Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19-01-2021 Uruchomiony przez Bogusław Wierzbicki (administrator) DESKTOP-N9BNBJ9 (Dell Inc. OptiPlex 9010) (19-01-2021 13:40:07) Uruchomiony z C:\Users\sserv\Downloads Załadowane profile: Bogusław Wierzbicki Platform: Windows 10 Pro Wersja 20H2 19042.746 (X64) Język: Polski (Polska) Domyślna przeglądarka nie została wykryta! Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (HP) [Brak podpisu cyfrowego] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <22> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2917632 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-05-21] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-2405121837-3688630295-1865600989-1002\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2405121837-3688630295-1865600989-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\...\Windows x64\Print Processors\KOAYFA_P: C:\Windows\System32\spool\prtprocs\x64\KOAYFA_P.DLL [50696 2016-03-07] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\423SeriesPS-8 Language Monitor: C:\WINDOWS\system32\KOAYFA_L.DLL [25608 2016-03-07] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\novaPDF 9 Port Monitor: C:\WINDOWS\system32\novamn9.dll [18944 2019-07-01] (Softland) [Brak podpisu cyfrowego] ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0D50A558-EBFB-41B9-B8B7-919F6EAEBF8E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {D481F6BB-6EDA-4BAA-BD0C-6CF64347FFEE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {E97CE1C9-38EB-40D7-ACDA-69BBDEC5DE9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) Task: {FEE61631-BC45-4919-9E1A-0E6ED89AD18C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{e4dcfce5-ff57-4b8b-a421-2b3e26f4905c}: [NameServer] 8.8.8.8 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\sserv\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-19] FireFox: ======== FF DefaultProfile: gpn8njez.default FF ProfilePath: C:\Users\sserv\AppData\Roaming\Mozilla\Firefox\Profiles\gpn8njez.default [2020-12-04] FF ProfilePath: C:\Users\sserv\AppData\Roaming\Mozilla\Firefox\Profiles\u5bg1y9y.default-release [2021-01-19] FF Homepage: Mozilla\Firefox\Profiles\u5bg1y9y.default-release -> www.wp.pl FF Extension: (Google search link fix) - C:\Users\sserv\AppData\Roaming\Mozilla\Firefox\Profiles\u5bg1y9y.default-release\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2021-01-19] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\sserv\AppData\Roaming\Mozilla\Firefox\Profiles\u5bg1y9y.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-19] FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) S2 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [57952 2020-05-21] (ESET, spol. s r.o. -> ESET) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2364984 2020-05-21] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2364984 2020-05-21] (ESET, spol. s r.o. -> ESET) R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Brak podpisu cyfrowego] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-19] (Malwarebytes Inc -> Malwarebytes) R2 NovaPdf9Server; C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe [53552 2019-07-01] (Softland SRL -> Microsoft) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [155888 2020-05-21] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106848 2020-05-21] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [195176 2020-05-21] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2020-05-21] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116184 2020-05-21] (ESET, spol. s r.o. -> ESET) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-19] (Malwarebytes Corporation -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-19] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-19] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-19] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-19] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [141472 2021-01-19] (Malwarebytes Inc -> Malwarebytes) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-01-19 13:41 - 2021-01-19 13:41 - 000602112 _____ (OldTimer Tools) C:\Users\sserv\Downloads\OTL.exe 2021-01-19 13:41 - 2021-01-19 13:41 - 000000000 ____D C:\Users\sserv\AppData\LocalLow\IGDump 2021-01-19 13:40 - 2021-01-19 13:40 - 000011349 _____ C:\Users\sserv\Downloads\FRST.txt 2021-01-19 13:40 - 2021-01-19 13:40 - 000000000 ____D C:\FRST 2021-01-19 13:39 - 2021-01-19 13:39 - 002295808 _____ (Farbar) C:\Users\sserv\Downloads\FRST64.exe 2021-01-19 13:33 - 2021-01-19 13:33 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-01-19 13:33 - 2021-01-19 13:33 - 000141472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-01-19 13:33 - 2021-01-19 13:33 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-01-19 13:30 - 2021-01-19 13:31 - 000000000 ____D C:\Users\sserv\AppData\Roaming\Geek Uninstaller 2021-01-19 13:23 - 2021-01-19 13:23 - 008458096 _____ (Malwarebytes) C:\Users\sserv\Downloads\adwcleaner_8.0.9.exe 2021-01-19 13:00 - 2021-01-19 13:00 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-01-19 13:00 - 2021-01-19 13:00 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-01-19 13:00 - 2021-01-19 13:00 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-01-19 13:00 - 2021-01-19 13:00 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-01-19 13:00 - 2021-01-19 13:00 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-01-19 13:00 - 2021-01-19 13:00 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-01-19 13:00 - 2021-01-19 13:00 - 000000000 ____D C:\Users\sserv\AppData\Local\mbam 2021-01-19 13:00 - 2021-01-19 13:00 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-01-19 12:59 - 2021-01-19 12:59 - 000000000 ____D C:\Program Files\Malwarebytes 2021-01-19 11:33 - 2021-01-19 11:33 - 000147753 _____ C:\Users\sserv\Desktop\Zlecenie_OFI_Streicher.pdf 2021-01-14 12:35 - 2021-01-14 12:35 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-01-14 12:35 - 2021-01-14 12:35 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-01-14 12:35 - 2021-01-14 12:35 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-01-14 12:35 - 2021-01-14 12:35 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-01-14 12:35 - 2021-01-14 12:35 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-01-14 12:35 - 2021-01-14 12:35 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-01-14 12:35 - 2021-01-14 12:35 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-01-14 12:35 - 2021-01-14 12:35 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2021-01-14 12:35 - 2021-01-14 12:35 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-01-14 12:35 - 2021-01-14 12:35 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-01-14 12:35 - 2021-01-14 12:35 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-01-14 12:35 - 2021-01-14 12:35 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-01-14 12:35 - 2021-01-14 12:35 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-01-14 12:35 - 2021-01-14 12:35 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-01-14 12:35 - 2021-01-14 12:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-01-14 12:35 - 2021-01-14 12:35 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-01-14 12:35 - 2021-01-14 12:35 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll 2021-01-14 12:35 - 2021-01-14 12:35 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-01-14 12:35 - 2021-01-14 12:35 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll 2021-01-14 12:35 - 2021-01-14 12:35 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-01-14 12:35 - 2021-01-14 12:35 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-01-14 12:35 - 2021-01-14 12:35 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-01-14 12:35 - 2021-01-14 12:35 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-01-14 12:35 - 2021-01-14 12:35 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-01-14 12:35 - 2021-01-14 12:35 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-01-14 12:35 - 2021-01-14 12:35 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-01-14 12:35 - 2021-01-14 12:35 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-01-14 12:34 - 2021-01-14 12:34 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-01-14 12:34 - 2021-01-14 12:34 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2021-01-14 12:34 - 2021-01-14 12:34 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-01-14 12:34 - 2021-01-14 12:34 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-01-14 12:34 - 2021-01-14 12:34 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-01-14 12:34 - 2021-01-14 12:34 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-01-14 12:34 - 2021-01-14 12:34 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll 2021-01-14 12:34 - 2021-01-14 12:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-01-14 12:34 - 2021-01-14 12:34 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-01-14 12:34 - 2021-01-14 12:34 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll 2021-01-14 12:34 - 2021-01-14 12:34 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-01-14 12:34 - 2021-01-14 12:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-01-14 12:34 - 2021-01-14 12:34 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-01-14 12:34 - 2021-01-14 12:34 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-01-14 12:34 - 2021-01-14 12:34 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-01-14 12:34 - 2021-01-14 12:34 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe 2021-01-14 12:34 - 2021-01-14 12:34 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll 2021-01-13 10:27 - 2021-01-13 10:27 - 000000000 ____D C:\Users\sserv\Desktop\OpenOffice 4.1.8 (pl) Installation Files 2020-12-23 11:05 - 2020-12-28 13:43 - 000010918 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1 2020-12-23 10:26 - 2021-01-15 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2020-12-23 09:01 - 2020-12-23 11:05 - 000007680 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1 ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-01-19 13:39 - 2020-11-25 09:04 - 001767980 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-01-19 13:39 - 2019-12-07 16:09 - 000784276 _____ C:\WINDOWS\system32\perfh015.dat 2021-01-19 13:39 - 2019-12-07 16:09 - 000152172 _____ C:\WINDOWS\system32\perfc015.dat 2021-01-19 13:39 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-01-19 13:36 - 2020-06-19 07:34 - 000000000 ____D C:\Users\sserv\AppData\Roaming\Mozilla 2021-01-19 13:36 - 2020-06-19 07:34 - 000000000 ____D C:\ProgramData\Mozilla 2021-01-19 13:35 - 2020-06-24 08:12 - 000000000 ____D C:\Program Files\CCleaner 2021-01-19 13:33 - 2020-11-25 09:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-01-19 13:33 - 2020-11-25 08:53 - 000008192 ___SH C:\DumpStack.log.tmp 2021-01-19 13:33 - 2020-06-19 07:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-01-19 13:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-19 13:32 - 2020-06-19 07:27 - 000012544 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1 2021-01-19 13:32 - 2020-06-19 07:27 - 000008675 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1 2021-01-19 13:32 - 2020-06-19 07:27 - 000006581 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1 2021-01-19 13:32 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-01-19 13:00 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-01-19 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-01-19 12:23 - 2020-11-25 09:00 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-01-19 10:58 - 2020-11-25 08:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-01-18 14:06 - 2020-06-19 13:00 - 000008065 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1 2021-01-15 10:29 - 2020-06-19 07:34 - 000001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-01-14 14:12 - 2020-11-25 08:53 - 000570152 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-01-14 14:11 - 2020-11-24 10:53 - 000000000 ____D C:\WINDOWS\HoloShell 2021-01-14 14:11 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-01-14 14:11 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-01-14 14:11 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-01-14 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-01-14 12:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-01-14 12:34 - 2020-11-25 08:53 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-01-14 12:28 - 2020-06-18 05:03 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-01-14 12:27 - 2020-06-18 05:03 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-01-14 11:20 - 2020-06-18 07:38 - 000000000 ____D C:\Users\sserv\AppData\Local\D3DSCache 2021-01-14 10:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-01-13 10:20 - 2020-06-19 07:15 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2021-01-12 11:33 - 2020-07-01 12:37 - 000008073 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1 2021-01-11 10:56 - 2020-06-23 11:44 - 000008073 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1 2021-01-11 08:46 - 2020-07-17 08:07 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-01-08 12:29 - 2020-06-22 14:01 - 000006201 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1 2020-12-28 09:34 - 2020-11-20 08:45 - 000000000 ___DC C:\WINDOWS\Panther 2020-12-23 09:01 - 2020-07-10 09:57 - 000008065 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1 2020-12-22 16:15 - 2020-07-03 12:03 - 000006594 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1 ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================