Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 08-07-2020 01 Uruchomiony przez Super Zabaweczki (administrator) DESKTOP-HVHJA8D (LENOVO 10A6S1LS00) (13-07-2020 12:52:40) Uruchomiony z C:\Users\super\Desktop\Nowy folder (4) Załadowane profile: Super Zabaweczki Platform: Windows 10 Pro Wersja 1903 18362.900 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe <3> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2> (Apache Software Foundation) [Brak podpisu cyfrowego] C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation) [Brak podpisu cyfrowego] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin (Apache Software Foundation) [Brak podpisu cyfrowego] C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe (Famatech Corp. -> Famatech Corp.) C:\Windows\SysWOW64\rserver30\FamItrfc.Exe <2> (Famatech Corp. -> Famatech Corp.) C:\Windows\SysWOW64\rserver30\rserver3.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8> (InsERT S.A. -> InsERT S.A.) C:\Program Files (x86)\InsERT\InsERT GT\Subiekt.exe (InsERT S.A. -> InsERT S.A.) C:\Program Files (x86)\InsERT\Sello\Sello.exe (Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.INSERTGT\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\super\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20032.12611.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Zebra Technologies Corporation -> Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Seagull Drivers V3] => C:\Program Files\Seagull\Printer Drivers\Common\Seagull_DriverStartup.exe [533776 2019-08-03] (Seagull Scientific, Inc -> Seagull Scientific, Inc.) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [1799040 2020-05-27] (Famatech Corp. -> Famatech Corp.) HKU\S-1-5-21-1850963364-1419611553-3944585861-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1850963364-1419611553-3944585861-1001\...\MountPoints2: {66b9e027-10eb-11ea-a216-08beac02b990} - "D:\HiSuiteDownLoader.exe" HKLM\...\Print\Monitors\NL_Zebra Language Monitor: C:\WINDOWS\system32\NL_ZebraLM.dll [920856 2020-01-22] (Euro Plus d.o.o. -> NiceLabel) HKLM\...\Print\Monitors\Seagull V3 Network Monitor: C:\WINDOWS\system32\Seagull_V3_NetMonDispatcher.dll [594704 2019-08-05] (Seagull Scientific, Inc -> Seagull Scientific, Inc.) HKLM\...\Print\Monitors\ZDesigner Language Monitor: C:\WINDOWS\system32\zdnNLM64.dll [611328 2019-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Euro Plus d.o.o.) HKLM\...\Print\Monitors\ZDesigner Port Monitor: C:\WINDOWS\system32\zdnPMS.dll [256504 2019-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Euro Plus d.o.o.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-07-10] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {4DA84923-9F2F-406B-B3C3-9CD8C8D17AD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-05] (Google LLC -> Google LLC) Task: {5A1EABE9-7540-4767-8AC6-7E79EFC02169} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.) Task: {5E1099CE-F496-4D14-9C20-7EC5FF916408} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-05] (Google LLC -> Google LLC) Task: {7D1C8FEE-8265-4CFB-BE2C-F7DA7DBF149B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412952 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {85CAB007-8592-4423-86FE-3969125FC9F1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {87203F39-871C-4885-88F5-6FB9D08A2E7F} - System32\Tasks\AdwCleaner_onReboot => C:\Users\super\Downloads\AdwCleaner.exe Task: {9112083B-FA5B-4728-B3B7-1EFE62F0672F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B6D7BF8B-ACFD-4C64-835F-43889687853E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BAE702AE-BC3E-46B3-B47A-112A4019D862} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C1E68B0F-1B20-482A-B9B7-F0B3E74A02E9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-09] (Mozilla Corporation -> Mozilla Foundation) Task: {C2EA22B7-C2F2-4A3D-85BD-EDF1249D0B7B} - System32\Tasks\Odkurzacz => C:\Program Files (x86)\Odkurzacz\odkurzacz.exe [1069056 2019-11-07] (FranmoSoftware) [Brak podpisu cyfrowego] Task: {C3CD993C-5A1A-4FE4-B26E-1B4F5C2F4559} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C788FA06-148B-45FE-9B47-6671669B7F19} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F91AB0BC-6C4B-42A8-BD30-D561C52D61EA} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1413384 2015-09-30] (Realtek Semiconductor Corp -> Realtek Semiconductor) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{4cf731ae-4648-4377-a310-2dcca6a1306f}: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{c029ad39-c0fb-449e-949c-1a17cf1dabc0}: [DhcpNameServer] 192.168.100.1 Internet Explorer: ================== HKU\S-1-5-21-1850963364-1419611553-3944585861-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-07-09 03:29:39&bName= Edge: ====== Edge DefaultProfile: Default Edge Profile: C:\Users\super\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-13] FireFox: ======== FF DefaultProfile: ci1jj1ch.default FF ProfilePath: C:\Users\super\AppData\Roaming\Mozilla\Firefox\Profiles\ci1jj1ch.default [2020-07-10] FF NewTab: Mozilla\Firefox\Profiles\ci1jj1ch.default -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-07-09 03:29:39&bName= FF ProfilePath: C:\Users\super\AppData\Roaming\Mozilla\Firefox\Profiles\1kkml37a.default-release [2020-07-13] FF Homepage: Mozilla\Firefox\Profiles\1kkml37a.default-release -> hxxps://www.google.com/ FF NewTab: Mozilla\Firefox\Profiles\1kkml37a.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2020-07-09 03:29:39&bName= FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\super\AppData\Local\Google\Chrome\User Data\Default [2020-07-13] CHR Extension: (Prezentacje) - C:\Users\super\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-05] CHR Extension: (Dokumenty) - C:\Users\super\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-05] CHR Extension: (Dysk Google) - C:\Users\super\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-05] CHR Extension: (YouTube) - C:\Users\super\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-05] CHR Extension: (Arkusze) - C:\Users\super\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-05] CHR Extension: (Dokumenty Google offline) - C:\Users\super\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-07-08] CHR Extension: (Chrome Remote Desktop) - C:\Users\super\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-07-08] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\super\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-05] CHR Extension: (Gmail) - C:\Users\super\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-05] CHR Extension: (Chrome Media Router) - C:\Users\super\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-08] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3189712 2020-07-10] (philandro Software GmbH -> philandro Software GmbH) S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe [72176 2020-04-03] (Google LLC -> Google Inc.) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [363440 2015-11-20] (Intel Corporation - pGFX -> Intel Corporation) R2 MSSQL$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL12.INSERTGT\MSSQL\Binn\sqlservr.exe [372416 2016-06-18] (Microsoft Corporation -> Microsoft Corporation) R2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [71088 2015-11-19] (Zebra Technologies Corporation -> Nalpeiron Ltd.) R2 RServer3; C:\WINDOWS\SysWOW64\rserver30\RServer3.exe [1164400 2017-12-07] (Famatech Corp. -> Famatech Corp.) R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1061248 2020-05-27] (Famatech Corp. -> Famatech Corp.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-17] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SQLAgent$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL12.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [613056 2016-06-18] (Microsoft Corporation -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109776 2020-07-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-01] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-29] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 LBAI; C:\WINDOWS\System32\Drivers\LBAI.sys [30432 2017-04-29] (Lenovo -> Lenovo) R1 mirrorv3; C:\WINDOWS\System32\drivers\rminiv3.sys [5632 2012-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Famatech International Corp.) R1 raddrvv3; C:\WINDOWS\SysWOW64\rserver30\raddrvv3.sys [96128 2017-12-12] (Famatech Corp. -> Famatech Corp.) R1 RsFx0320; C:\WINDOWS\System32\DRIVERS\RsFx0320.sys [250048 2016-06-18] (Microsoft Corporation -> Microsoft Corporation) R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation) R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2020-05-27] (Famatech Corp. -> Famatech Corp.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45976 2020-07-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [408816 2020-07-01] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-01] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-07-13 11:29 - 2020-07-13 11:29 - 001497440 _____ C:\Users\super\Desktop\kontener 1974 specjalna[24032].ods 2020-07-10 16:31 - 2020-07-10 16:33 - 000000000 ____D C:\ProgramData\AnyDesk 2020-07-10 16:31 - 2020-07-10 16:31 - 000001961 _____ C:\Users\Public\Desktop\AnyDesk.lnk 2020-07-10 16:31 - 2020-07-10 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk 2020-07-10 16:31 - 2020-07-10 16:31 - 000000000 ____D C:\Program Files (x86)\AnyDesk 2020-07-10 16:30 - 2020-07-10 16:31 - 000000000 ____D C:\Users\super\AppData\Roaming\AnyDesk 2020-07-10 16:30 - 2020-07-10 16:30 - 003189712 _____ (philandro Software GmbH) C:\Users\super\Downloads\AnyDesk.exe 2020-07-10 16:22 - 2020-07-10 16:22 - 027646200 _____ (TeamViewer Germany GmbH) C:\Users\super\Downloads\TeamViewer_Setup (1).exe 2020-07-10 16:22 - 2020-07-10 16:22 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk 2020-07-10 16:22 - 2020-07-10 16:22 - 000001104 _____ C:\Users\Public\Desktop\TeamViewer.lnk 2020-07-10 16:19 - 2020-07-10 16:20 - 021790024 _____ (Famatech Corp. ) C:\Users\super\Downloads\Radmin_VPN_1.1.3970.4.exe 2020-07-10 16:10 - 2020-07-10 16:10 - 000000265 _____ C:\Users\super\Desktop\tt.txt 2020-07-10 16:06 - 2020-07-10 16:06 - 027646200 _____ (TeamViewer Germany GmbH) C:\Users\super\Downloads\TeamViewer_Setup(1).exe 2020-07-10 13:01 - 2020-07-10 13:01 - 000009728 _____ C:\Users\super\Downloads\Raport_COD(118).xls 2020-07-10 11:40 - 2020-07-10 11:40 - 005870017 _____ C:\Users\super\Desktop\Katalog Polesie 2020 PL - LALKI.xlsx 2020-07-10 11:37 - 2020-07-10 11:37 - 000049290 _____ C:\Users\super\Desktop\pantera922.pdf 2020-07-09 21:41 - 2020-07-09 21:41 - 000177359 _____ C:\Users\super\Documents\FV № FV-2068 от 03.07.2020.pdf 2020-07-09 20:01 - 2020-07-13 12:52 - 000000000 ____D C:\Users\super\Desktop\Nowy folder (4) 2020-07-09 19:57 - 2020-07-13 12:52 - 000000000 ____D C:\FRST 2020-07-09 19:27 - 2020-07-09 19:27 - 000448512 _____ (OldTimer Tools) C:\Users\super\Downloads\TFC.exe 2020-07-09 19:26 - 2020-07-09 19:26 - 000000369 _____ C:\DelFix.txt 2020-07-09 18:27 - 2020-07-09 18:27 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2020-07-09 18:26 - 2020-07-09 18:26 - 051845160 _____ (SUPERAntiSpyware) C:\Users\super\Downloads\SUPERAntiSpywarePro.exe 2020-07-09 18:26 - 2020-07-09 18:26 - 000000000 ____D C:\Users\super\AppData\Local\mbam 2020-07-09 18:25 - 2020-07-09 18:25 - 002012560 _____ (Malwarebytes) C:\Users\super\Downloads\MBSetup.exe 2020-07-09 18:25 - 2020-07-09 18:25 - 000000000 ____D C:\Program Files\Malwarebytes 2020-07-09 18:17 - 2020-07-09 18:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-07-09 18:15 - 2020-07-10 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-07-09 17:37 - 2020-07-09 17:46 - 000003164 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot 2020-07-09 17:29 - 2020-07-09 17:37 - 000000000 ____D C:\Users\super\AppData\Roaming\Lavasoft 2020-07-09 17:29 - 2020-07-09 17:37 - 000000000 ____D C:\Users\super\AppData\Local\Lavasoft 2020-07-09 17:29 - 2020-07-09 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2020-07-09 17:29 - 2020-07-09 17:37 - 000000000 ____D C:\ProgramData\Lavasoft 2020-07-09 17:29 - 2020-07-09 17:37 - 000000000 ____D C:\Program Files (x86)\Lavasoft 2020-07-09 17:29 - 2020-07-09 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alternate Quick Audio 2020-07-09 17:29 - 2020-07-09 17:29 - 000000000 ____D C:\Program Files (x86)\Sound Normalizer 2020-07-09 17:29 - 2020-07-09 17:29 - 000000000 ____D C:\Program Files (x86)\Alternate 2020-07-09 17:14 - 2020-07-09 17:14 - 000036408 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2020-07-09 17:04 - 2020-07-09 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin Server 3 2020-07-09 16:49 - 2020-07-09 16:49 - 000000000 ____D C:\Users\super\AppData\Local\Downloaded Installations 2020-07-09 16:44 - 2020-07-09 17:40 - 000000000 ____D C:\Program Files (x86)\WinRAR 2020-07-09 16:44 - 2020-07-09 16:44 - 000000000 ____D C:\Users\super\AppData\Roaming\WinRAR 2020-07-09 16:44 - 2020-07-09 16:44 - 000000000 ____D C:\Users\super\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-07-09 16:44 - 2020-07-09 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-07-09 01:01 - 2019-02-22 11:28 - 000001688 _____ C:\Users\super\Downloads\readme.txt 2020-07-09 01:01 - 2019-02-22 11:26 - 000048844 _____ C:\Users\super\Downloads\History.txt 2020-07-09 01:01 - 2019-02-21 19:00 - 000014336 _____ (Igor Pavlov) C:\Users\super\Downloads\Uninstall.exe 2020-07-09 01:01 - 2019-02-21 18:00 - 001141248 _____ (Igor Pavlov) C:\Users\super\Downloads\7z.dll 2020-07-09 01:01 - 2019-02-21 18:00 - 000535040 _____ (Igor Pavlov) C:\Users\super\Downloads\7zFM.exe 2020-07-09 01:01 - 2019-02-21 18:00 - 000366592 _____ (Igor Pavlov) C:\Users\super\Downloads\7zG.exe 2020-07-09 01:01 - 2019-02-21 18:00 - 000292864 _____ (Igor Pavlov) C:\Users\super\Downloads\7z.exe 2020-07-09 01:01 - 2019-02-21 18:00 - 000205824 _____ (Igor Pavlov) C:\Users\super\Downloads\7z.sfx 2020-07-09 01:01 - 2019-02-21 18:00 - 000186880 _____ (Igor Pavlov) C:\Users\super\Downloads\7zCon.sfx 2020-07-09 01:01 - 2019-02-21 18:00 - 000050688 _____ (Igor Pavlov) C:\Users\super\Downloads\7-zip.dll 2020-07-09 01:01 - 2019-02-20 13:00 - 000108074 _____ C:\Users\super\Downloads\7-zip.chm 2020-07-09 01:01 - 2019-01-09 12:15 - 000003990 _____ C:\Users\super\Downloads\License.txt 2020-07-09 01:01 - 2018-01-28 11:00 - 000000366 _____ C:\Users\super\Downloads\descript.ion 2020-07-09 01:00 - 2020-07-09 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2020-07-09 01:00 - 2020-07-09 01:00 - 000000000 ____D C:\Program Files\7-Zip 2020-07-09 00:38 - 2020-07-09 00:40 - 000000000 ____D C:\Users\super\Documents\Radmin_3_keygen_by_KeygenNinja 2020-07-08 18:37 - 2020-07-08 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin VPN 2020-07-08 18:37 - 2020-07-08 18:37 - 000000000 ____D C:\ProgramData\Famatech 2020-07-08 18:37 - 2020-07-08 18:37 - 000000000 ____D C:\Program Files (x86)\Radmin VPN 2020-07-08 18:13 - 2020-07-09 17:04 - 000000000 ____D C:\WINDOWS\SysWOW64\rserver30 2020-07-08 18:13 - 2020-07-08 18:13 - 000000000 ____D C:\Users\super\AppData\Roaming\Radmin 2020-07-08 18:13 - 2020-07-08 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin Viewer 3 2020-07-08 18:13 - 2020-07-08 18:13 - 000000000 ____D C:\Program Files (x86)\Radmin Viewer 3 2020-07-08 16:42 - 2020-07-08 16:42 - 000000000 ____H C:\Users\super\Documents\Default.rdp 2020-07-08 11:33 - 2020-07-08 11:33 - 000177359 _____ C:\Users\super\Desktop\FV № FV-2068 от 03.07.2020.pdf 2020-07-07 13:12 - 2020-07-07 13:12 - 000007334 _____ C:\Users\super\Desktop\Nowy OpenDocument Dokument tekstowy.odt 2020-07-05 11:17 - 2020-07-05 11:17 - 000019921 _____ C:\Users\super\AppData\Local\recently-used.xbel 2020-07-03 12:21 - 2020-07-03 12:21 - 000015360 _____ C:\Users\super\Downloads\Raport_COD(117).xls 2020-06-30 13:13 - 2020-06-30 13:13 - 000120264 _____ C:\Users\super\Documents\FV Proforma № C-16056 od 30.06.2020.pdf 2020-06-30 11:29 - 2020-06-30 11:29 - 000006144 _____ C:\Users\super\Downloads\Raport_COD(116).xls 2020-06-30 11:25 - 2020-06-30 11:25 - 000041780 _____ C:\Users\super\Downloads\POTWIERDZENIE_TRANSAKCJI_20200630_112539.pdf 2020-06-29 13:14 - 2020-06-29 13:14 - 000007680 _____ C:\Users\super\Downloads\Raport_COD(115).xls 2020-06-25 14:53 - 2020-06-25 14:53 - 000009728 _____ C:\Users\super\Downloads\Raport_COD(114).xls 2020-06-24 15:13 - 2020-06-24 15:13 - 000009728 _____ C:\Users\super\Downloads\Raport_COD(113).xls 2020-06-23 14:37 - 2020-06-23 14:37 - 000006144 _____ C:\Users\super\Downloads\Raport_COD(112).xls 2020-06-22 10:27 - 2020-06-22 10:27 - 000006144 _____ C:\Users\super\Downloads\Raport_COD(111).xls 2020-06-19 12:02 - 2020-06-19 12:02 - 000045056 _____ C:\Users\super\Downloads\Raport_COD(110).xls 2020-06-19 12:00 - 2020-06-19 12:00 - 000006656 _____ C:\Users\super\Downloads\Raport_COD(109).xls 2020-06-18 10:23 - 2020-06-18 10:23 - 000009728 _____ C:\Users\super\Downloads\Raport_COD(108).xls 2020-06-17 11:37 - 2020-06-17 11:37 - 000009728 _____ C:\Users\super\Downloads\Raport_COD(107).xls 2020-06-16 13:42 - 2020-06-16 13:42 - 000009216 _____ C:\Users\super\Downloads\Raport_COD(106).xls 2020-06-15 10:35 - 2020-06-15 10:35 - 000006656 _____ C:\Users\super\Downloads\Raport_COD(105).xls ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-07-13 12:43 - 2019-11-07 17:39 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-07-13 12:42 - 2020-05-15 11:19 - 000000000 ____D C:\Users\super\Desktop\oferty 2020-07-13 12:42 - 2019-11-07 18:41 - 000000000 ____D C:\Users\super\AppData\Roaming\PhotoScape 2020-07-13 10:46 - 2019-11-07 17:39 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-07-13 10:06 - 2019-11-07 19:05 - 000000000 ____D C:\ProgramData\firebird 2020-07-13 10:05 - 2019-11-07 17:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-07-12 20:12 - 2019-11-07 18:41 - 000000000 ____D C:\Users\super\AppData\Roaming\InsERT Sello 2020-07-11 21:27 - 2019-11-07 18:43 - 000000000 ____D C:\Users\super\AppData\Local\babl-0.1 2020-07-11 18:21 - 2019-11-07 18:16 - 000000000 ____D C:\Users\super\AppData\LocalLow\Mozilla 2020-07-11 18:16 - 2019-11-07 18:06 - 000000000 ___RD C:\Users\super\OneDrive 2020-07-11 18:16 - 2019-11-07 17:48 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2020-07-11 17:17 - 2019-11-07 17:54 - 002060554 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-07-11 17:17 - 2019-11-07 17:41 - 000886454 _____ C:\WINDOWS\system32\perfh015.dat 2020-07-11 17:17 - 2019-11-07 17:41 - 000193460 _____ C:\WINDOWS\system32\perfc015.dat 2020-07-11 17:17 - 2019-11-07 17:38 - 000000000 ____D C:\WINDOWS\INF 2020-07-11 17:13 - 2019-11-07 20:42 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-07-11 17:13 - 2019-11-07 17:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-07-11 17:12 - 2019-11-07 17:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-07-11 11:37 - 2019-11-07 18:02 - 000000000 ____D C:\Users\super 2020-07-11 11:37 - 2019-11-07 17:39 - 000000000 ___HD C:\Program Files\WindowsApps 2020-07-11 11:37 - 2019-11-07 17:39 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-07-10 17:32 - 2019-11-07 17:48 - 000314672 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-07-10 16:13 - 2019-11-07 18:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-07-10 16:06 - 2019-11-07 20:42 - 000000000 ____D C:\Users\super\AppData\Roaming\TeamViewer 2020-07-09 18:17 - 2019-11-07 18:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-07-09 17:43 - 2020-05-06 15:31 - 000000000 ____D C:\Users\super\Desktop\maseczka 2020-07-09 17:43 - 2020-04-03 18:10 - 000000000 ____D C:\Users\super\Desktop\zdjecia 2020-07-09 17:43 - 2020-03-05 23:10 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-07-09 17:43 - 2020-03-05 23:10 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-07-09 17:43 - 2019-11-10 13:29 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-07-09 17:43 - 2019-11-08 23:02 - 000000000 ____D C:\Users\super\Desktop\BANERY 2020-07-09 17:43 - 2019-11-08 00:30 - 000000000 ____D C:\Users\super\Desktop\super-zabaweczki 2020-07-09 17:43 - 2019-11-07 18:06 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1850963364-1419611553-3944585861-1001 2020-07-09 17:42 - 2019-11-07 19:16 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-07-09 17:42 - 2019-11-07 19:16 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-07-09 07:12 - 2020-05-03 22:54 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-07-09 07:12 - 2020-05-03 22:54 - 000002269 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2020-07-09 01:09 - 2019-11-07 18:04 - 000000000 ____D C:\Users\super\AppData\Local\Packages 2020-07-08 22:38 - 2020-03-05 23:10 - 000000000 ____D C:\Program Files (x86)\Google 2020-07-06 20:14 - 2019-11-12 09:34 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-07-06 11:35 - 2020-04-22 15:31 - 000049379 _____ C:\Users\super\Desktop\Eksport.pdf 2020-07-01 23:45 - 2019-11-07 17:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-07-01 20:08 - 2019-11-13 20:17 - 000000000 ____D C:\Users\super\AppData\Local\gtk-2.0 2020-06-29 09:47 - 2019-11-07 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InsERT 2020-06-25 10:27 - 2019-11-07 18:02 - 000002411 _____ C:\Users\super\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-06-25 09:44 - 2020-01-24 14:00 - 000000000 ____D C:\Program Files (x86)\Zebra Technologies 2020-06-24 19:22 - 2020-03-05 23:10 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-06-24 19:22 - 2020-03-05 23:10 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-06-24 13:55 - 2020-01-27 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zebra Technologies 2020-06-19 13:47 - 2019-11-07 19:19 - 000000000 ____D C:\Users\super\AppData\Local\D3DSCache ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-01-14 20:14 - 2020-01-27 19:12 - 000000017 _____ () C:\Users\super\AppData\Roaming\.cache3678791056.dat 2020-07-05 11:17 - 2020-07-05 11:17 - 000019921 _____ () C:\Users\super\AppData\Local\recently-used.xbel 2019-11-10 12:15 - 2019-11-10 12:15 - 000000017 _____ () C:\Users\super\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================