Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 09-05-2021 Uruchomiony przez Grazyna (administrator) DESKTOP-F8USI31 (SAMSUNG ELECTRONICS CO., LTD. 300E4A/300E5A/300E7A/3430EA/3530EA) (12-05-2021 08:46:16) Uruchomiony z C:\Users\Grazyna\Desktop\FRST Załadowane profile: Grazyna Platform: Windows 10 Home Wersja 20H2 19042.867 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Grazyna\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Grazyna\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.985_none_e72c6fe7263b0fe4\TiWorker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC) AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {24E3BD55-8FDB-494D-B867-6300D891E551} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2948EA4B-13EC-40DB-A5BA-5EC4126931E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation) Task: {2F1C7975-6BC2-44E9-B01A-ED6AF55872FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-17] (Google Inc -> Google Inc.) Task: {7A54628E-6841-4B02-84D7-AF713F11B6A2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {80EA5F9B-D994-492C-B337-42C40FC9EB48} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {83F3FCD5-8365-4B79-B8EA-22B1E53B93FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE Task: {83F3FCD5-8365-4B79-B8EA-22B1E53B93FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE Task: {83F3FCD5-8365-4B79-B8EA-22B1E53B93FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE Task: {83F3FCD5-8365-4B79-B8EA-22B1E53B93FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE Task: {83F3FCD5-8365-4B79-B8EA-22B1E53B93FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE Task: {83F3FCD5-8365-4B79-B8EA-22B1E53B93FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3917937784-1445238625-1921059252-1001" /ENABLE Task: {83F3FCD5-8365-4B79-B8EA-22B1E53B93FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {853F3078-79F9-4440-B41A-6CECB2D51B69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8DC186CC-D45D-4C70-B440-9BA942AA67B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9489F723-FC79-4226-BE70-4294FBD5A1F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-17] (Google Inc -> Google Inc.) Task: {AE5BD4A3-EDE6-45F4-8E23-CD862B7988E5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-06] (Mozilla Corporation -> Mozilla Foundation) Task: {CFBF6C7B-B3C7-4D76-98B8-6B5817DD5D49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {D6BA7840-C8D6-4A4D-B12B-FE449B40C880} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation) Task: {DFCB3CB0-D1A1-4D10-BBF9-61D7F2A4D9E7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {E31AB720-B99A-4F86-B061-4FBE0519A31B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {EB5024F7-9AB8-46AC-9CB2-9DA8F11A7270} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {ECF397BD-2485-417F-8CCD-08C262E82BA2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1790184 2021-05-11] (Avast Software s.r.o. -> Avast Software) Task: {EDDC80F6-5799-4A19-A474-13E3F9A0BEA2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{047c9674-9433-4d0c-b847-3447d555f40b}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b470e346-ff1a-4bd9-88c5-5e6df7b47be3}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Grazyna\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-08] FireFox: ======== FF DefaultProfile: 3mkntf2g.default FF ProfilePath: C:\Users\Grazyna\AppData\Roaming\Mozilla\Firefox\Profiles\3mkntf2g.default [2021-05-11] FF Extension: (KeePassXC-Browser) - C:\Users\Grazyna\AppData\Roaming\Mozilla\Firefox\Profiles\3mkntf2g.default\Extensions\keepassxc-browser@keepassxc.org.xpi [2019-12-09] FF Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Grazyna\AppData\Roaming\Mozilla\Firefox\Profiles\3mkntf2g.default\Extensions\sp@avast.com.xpi [2020-07-03] FF Extension: (Avast Online Security) - C:\Users\Grazyna\AppData\Roaming\Mozilla\Firefox\Profiles\3mkntf2g.default\Extensions\wrc@avast.com.xpi [2021-02-18] FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Grazyna\AppData\Local\Google\Chrome\User Data\Default [2021-02-24] CHR Notifications: Default -> hxxps://meet.google.com CHR Extension: (Dokumenty) - C:\Users\Grazyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-07] CHR Extension: (Dysk Google) - C:\Users\Grazyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-24] CHR Extension: (YouTube) - C:\Users\Grazyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-22] CHR Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Grazyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-24] CHR Extension: (Dokumenty Google offline) - C:\Users\Grazyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-24] CHR Extension: (Avast Online Security) - C:\Users\Grazyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-24] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Grazyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-24] CHR Extension: (Gmail) - C:\Users\Grazyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-24] CHR Extension: (Chrome Media Router) - C:\Users\Grazyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-19] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.10-0\NisSrv.exe [2599312 2021-05-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.10-0\MsMpEng.exe [128376 2021-05-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Samsung Electronics CO., LTD. -> Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [829320 2019-05-23] (IDRIX -> IDRIX) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-11] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-05-12 08:41 - 2021-05-12 08:41 - 000729324 _____ C:\WINDOWS\Minidump\051221-4484-01.dmp 2021-05-12 08:41 - 2021-05-12 08:41 - 000008192 ___SH C:\DumpStack.log.tmp 2021-05-12 08:37 - 2021-05-12 08:37 - 000000000 _____ C:\WINDOWS\Minidump\051221-7140-01.dmp 2021-05-12 08:36 - 2021-05-12 08:36 - 000000000 _____ C:\WINDOWS\Minidump\051221-8734-01.dmp 2021-05-12 08:14 - 2021-05-12 08:14 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-05-11 13:36 - 2021-05-11 13:36 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-05-11 13:35 - 2021-05-11 13:56 - 000298480 _____ C:\WINDOWS\ntbtlog.txt 2021-05-11 12:32 - 2021-05-12 08:47 - 000000000 ____D C:\FRST 2021-05-11 12:32 - 2021-05-12 08:46 - 000000000 ____D C:\Users\Grazyna\Desktop\FRST 2021-05-11 12:23 - 2021-05-11 12:23 - 000000000 ___HD C:\$SysReset 2021-05-11 12:12 - 2021-05-11 15:24 - 001017313 ____N C:\WINDOWS\Minidump\051121-8984-01.dmp 2021-05-11 12:12 - 2021-05-11 12:13 - 000597412 _____ C:\WINDOWS\Minidump\051121-6453-02.dmp 2021-05-11 12:10 - 2021-05-11 12:10 - 000000000 _____ C:\WINDOWS\Minidump\051121-6921-01.dmp 2021-05-11 12:10 - 2021-05-11 12:10 - 000000000 _____ C:\WINDOWS\Minidump\051121-6390-01.dmp 2021-05-11 12:09 - 2021-05-11 12:09 - 000000000 _____ C:\WINDOWS\Minidump\051121-7484-01.dmp 2021-05-11 12:08 - 2021-05-11 12:08 - 000000000 _____ C:\WINDOWS\Minidump\051121-7000-01.dmp 2021-05-11 10:35 - 2021-05-11 10:36 - 000797980 _____ C:\WINDOWS\Minidump\051121-5484-01.dmp 2021-05-11 09:09 - 2021-05-11 09:10 - 000998796 _____ C:\WINDOWS\Minidump\051121-5578-01.dmp 2021-05-08 21:25 - 2021-05-08 21:25 - 000790564 _____ C:\WINDOWS\Minidump\050821-5593-01.dmp 2021-05-08 21:24 - 2021-05-08 21:24 - 000957468 _____ C:\WINDOWS\Minidump\050821-4718-01.dmp 2021-05-08 21:23 - 2021-05-08 21:23 - 000863516 _____ C:\WINDOWS\Minidump\050821-5218-01.dmp 2021-05-08 21:22 - 2021-05-08 21:22 - 000000000 _____ C:\WINDOWS\Minidump\050821-5671-01.dmp 2021-05-07 18:16 - 2021-05-07 18:16 - 001219780 _____ C:\WINDOWS\Minidump\050721-5046-01.dmp 2021-05-06 22:57 - 2021-05-06 22:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-05-06 22:56 - 2021-05-06 22:56 - 000775844 _____ C:\WINDOWS\Minidump\050621-4656-01.dmp 2021-05-06 22:54 - 2021-05-06 22:54 - 000000000 _____ C:\WINDOWS\Minidump\050621-5656-01.dmp 2021-05-06 22:53 - 2021-05-12 08:42 - 000000000 ____D C:\WINDOWS\Minidump 2021-05-06 22:53 - 2021-05-06 22:53 - 000000000 _____ C:\WINDOWS\Minidump\050621-10421-01.dmp 2021-05-06 20:51 - 2021-05-07 18:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-05-01 21:31 - 2021-05-06 22:57 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3917937784-1445238625-1921059252-1001 2021-05-01 21:31 - 2021-05-01 21:31 - 000002417 _____ C:\Users\Grazyna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-05-01 09:00 - 2021-05-01 09:00 - 000003072 ____H C:\Users\Grazyna\Downloads\photothumb.db 2021-04-27 20:49 - 2021-05-07 15:12 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-04-27 20:49 - 2021-04-27 20:49 - 000044568 _____ () C:\WINDOWS\system32\Drivers\staport.sys 2021-04-26 14:38 - 2021-04-26 14:38 - 000951390 _____ C:\Users\Grazyna\Downloads\154596414.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-05-12 08:45 - 2020-07-28 06:53 - 002698292 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-05-12 08:45 - 2020-07-28 01:34 - 000776766 _____ C:\WINDOWS\system32\perfh00C.dat 2021-05-12 08:45 - 2020-07-28 01:34 - 000145432 _____ C:\WINDOWS\system32\perfc00C.dat 2021-05-12 08:45 - 2019-12-07 17:08 - 000771126 _____ C:\WINDOWS\system32\perfh015.dat 2021-05-12 08:45 - 2019-12-07 17:08 - 000148172 _____ C:\WINDOWS\system32\perfc015.dat 2021-05-12 08:45 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-05-12 08:44 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-05-12 08:41 - 2020-07-28 06:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-05-12 08:41 - 2020-07-28 06:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-05-12 08:41 - 2020-04-03 13:30 - 000000000 ___RD C:\Users\Grazyna\Uniwersytet im. Adama Mickiewicza w Poznaniu 2021-05-12 08:41 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-12 08:41 - 2019-05-23 14:09 - 000000000 ___RD C:\Users\Grazyna\OneDrive - Uniwersytet im. Adama Mickiewicza w Poznaniu 2021-05-12 08:41 - 2017-02-20 13:45 - 000000000 ____D C:\ProgramData\NVIDIA 2021-05-12 08:37 - 2018-08-05 13:16 - 000000000 ____D C:\Users\Grazyna\AppData\Local\CrashDumps 2021-05-12 08:36 - 2020-07-28 02:07 - 000000000 ____D C:\Users\Grazyna 2021-05-12 08:21 - 2017-02-20 14:38 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-05-12 08:19 - 2017-02-20 14:38 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-05-12 08:18 - 2017-02-21 10:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2021-05-11 15:17 - 2017-12-18 12:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-05-11 15:06 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-05-11 14:21 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-11 14:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-05-11 13:35 - 2017-02-20 14:00 - 000000000 ____D C:\ProgramData\AVAST Software 2021-05-11 12:08 - 2020-07-28 06:44 - 000446176 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-05-11 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-05-11 10:32 - 2019-01-30 03:25 - 000000000 ____D C:\ProgramData\Mozilla 2021-05-11 10:32 - 2017-02-20 15:14 - 000000000 ____D C:\Users\Grazyna\AppData\LocalLow\Mozilla 2021-05-08 21:49 - 2018-07-11 17:00 - 000000000 ____D C:\Users\Grazyna\AppData\Local\AVAST Software 2021-05-08 21:43 - 2020-06-10 16:22 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-08 21:43 - 2020-06-10 16:22 - 000002288 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-05-08 21:43 - 2018-05-17 12:48 - 000002309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-05-08 21:43 - 2018-05-17 12:48 - 000002268 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-05-08 21:38 - 2017-02-20 15:18 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2021-05-08 21:38 - 2017-02-20 15:18 - 000000000 ____D C:\Users\Grazyna\AppData\Roaming\vlc 2021-05-08 21:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-05-08 21:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-05-07 18:16 - 2017-02-20 15:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-05-06 22:57 - 2020-07-28 06:58 - 000003438 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-05-06 22:57 - 2020-07-28 06:58 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-05-06 22:57 - 2017-02-20 15:14 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-05-06 22:55 - 2020-07-28 06:58 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-05-06 22:54 - 2021-02-09 20:13 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-05-06 22:54 - 2020-07-28 06:58 - 000003272 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-05-06 20:43 - 2020-07-28 06:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2021-04-29 14:48 - 2020-11-22 11:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-04-27 22:07 - 2018-08-27 22:29 - 000000000 ____D C:\Users\Grazyna\Documents\Rachunki moje 2021-04-27 20:49 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-24 18:38 - 2017-02-21 19:38 - 000026694 _____ C:\WINDOWS\BRRBCOM.INI 2021-04-22 08:13 - 2020-06-24 23:07 - 000000000 ____D C:\10-GG 2021-04-15 20:03 - 2015-10-30 09:24 - 000000167 _____ C:\WINDOWS\win.ini ==================== Pliki w katalogu głównym wybranych folderów ======== 2017-02-21 09:27 - 2017-02-21 09:27 - 000007628 _____ () C:\Users\Grazyna\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================