3A14BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [619448 2021-08-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {A83E33BC-BBB4-4339-992C-98522AE13EE3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {EA694AFB-2262-4197-826A-C6B6B660EFEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-13] (Google Inc -> Google Inc.)
Task: {F6D62B4A-3CD6-4312-B153-306556250929} - System32\Tasks\{061545BD-5024-45F9-8E42-3C516743E493} => Z:\GRATYF3\SYSTEM\GRATYFIK.EXE

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\..\Interfaces\{69DE944B-BFF9-42BB-81B0-D8037861E2B2}: [NameServer] 194.204.152.34,31.1.147.86
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.77.1,-1]

FireFox:
========
FF DefaultProfile: zh9bh4s7.default-1505976177950-1529476052322
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zh9bh4s7.default-1505976177950-1529476052322 [2021-08-19]
FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zh9bh4s7.default-1505976177950-1529476052322\Extensions\uBlock0@raymondhill.net.xpi [2021-08-03]
FF Extension: (Szafir SDK Web) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zh9bh4s7.default-1505976177950-1529476052322\Extensions\{5e118bad-a840-4256-bd31-296194533aac}.xpi [2020-05-14] [UpdateUrl:hxxps://www.elektronicznypodpis.pl/download/webmodule/firefox/updates.json]
FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2018-09-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2018-09-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> Z:\Rysiek\Rysiek1\NetBakData\Picasa3\npPicasa3.dll [Brak pliku]
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-08-19]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2021-08-02]
CHR Notifications: Default -> hxxps://artykuly.softonic.pl; hxxps://bezprawnik.pl; hxxps://bigl.ua; hxxps://www.medonet.pl; hxxps://www.money.pl
CHR StartupUrls: Default -> "hxxp://wp.pl/"
CHR NewTab: Default ->  Not-active:"chrome-extension://mpkhmmacbjndakceaikggpnnnddijeen/ntp1.html"
CHR Extension: (Prezentacje) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Dysk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-04]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Arkusze) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-12]
CHR Extension: (PConverter) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpkhmmacbjndakceaikggpnnnddijeen [2020-06-15]
CHR Extension: (fillUp Formularze - dodatek) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlnpeeaafijaebcdgkdeojkpnkfkjdnh [2021-05-13]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-08]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-02]
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca]
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [nlnpeeaafijaebcdgkdeojkpnkfkjdnh]

==================== Usługi (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 AktualizujPP; C:\Program Files (x86)\Asseco Poland SA\Płatnik\ASSECO.AKTUALIZUJ.PP.exe [46592 2021-04-07] (Asseco Poland S.A., Comarch S.A.) [Brak podpisu cyfrowego]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-12-07] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [3079464 2021-08-13] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [3079464 2021-08-13] (ESET, spol. s r.o. -> ESET)
R2 MSSQL$INSERTGT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe [62218696 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [Brak podpisu cyfrowego]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [Brak podpisu cyfrowego]
R2 QVssService; C:\Program Files\QNAP\NetBak\QVssService.exe [2203824 2015-10-07] (QNAP Systems, Inc. -> QNAP Systems, Inc.)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$INSERTGT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH -> TeamViewer GmbH)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Sterowniki (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 ACSSCR; C:\Windows\System32\DRIVERS\a38usb.sys [81264 2018-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [169424 2021-08-03] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [123472 2021-08-03] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [194776 2021-08-03] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43904 2021-08-03] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [70232 2021-08-03] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [55840 2021-08-03] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [107456 2021-08-03] (ESET, spol. s r.o. -> ESET)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
R1 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
S3 QDrive; \??\C:\Users\Admin\AppData\Local\Temp\QDrive.sys [X] <==== UWAGA

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc (utworzone) (Wszystkie) =========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-08-19 19:58 - 2021-08-19 20:01 - 000000000 ____D C:\FRST
2021-08-19 19:56 - 2021-08-19 19:59 - 000000000 ____D C:\Users\Admin\Desktop\FRST - Komputer Nr.2
2021-08-18 18:16 - 2021-08-18 19:06 - 000000000 ____D C:\Users\Admin\Desktop\Nowy folder
2021-08-17 18:59 - 2021-08-19 09:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-16 12:46 - 2021-08-16 13:17 - 000025990 _____ C:\Users\Admin\Desktop\07-2021.odt
2021-07-29 14:45 - 2021-07-29 14:45 - 000000000 ____D C:\Users\Admin\AppData\Local\CipSoft GmbH
2021-07-29 14:36 - 2021-07-30 12:10 - 000000000 ____D C:\Users\Admin\AppData\Local\Tibia
2021-07-23 14:30 - 2021-07-23 14:26 - 000112313 _____ C:\Users\Admin\Desktop\29-2021.pdf
2021-07-23 11:15 - 2021-07-23 11:15 - 000055964 _____ C:\Users\Admin\Downloads\wyniki(2).zip
2021-07-20 13:32 - 2021-07-20 13:32 - 000000000 ____D C:\Users\Admin\Desktop\14

==================== Jeden miesiąc (zmodyfikowane) ==================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-08-19 19:53 - 2009-07-14 06:45 - 000026528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-08-19 19:53 - 2009-07-14 06:45 - 000026528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-08-19 19:34 - 2010-05-16 01:28 - 000806594 _____ C:\Windows\system32\perfh015.dat
2021-08-19 19:34 - 2010-05-16 01:28 - 000181098 _____ C:\Windows\system32\perfc015.dat
2021-08-19 19:34 - 2009-07-14 07:13 - 001856916 _____ C:\Windows\system32\PerfStringBackup.INI
2021-08-19 19:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-08-19 19:25 - 2015-04-13 10:29 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-19 09:40 - 2019-02-05 16:17 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-19 09:39 - 2018-03-28 09:23 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2021-08-19 09:36 - 2018-02-26 16:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-19 09:36 - 2015-09-14 15:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-19 09:36 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-08-19 06:59 - 2020-12-28 08:57 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-08-19 01:27 - 2015-04-13 10:30 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-19 01:27 - 2015-04-13 10:30 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-17 16:49 - 2015-04-11 12:06 - 000000000 ____D C:\Baza płatnik
2021-08-05 00:20 - 2015-04-13 10:29 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 00:20 - 2015-04-13 10:29 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-03 13:42 - 2015-04-11 15:18 - 000000000 ____D C:\Users\Admin\AppData\Roaming\GofinDruki
2021-08-03 12:22 - 2015-04-08 19:34 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-08-03 12:22 - 2015-04-08 19:34 - 000000000 ____D C:\Windows\system32\Macromed
2021-08-03 07:56 - 2018-06-14 08:13 - 000043904 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2021-08-03 07:56 - 2018-04-12 16:26 - 000123472 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2021-08-03 07:56 - 2017-02-13 11:34 - 000055840 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys
2021-08-03 07:56 - 2015-07-14 16:29 - 000194776 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2021-08-03 07:56 - 2015-07-14 16:29 - 000169424 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2021-08-03 07:56 - 2015-07-14 16:29 - 000107456 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2021-08-03 07:56 - 2015-07-14 16:29 - 000070232 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2021-07-30 06:43 - 2018-09-20 08:22 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-29 14:38 - 2018-03-09 12:16 - 000000000 ____D C:\Users\Admin\Desktop\takie tam
2021-07-26 12:42 - 2021-06-22 16:29 - 000000000 ____D C:\Users\Admin\Desktop\JERSEY

==================== Pliki w katalogu głównym wybranych folderów ========

2016-02-25 11:32 - 2016-02-25 11:32 - 000003227 _____ () C:\Users\Admin\AppData\Local\unins000.dat
2016-02-25 11:32 - 2016-02-25 11:32 - 000707672 _____ () C:\Users\Admin\AppData\Local\unins000.exe
2016-02-25 11:32 - 2016-02-25 11:32 - 000011761 _____ () C:\Users\Admin\AppData\Local\unins000.msg

==================== SigCheck ============================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)


LastRegBack: 2021-08-10 18:25
==================== Koniec  FRST.txt ========================