Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 30-08-2022 Uruchomiony przez Pawel (administrator) DESKTOP-0CNLLFJ (LENOVO 80QQ) (31-08-2022 21:57:47) Uruchomiony z C:\Users\Pawel\Desktop\frst Załadowane profile: Pawel Platform: Microsoft Windows 10 Home Wersja 21H2 19044.1889 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (C:\Users\Pawel\AppData\Local\GG\Application\gghub.exe ->) (Xevin Consulting -> GG Network S.A.) C:\Users\Pawel\AppData\Local\GG\Application\ggapp.exe (explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (explorer.exe ->) (GG Network S.A. -> GG Network S.A.) C:\Users\Pawel\AppData\Local\GG\Application\gghub.exe (explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Programy\Thunderbird\thunderbird.exe (explorer.exe ->) (NewSoftwares LLC -> NewSoftwares LLC) C:\totalcmd\NewSoftware's\Folder Lock\FLComServCtrl.exe (explorer.exe ->) (NewSoftwares LLC -> NewSoftwares LLC) C:\Windows\SysWOW64\WinFLTray.exe (explorer.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE (explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6> (explorer.exe ->) (TimoCom Soft- und Hardware GmbH) [Brak podpisu cyfrowego] C:\Programy\Timocom\tccargo.exe (Huawei Technologies Co., Ltd. -> ) C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Mozilla Corporation -> Mozilla Corporation) C:\Users\Pawel\AppData\Local\Mozilla Firefox\firefox.exe <12> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (services.exe ->) (NewSoftwares LLC -> NewSoftwares LLC) C:\Windows\SysWOW64\WinFLService.exe (services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (services.exe ->) (Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (NewSoftwares LLC -> NewSoftwares LLC) C:\totalcmd\NewSoftware's\Folder Lock\FLComServ.exe (Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167552 2022-05-18] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (Tim Kosse -> FileZilla Project) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKU\S-1-5-21-3564327160-1833272824-4067758669-1001\...\Run: [TC Login] => c:\programy\timocom\tccargo.exe [1215488 2019-03-12] (TimoCom Soft- und Hardware GmbH) [Brak podpisu cyfrowego] HKU\S-1-5-21-3564327160-1833272824-4067758669-1001\...\Run: [GG] => C:\Users\Pawel\AppData\Local\GG\Application\gghub.exe [4078144 2019-02-19] (GG Network S.A. -> GG Network S.A.) HKU\S-1-5-21-3564327160-1833272824-4067758669-1001\...\Run: [WinFLTray] => C:\WINDOWS\SysWow64\WinFLTray.ex (Brak pliku) HKU\S-1-5-21-3564327160-1833272824-4067758669-1001\...\Run: [FLBackup] => C:\totalcmd\NewSoftware's\Folder Lock\FLComServCtrl.ex (Brak pliku) HKU\S-1-5-21-3564327160-1833272824-4067758669-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [122611592 2022-08-11] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3564327160-1833272824-4067758669-1001\...\Run: [Google Update] => C:\Users\Pawel\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2022-08-31] (Google LLC -> Google LLC) HKU\S-1-5-21-3564327160-1833272824-4067758669-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EPSON XP-243 245 247 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBRFE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] Startup: C:\Users\Pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TWC Program Blocker.lnk [2020-09-14] ShortcutTarget: TWC Program Blocker.lnk -> C:\Program Files\MFSD\TWC Program Blocker.exe (The Windows Club) [Brak podpisu cyfrowego] GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {516FE3EC-B592-4E4C-961D-FDD4DDB35866} - System32\Tasks\CCleaner Update => C:\Users\Pawel\Desktop\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform) Task: {52260CFF-E783-4FF0-8D8C-3603882F78DE} - System32\Tasks\CCleanerSkipUAC - Pawel => C:\Users\Pawel\Desktop\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {6E7587DD-21BD-4B64-B6EB-E98D4091224A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3564327160-1833272824-4067758669-1001UA => C:\Users\Pawel\AppData\Local\Google\Update\GoogleUpdate.exe [154456 2021-06-21] (Google LLC -> Google LLC) Task: {7061B399-7C42-4B75-A794-5435CD142F5F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3564327160-1833272824-4067758669-1001Core => C:\Users\Pawel\AppData\Local\Google\Update\GoogleUpdate.exe [154456 2021-06-21] (Google LLC -> Google LLC) Task: {71FE6B87-525D-43EC-8FD2-4D95DC4D7DDB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {90B1B3D8-A164-41AA-91B6-3B26EDAEF17B} - Brak ścieżki do pliku Task: {95FDC24D-1E4B-49D9-A881-1C16A45E0AD3} - System32\Tasks\Mozilla\Firefox Default Browser Agent A1C0F5349B008582 => C:\Users\Pawel\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task "A1C0F5349B008582" Task: {B44B862C-A544-4265-9BD8-5BAF295C9C33} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-04-15] () [Brak podpisu cyfrowego] Task: {D441D1EA-4697-4400-BEBE-85C1BDDC9035} - System32\Tasks\EPSON XP-243 245 247 Series Update {30B90731-9A66-47EC-9A85-18CAB97C2BBC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\EPSON XP-243 245 247 Series Update {30B90731-9A66-47EC-9A85-18CAB97C2BBC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{30B90731-9A66-47EC-9A85-18CAB97C2BBC} /F:UpdateWORKGROUP\DESKTOP-0CNLLFJ$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0575b7e4-b1b9-427c-8b64-ca151542f1de}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ba1e76d3-5ff8-43c1-9dd4-8dc3df4f0a92}: [NameServer] 8.8.8.8,8.8.4.4 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge Profile: C:\Users\Pawel\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-03] FireFox: ======== FF DefaultProfile: j4jmbztu.default-1619771346167 FF ProfilePath: C:\Users\Pawel\AppData\Roaming\Mozilla\Firefox\Profiles\a9xg3iwb.default-release [2022-08-31] FF Homepage: Mozilla\Firefox\Profiles\a9xg3iwb.default-release -> hxxps://auth.platform.trans.eu/accounts/login?login_challenge=2d3d0e5481bc4037a968e0c3822cae14&redirect_uri=https%3A%2F%2Fplatform.trans.eu%2Fsso FF Notifications: Mozilla\Firefox\Profiles\a9xg3iwb.default-release -> hxxps://platform.trans.eu FF ProfilePath: C:\Users\Pawel\AppData\Roaming\Mozilla\Firefox\Profiles\j4jmbztu.default-1619771346167 [2022-07-03] FF Homepage: Mozilla\Firefox\Profiles\j4jmbztu.default-1619771346167 -> hxxps://platform.trans.eu/trans-info FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-06-15] Chrome: ======= CHR Profile: C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default [2022-08-31] CHR StartupUrls: Default -> "hxxps://auth.platform.trans.eu/accounts/login?login_challenge=3c0af197930b4a71a852c239aae6c9e7&redirect_uri=https%3A%2F%2Fplatform.trans.eu%2Fsso" CHR Extension: (Adobe Acrobat: edycja plików PDF, konwertowanie, narzędzia podpisywania) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-08-31] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [44568 2022-05-18] (ESET, spol. s r.o. -> ESET) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3143584 2022-05-18] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3143584 2022-05-18] (ESET, spol. s r.o. -> ESET) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2016-11-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (Tim Kosse -> FileZilla Project) R2 FLService; C:\WINDOWS\SysWOW64\WinFLService.exe [94784 2020-07-23] (NewSoftwares LLC -> NewSoftwares LLC) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-04-10] (Huawei Technologies Co., Ltd. -> ) S2 Mobile Partner. RunOuc; C:\Programy\Mobile Partner\UpdateDog\ouc.exe [656976 2013-05-21] (Huawei Technologies Co., Ltd. -> ) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project) S3 AppleIPod; C:\WINDOWS\System32\drivers\AppleIPod.sys [30096 2021-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [184936 2022-05-18] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [123512 2022-05-18] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-08] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [203040 2022-05-18] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [44944 2022-05-18] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70776 2022-05-18] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [111624 2022-05-18] (ESET, spol. s r.o. -> ESET) S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 glavcam; C:\WINDOWS\system32\DRIVERS\glavcam.sys [3476736 2015-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [375040 2013-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R2 NEWDRIVER; C:\WINDOWS\SysWow64\WinVDEdrv6.sys [197648 2020-07-23] (NewSoftwares.net Inc. SDN. BHD. -> ) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36472 2020-07-23] (Newsoftwares.net, Inc SDN BHD -> ) R2 WinVDEDrv; C:\WINDOWS\SysWow64\WinVDEdrv.sys [225680 2020-07-23] (NewSoftwares.net Inc. SDN. BHD. -> NewSoftwares.net, Inc.) R2 WiseFs; C:\WINDOWS\WiseFs64.sys [66128 2020-08-06] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com) U3 avgbdisk; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-08-31 21:56 - 2022-08-31 21:57 - 000000000 ____D C:\Users\Pawel\Desktop\frst 2022-08-31 21:55 - 2022-08-31 21:58 - 000000000 ____D C:\FRST 2022-08-31 21:34 - 2022-08-31 21:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-08-31 08:01 - 2022-08-31 21:34 - 000000000 ____D C:\Users\Pawel\AppData\Local\Mozilla Firefox 2022-08-29 13:49 - 2022-08-29 14:37 - 000054583 _____ C:\Users\Pawel\Desktop\wyniki.pdf 2022-08-29 13:02 - 2022-08-29 13:06 - 000232751 _____ C:\Users\Pawel\Downloads\wyniki 2022.ods 2022-08-29 10:51 - 2022-08-30 16:05 - 000031670 _____ C:\Users\Pawel\Desktop\wyniki 2022.ods 2022-08-19 09:06 - 2022-08-19 11:26 - 000000000 ____D C:\Users\Pawel\Desktop\poniedziałek 2022-08-17 13:07 - 2022-08-17 13:07 - 000040681 _____ C:\Users\Pawel\Downloads\Faktura nr F_0034_08_SP_22.pdf 2022-08-17 13:05 - 2022-08-17 13:05 - 000041295 _____ C:\Users\Pawel\Downloads\Faktura nr F_0037_08_SP_22.pdf 2022-08-17 13:05 - 2022-08-17 13:05 - 000040708 _____ C:\Users\Pawel\Downloads\Faktura nr F_0036_08_SP_22.pdf 2022-08-17 11:34 - 2022-08-17 11:34 - 000936558 ____R C:\Users\Pawel\Downloads\wniosek na ekogroszek.pdf 2022-08-17 10:00 - 2022-08-17 10:00 - 000235213 ____R C:\Users\Pawel\Downloads\OWA - SUFITY PODWIESZANE-1.pdf 2022-08-17 09:58 - 2022-08-17 09:58 - 001487823 ____R C:\Users\Pawel\Downloads\201910_Montagehinweise Klemmsystem_pl_korr.pdf 2022-08-17 09:57 - 2022-08-17 09:57 - 000235213 ____R C:\Users\Pawel\Downloads\OWA - SUFITY PODWIESZANE.pdf 2022-08-16 13:48 - 2022-08-16 13:48 - 000041264 _____ C:\Users\Pawel\Downloads\Faktura WE nr FUE_0012_08_SP_22 (1).pdf 2022-08-16 13:45 - 2022-08-16 13:45 - 000041216 _____ C:\Users\Pawel\Downloads\Faktura nr F_0032_08_SP_22.pdf 2022-08-16 13:44 - 2022-08-16 13:44 - 000041271 _____ C:\Users\Pawel\Downloads\Faktura WE nr FUE_0011_08_SP_22.pdf 2022-08-16 13:44 - 2022-08-16 13:44 - 000041268 _____ C:\Users\Pawel\Downloads\Faktura WE nr FUE_0010_08_SP_22.pdf 2022-08-16 13:44 - 2022-08-16 13:44 - 000040671 _____ C:\Users\Pawel\Downloads\Faktura nr F_0031_08_SP_22.pdf 2022-08-16 13:29 - 2022-08-16 13:29 - 000041264 _____ C:\Users\Pawel\Downloads\Faktura WE nr FUE_0012_08_SP_22.pdf 2022-08-16 10:21 - 2022-08-30 09:07 - 000000000 ____D C:\Users\Pawel\Desktop\WUPZ44244 16.08 + 2022-08-10 11:31 - 2022-08-10 11:31 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2022-08-10 11:31 - 2022-08-10 11:31 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2022-08-10 11:30 - 2022-08-10 11:30 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-08-10 11:30 - 2022-08-10 11:30 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-08-10 11:30 - 2022-08-10 11:30 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2022-08-10 11:30 - 2022-08-10 11:30 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2022-08-10 11:30 - 2022-08-10 11:30 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-08-10 11:30 - 2022-08-10 11:30 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-08-10 11:10 - 2022-08-10 11:10 - 000000000 ___HD C:\$WinREAgent 2022-08-04 10:32 - 2022-08-04 10:33 - 002041428 ____R C:\Users\Pawel\Downloads\42_mtechnologiereklamaartykulnastrzyk.pdf 2022-08-01 14:32 - 2022-08-01 14:32 - 000480833 _____ C:\Users\Pawel\Documents\schenker.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-08-31 21:44 - 2019-03-12 08:59 - 000000000 ____D C:\Programy 2022-08-31 21:35 - 2022-02-12 09:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-08-31 21:34 - 2019-03-12 09:01 - 000000000 ____D C:\Users\Pawel\AppData\LocalLow\Mozilla 2022-08-31 21:33 - 2021-06-15 08:31 - 000001277 _____ C:\Users\Pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-08-31 21:24 - 2019-03-12 10:36 - 000000000 ____D C:\Users\Pawel\AppData\Roaming\GG 2022-08-31 21:24 - 2019-03-11 15:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-08-31 21:24 - 2019-03-11 15:30 - 000000000 __SHD C:\Users\Pawel\IntelGraphicsProfiles 2022-08-31 16:11 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-08-31 16:08 - 2019-03-12 09:33 - 000000000 ___RD C:\Users\Pawel\Desktop\Ut dokumenty 2022-08-31 15:27 - 2021-04-15 16:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-08-31 13:51 - 2019-03-12 09:35 - 000000000 ___RD C:\Users\Pawel\Desktop\zlecenia sprzedaz 2022-08-31 12:55 - 2021-06-21 11:27 - 000003834 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3564327160-1833272824-4067758669-1001UA 2022-08-31 12:55 - 2021-06-21 11:27 - 000003566 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3564327160-1833272824-4067758669-1001Core 2022-08-31 12:10 - 2019-03-12 09:33 - 000000000 ___RD C:\Users\Pawel\Desktop\zlecenia od firm 2022-08-31 07:56 - 2021-06-21 11:29 - 000002508 _____ C:\Users\Pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-08-30 14:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-08-29 11:40 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-29 09:36 - 2021-09-23 08:27 - 000000000 ____D C:\Users\Pawel\Desktop\do dzis 2022-08-29 07:58 - 2020-06-15 08:08 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-08-29 07:55 - 2021-12-13 09:04 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3564327160-1833272824-4067758669-1001 2022-08-29 07:55 - 2021-09-24 10:23 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3564327160-1833272824-4067758669-1001 2022-08-29 07:55 - 2021-04-15 11:03 - 000002427 _____ C:\Users\Pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-08-29 07:52 - 2021-04-15 16:29 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-08-29 07:52 - 2021-04-15 16:29 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-08-18 08:06 - 2020-10-14 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2022-08-14 08:04 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-08-12 09:46 - 2019-12-07 17:10 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2022-08-12 08:05 - 2019-03-11 15:41 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-08-11 08:08 - 2021-04-15 16:27 - 001678234 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-08-11 08:08 - 2019-12-07 17:08 - 000748784 _____ C:\WINDOWS\system32\perfh015.dat 2022-08-11 08:08 - 2019-12-07 17:08 - 000144494 _____ C:\WINDOWS\system32\perfc015.dat 2022-08-11 08:00 - 2021-04-15 16:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-08-11 08:00 - 2021-04-15 16:17 - 000008192 ___SH C:\DumpStack.log.tmp 2022-08-10 16:01 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-08-10 16:00 - 2021-04-15 16:17 - 000518880 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-08-10 15:59 - 2019-12-07 17:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-08-10 15:59 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-08-10 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-08-10 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-08-10 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-08-10 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-08-10 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-08-10 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-08-10 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-08-10 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-08-10 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-08-10 11:35 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-08-10 11:30 - 2021-04-15 16:17 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-08-10 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-08-10 08:15 - 2019-03-11 15:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-08-10 08:09 - 2019-03-11 15:32 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-08-03 13:11 - 2022-07-04 12:46 - 000254434 _____ C:\Users\Pawel\Desktop\ForwardedMessage.eml ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-07-23 08:42 - 2021-03-17 13:45 - 000002568 ___SH () C:\ProgramData\win_mpwd_sys.dat 2020-08-04 12:01 - 2020-08-05 08:10 - 000000123 _____ () C:\Users\Pawel\AppData\Local\HackLogs.dat 2022-06-07 10:46 - 2022-06-07 10:46 - 000003258 _____ () C:\Users\Pawel\AppData\Local\recently-used.xbel 2020-07-23 09:08 - 2021-03-17 13:45 - 000000700 ___SH () C:\Users\Pawel\AppData\Local\systemFL7.dat 2020-07-23 08:42 - 2020-08-06 12:34 - 000002599 ___SH () C:\Users\Pawel\AppData\Local\win_fldb_sys.dat 2020-07-23 08:40 - 2021-03-17 13:45 - 000011781 ___SH () C:\Users\Pawel\AppData\Local\win_flfiles_sys.dat 2020-07-23 08:40 - 2021-03-17 13:45 - 000003465 ___SH () C:\Users\Pawel\AppData\Local\win_stlthdb_sys.dat ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================