Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20-10-2021 Uruchomiony przez user.noname (administrator) PCname (HP HP ProBook 450 G6) (21-10-2021 21:37:49) Uruchomiony z C:\Users\user.noname\Downloads Załadowane profile: user.noname Platform: Microsoft Windows 10 Pro Wersja 21H1 19043.1288 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Assmann\USB Device Server\Control Center.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Bromium, Inc. -> HP) C:\Program Files\HP\Sure Click\servers\BrConsole.exe (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe (DroidMonkey Apps, LLC -> ) C:\Program Files\KeePassXC\keepassxc-proxy.exe (Fortemedia Inc. -> Fortemedia) C:\Windows\System32\FMUSBService64.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FCDBLog.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiESNAC.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSettings.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSSLVPNdaemon.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiTray.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\scheduler.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\51.0.16.0\crashpad_handler.exe <2> (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_65c4bc64f64422d8\x64\TouchpointAnalyticsClientService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_cac5689265dc40ee\x64\AppHelperCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_cac5689265dc40ee\x64\BridgeCommunication.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_cac5689265dc40ee\x64\DiagsCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_cac5689265dc40ee\x64\NetworkCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_cac5689265dc40ee\x64\SysInfoCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_ddd78e0f8226b40b\HotKeyServiceUWP.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_ddd78e0f8226b40b\HPHotkeyNotification.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_ddd78e0f8226b40b\LanWlanWwanSwitchingServiceUWP.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe (HP) [Brak podpisu cyfrowego] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cd7b82c7a75ae5ab\IntelCpHDCPSvc.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cd7b82c7a75ae5ab\IntelCpHeciSvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_724e05bd98458fe4\RstMwService.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Pulse Secure, LLC -> Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe <3> (Sanford, L.P. -> Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe [1274712 2021-08-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [331344 2015-07-22] (Hewlett-Packard -> HP Development Company, L.P.) HKLM-x32\...\Run: [KCodes UDS Control Center] => C:\Program Files (x86)\Assmann\USB Device Server\Control Center.exe [5843968 2015-05-20] () [Brak podpisu cyfrowego] HKLM-x32\...\Run: [DLSService] => "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe" HKLM-x32\...\Run: [HPNotifications] => C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [1607816 2021-02-11] (HP Inc. -> HP) HKLM-x32\...\Run: [PulseSecure] => C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\Pulse.exe [4087936 2020-07-20] (Pulse Secure, LLC -> ) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== UWAGA HKLM\...\Policies\system: [legalnoticecaption] .:: Uwaga ::. HKLM\...\Policies\system: [legalnoticetext] Witaj w domenie Energo-Tel. Wszystkie operacje podlegają logowaniu. HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3767591881-831697395-2510540753-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26405720 2021-10-18] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3767591881-831697395-2510540753-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49952424 2021-10-19] (Google LLC -> ) HKU\S-1-5-21-3767591881-831697395-2510540753-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe --startup_mode HKU\S-1-5-21-3767591881-831697395-2510540753-1001\...\MountPoints2: {054a9b69-af24-11eb-8d3f-e0d4e89d87b1} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3767591881-831697395-2510540753-1001\...\MountPoints2: {b819401b-404f-11eb-8d2b-e0d4e89d87b1} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\hpcpp165: C:\Windows\System32\spool\prtprocs\x64\hpcpp165.dll [602912 2014-02-19] (Hewlett-Packard Company -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\DYMO DUO D1 450 Monitor: C:\WINDOWS\system32\DUO_450MON.DLL [16896 2013-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Sanford L.P.) HKLM\...\Print\Monitors\DYMO LabelWriter Monitor: C:\WINDOWS\system32\LW400MON.DLL [16384 2013-03-04] (Microsoft Windows Hardware Compatibility Publisher -> DYMO Corp.) HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2021-02-23] (pdfforge GmbH) [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-13] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{4B9CAC01-6732-40d0-8B8F-B5B340F9D44F}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-07-20] (Pulse Secure, LLC -> ) HKLM\Software\...\Authentication\Credential Providers: [{4EFD0F35-BFBA-44eb-8F25-2B3530203C1D}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-07-20] (Pulse Secure, LLC -> ) HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll [2019-10-16] (DigitalPersona, Inc. -> Crossmatch, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{C1258FBC-F04F-4862-B78A-DDAAEF4A9707}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-07-20] (Pulse Secure, LLC -> ) HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll [2019-10-16] (DigitalPersona, Inc. -> Crossmatch, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{EAB1A79F-DFAA-4faf-A7B9-A6652E97EE16}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-07-20] (Pulse Secure, LLC -> ) HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll [2019-10-16] (DigitalPersona, Inc. -> Crossmatch, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll [2019-10-16] (DigitalPersona, Inc. -> Crossmatch, Inc.) HKLM\Software\...\Authentication\Credential Provider Filters: [{3884BCAA-C611-4e2d-9105-E11B1203294E}] -> C:\Program Files (x86)\Common Files\Pulse Secure\JamUI\jamSSOCredProv64.dll [2020-07-20] (Pulse Secure, LLC -> ) HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll [2019-10-16] (DigitalPersona, Inc. -> Crossmatch, Inc.) Lsa: [Notification Packages] DPPassFilter scecli Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk [2021-06-16] ShortcutTarget: HD Writer.lnk -> C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation -> Panasonic Corporation) Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0CF2CD6D-4CC0-41D1-B035-7AEA8A007542} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {1256A853-B988-49DB-806E-54253A7202CE} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-12-15] (Microsoft Windows -> Microsoft Corporation) Task: {297FDD65-9207-4EEF-927C-459F91DAC410} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice Task: {333CEB21-A0E1-4BA9-9AD9-E43544F4584C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-09-03] (HP Inc. -> HP Inc.) Task: {40520962-F384-42B1-B75B-CAE11E6A50D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {45025B29-B6D6-4062-9213-2A31AEAC0A59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4644D5A2-EED3-4A21-9C6C-264BDB80C3E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-02] (Google LLC -> Google LLC) Task: {61DD3E84-3D89-4C4A-B57F-437020F68C67} - System32\Tasks\HP\Sure Click\Sure Click 4.1.9.1290 => C:\Program Files\HP\Sure Click\servers\BrLauncher.exe [2681688 2019-12-11] (Bromium, Inc. -> HP) Task: {69631496-7ED6-4987-9414-413D5EED8AEB} - System32\Tasks\HP Thunderbolt Dock G2 schedular task => c:\Program Files\HP\HP Firmware Installer\HP Thunderbolt Dock G2\HPFirmwareInstaller.exe [268328 2019-09-12] (HP Inc. -> Hewlett-Packard Company) Task: {70205569-9501-4EAD-98A7-BAB7400E13FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8260F271-9900-4206-9D49-C40E8D910B90} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {890F3AEA-4E86-4B7A-A688-4B349F9BC280} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Task: {897FD865-AED6-47AE-B73A-65A37E6FF99C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9A695E93-BE77-47C0-8EAF-D7B508E79FD5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation) Task: {9CF7C363-1EEE-409F-BBCF-76D41DB66A1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-02] (Google LLC -> Google LLC) Task: {B3ECAEA7-3492-4C8A-8D32-4646536B4564} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-18] (Microsoft Corporation -> Microsoft Corporation) Task: {C45CB440-586D-4D4B-BF1D-D5669DC8B617} - System32\Tasks\HP\Sure Click\Tray icon 4.1.9.1290 => C:\Program Files\HP\Sure Click\servers\BrConsole.exe [262488 2019-12-11] (Bromium, Inc. -> HP) Task: {CB629A10-1AFC-4101-8D42-10C22CD42E9C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-08] (Mozilla Corporation -> Mozilla Foundation) Task: {DB8DBB57-6B97-47AA-A88F-8956830343D7} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-12-15] (Microsoft Windows -> Microsoft Corporation) Task: {F3D4459C-9BD4-4B69-9778-00FB5B0772DD} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [91728 2015-08-20] (Hewlett-Packard -> HP Development Company, L.P.) Task: {F799555E-3E83-4D61-9FB4-E87333F84B1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1123504 2021-10-07] (HP Inc. -> HP Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-05-18] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 89.107.153.3 8.8.8.8 Tcpip\..\Interfaces\{c9a0e4e1-3093-4589-bab0-5660a69836fd}: [DhcpNameServer] 192.168.168.15 192.168.95.110 Tcpip\..\Interfaces\{d6e7afd7-169b-45f1-8a82-48854c7cb6d9}: [DhcpNameServer] 89.107.153.3 8.8.8.8 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\user.noname\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-21] FireFox: ======== FF DefaultProfile: dvr8dnaq.default FF ProfilePath: C:\Users\user.noname\AppData\Roaming\Mozilla\Firefox\Profiles\dvr8dnaq.default [2021-07-22] FF ProfilePath: C:\Users\user.noname\AppData\Roaming\Mozilla\Firefox\Profiles\6opd548k.default-release [2021-10-21] FF Homepage: Mozilla\Firefox\Profiles\6opd548k.default-release -> hxxps//www.rmf24.pl/ FF NetworkProxy: Mozilla\Firefox\Profiles\6opd548k.default-release -> type", 4 FF Extension: (Privacy Badger) - C:\Users\user.noname\AppData\Roaming\Mozilla\Firefox\Profiles\6opd548k.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-08-18] FF Extension: (KeePassXC-Browser) - C:\Users\user.noname\AppData\Roaming\Mozilla\Firefox\Profiles\6opd548k.default-release\Extensions\keepassxc-browser@keepassxc.org.xpi [2021-07-23] FF Extension: (Google Translator for Firefox) - C:\Users\user.noname\AppData\Roaming\Mozilla\Firefox\Profiles\6opd548k.default-release\Extensions\translator@zoli.bod.xpi [2020-12-04] FF Extension: (uBlock Origin) - C:\Users\user.noname\AppData\Roaming\Mozilla\Firefox\Profiles\6opd548k.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-10-18] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\user.noname\AppData\Roaming\Mozilla\Firefox\Profiles\6opd548k.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-01] FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => nie znaleziono FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @bromium.com/BroFox,version=1.0 -> C:\Program Files\HP\Sure Click\servers\npBromiumPlugin.dll [2019-12-11] (Bromium, Inc. -> HP) FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2014-02-03] (Sanford, L.P. -> Sanford L.P.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-05-19] Chrome: ======= CHR Profile: C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default [2021-10-21] CHR Extension: (Prezentacje) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-17] CHR Extension: (Free Download Manager) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2021-10-19] CHR Extension: (Dokumenty) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-17] CHR Extension: (Dysk Google) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-17] CHR Extension: (YouTube) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-17] CHR Extension: (Arkusze) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-17] CHR Extension: (Dokumenty Google offline) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-19] CHR Extension: (Refunder) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\kinioneoenjiajmgdfpajoejebjdghpg [2021-10-21] CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-07] CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2021-10-18] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07] CHR Extension: (Gmail) - C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-17] CHR Profile: C:\Users\user.noname\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-28] CHR HKU\S-1-5-21-3767591881-831697395-2510540753-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) S3 BrAXService; C:\Program Files\HP\Sure Click\4.1.9.1290\servers\BrAXService.exe [2799960 2019-12-11] (Bromium, Inc. -> HP) S3 BrRmService; C:\Program Files\HP\Sure Click\servers\BrRemoteMgmtSvc.exe [5769048 2019-12-11] (Bromium, Inc. -> HP) S3 BrService; C:\Program Files\HP\Sure Click\servers\BrService.exe [9532760 2019-12-11] (Bromium, Inc. -> HP) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation) R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [529072 2019-10-16] (DigitalPersona, Inc. -> Crossmatch, Inc.) R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2014-02-03] (Sanford, L.P. -> Sanford, L.P.) R2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [138640 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [350008 2020-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) R2 FMUSBAPOService; C:\WINDOWS\system32\FMUSBService64.exe [145496 2019-07-16] (Fortemedia Inc. -> Fortemedia) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357864 2020-08-31] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_ddd78e0f8226b40b\HotKeyServiceUWP.exe [1596512 2021-06-16] (HP Inc. -> HP Inc.) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.) R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-25] (HP) [Brak podpisu cyfrowego] R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_cac5689265dc40ee\x64\AppHelperCap.exe [744016 2021-08-27] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_cac5689265dc40ee\x64\DiagsCap.exe [742480 2021-08-27] (HP Inc. -> HP Inc.) R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_cac5689265dc40ee\x64\NetworkCap.exe [742480 2021-08-27] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-09] (HP Inc. -> HP Inc.) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149448 2020-07-23] (HP Inc. -> HP) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_cac5689265dc40ee\x64\SysInfoCap.exe [743488 2021-08-27] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_65c4bc64f64422d8\x64\TouchpointAnalyticsClientService.exe [489584 2021-06-18] (HP Inc. -> HP Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_ddd78e0f8226b40b\LanWlanWwanSwitchingServiceUWP.exe [788560 2021-06-16] (HP Inc. -> HP Inc.) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [Brak podpisu cyfrowego] S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 PulseSecureService; C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe [354944 2020-07-20] (Pulse Secure, LLC -> Pulse Secure, LLC) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5414976 2021-10-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AssmannUDSMBus; C:\WINDOWS\system32\drivers\assmannUDSMBus.sys [116888 2015-05-06] (KCODES CORPORATION -> Windows (R) Codename Longhorn DDK provider) S3 assmannUDSTcpBus; C:\WINDOWS\System32\drivers\assmannUDSTcpBus.sys [203416 2015-05-06] (KCODES CORPORATION -> Windows (R) Codename Longhorn DDK provider) R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [202456 2020-07-07] (BayHub Technology Inc. -> BayHubTech/O2Micro) S4 BrCow_4_1_9_1290; C:\WINDOWS\System32\DRIVERS\BrCow_4_1_9_1290.sys [64872 2019-12-11] (Bromium, Inc. -> Windows (R) Win 7 DDK provider) S4 BrFilter_4_1_9_1290; C:\WINDOWS\System32\DRIVERS\BrFilter_4_1_9_1290.sys [226152 2019-12-11] (Bromium, Inc. -> HP) R2 BrHostDrv; C:\windows\system32\Drivers\BrHostDrv.sys [45584 2020-10-13] (Bromium, Inc. -> HP) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [27688 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc) R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc) S1 FortiFW; C:\WINDOWS\System32\drivers\FortiFW2.sys [47144 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc) S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [157752 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc) R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [83512 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc) S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [121384 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc) S3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [71320 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70536 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation) R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.) R1 jnprns; C:\WINDOWS\system32\DRIVERS\jnprns.sys [507192 2020-07-20] (Juniper Networks, Inc. -> Juniper Networks) S4 jnprTdi_918_3143; C:\WINDOWS\system32\Drivers\jnprTdi_918_3143.sys [98280 2020-07-20] (Pulse Secure, LLC -> Pulse Secure, LLC) R3 JnprVaMgr; C:\WINDOWS\System32\drivers\jnprvamgr.sys [45352 2020-07-20] (Juniper Networks, Inc. -> Juniper Networks, Inc.) R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) S3 PulseSAM; C:\WINDOWS\system32\Drivers\PulseSAM.sys [149040 2020-07-20] (Pulse Secure, LLC -> Pulse Secure, LLC) S3 RtkUsbAD_03F00269; C:\WINDOWS\system32\drivers\RtUsbA64_03F00269.sys [428832 2020-04-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [881760 2020-12-29] (Realtek Semiconductor Corp. -> Realtek Corporation) S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [282272 2021-03-10] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-06] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-06] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-10-21 21:37 - 2021-10-21 21:38 - 000037342 _____ C:\Users\user.noname\Downloads\FRST.txt 2021-10-21 21:37 - 2021-10-21 21:37 - 000000000 ____D C:\Users\user.noname\Downloads\FRST-OlderVersion 2021-10-21 21:36 - 2021-10-21 21:38 - 000000000 ____D C:\FRST 2021-10-21 21:36 - 2021-10-21 21:37 - 002310656 _____ (Farbar) C:\Users\user.noname\Downloads\FRST64.exe 2021-10-21 12:05 - 2021-02-23 09:54 - 000000000 ____D C:\aaa 2021-10-21 08:41 - 2021-10-21 08:41 - 000000000 ____D C:\ProgramData\boost_interprocess 2021-10-21 08:32 - 2021-10-21 08:32 - 000002286 _____ C:\Users\Public\Desktop\DWG TrueView 2022 - English.lnk 2021-10-21 08:32 - 2021-10-21 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DWG TrueView 2022 - English 2021-10-21 08:32 - 2021-10-21 08:32 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared 2021-10-21 08:31 - 2021-10-21 08:32 - 000000000 ____D C:\Program Files\Autodesk 2021-10-21 08:31 - 2021-10-21 08:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2021-10-21 08:29 - 2021-10-21 08:41 - 000000000 ____D C:\Users\user.noname\AppData\Roaming\Autodesk Installer 2021-10-21 08:29 - 2021-10-21 08:41 - 000000000 ____D C:\Users\user.noname\AppData\Roaming\Autodesk 2021-10-21 08:29 - 2021-10-21 08:32 - 000000000 ____D C:\ProgramData\Autodesk 2021-10-21 08:29 - 2021-10-21 08:29 - 000000000 ____D C:\Users\user.noname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk 2021-10-21 08:28 - 2021-10-21 08:42 - 000000000 ____D C:\Users\user.noname\AppData\Local\Autodesk 2021-10-21 08:28 - 2021-10-21 08:29 - 000000000 ____D C:\Autodesk 2021-10-21 08:25 - 2021-10-21 08:27 - 884764480 _____ (Autodesk, Inc.) C:\Users\user.noname\Downloads\DWGTrueView_2022_English_64bit_dlm.sfx.exe 2021-10-19 11:43 - 2021-10-19 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2021-10-19 11:33 - 2021-10-19 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2021-10-19 11:33 - 2021-10-19 11:33 - 000068936 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2021-10-19 11:33 - 2021-10-19 11:33 - 000000000 ____D C:\Program Files\Common Files\Oracle 2021-10-19 11:28 - 2021-10-19 11:28 - 001307256 _____ (Oracle Corporation) C:\Users\user.noname\Downloads\JavaUninstallTool.exe 2021-10-19 11:01 - 2021-10-19 11:01 - 085023552 _____ (Oracle Corporation) C:\Users\user.noname\Downloads\jre-8u301-windows-x64.exe 2021-10-18 08:28 - 2021-10-18 08:29 - 000000000 ____D C:\Users\Default\AppData\Roaming\Hewlett-Packard 2021-10-15 09:28 - 2021-10-15 09:28 - 001823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-10-15 09:28 - 2021-10-15 09:28 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-10-15 09:28 - 2021-10-15 09:28 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2021-10-15 09:28 - 2021-10-15 09:28 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-10-15 09:28 - 2021-10-15 09:28 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-10-15 09:28 - 2021-10-15 09:28 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-10-15 09:28 - 2021-10-15 09:28 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-10-15 09:28 - 2021-10-15 09:28 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-10-15 09:28 - 2021-10-15 09:28 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-10-15 09:28 - 2021-10-15 09:28 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-10-15 09:28 - 2021-10-15 09:28 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-10-15 09:28 - 2021-10-15 09:28 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-10-15 09:28 - 2021-10-15 09:28 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2021-10-15 09:28 - 2021-10-15 09:28 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-10-15 09:28 - 2021-10-15 09:28 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx 2021-10-15 09:28 - 2021-10-15 09:28 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx 2021-10-15 09:23 - 2021-10-15 09:23 - 000000000 ___HD C:\$WinREAgent 2021-10-13 11:50 - 2021-10-13 11:50 - 000001349 _____ C:\Users\Public\Desktop\Salumanus programator.lnk 2021-10-08 14:45 - 2021-10-10 22:32 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-10-07 09:04 - 2021-10-07 09:04 - 000076798 _____ C:\Users\user.noname\Documents\Rada rodziców 4b - 2021_2022.pdf 2021-10-07 09:02 - 2021-10-07 09:02 - 000076185 _____ C:\Users\user.noname\Documents\Rada rodziców 1b - 2021_2022.pdf 2021-10-05 13:41 - 2021-10-05 13:41 - 000308908 _____ C:\Users\user.noname\Documents\klasa4.pdf 2021-10-05 07:40 - 2021-10-07 11:52 - 000000000 ____D C:\Users\user.noname\AppData\Local\WhatsApp 2021-10-05 07:40 - 2021-10-05 07:40 - 135548112 _____ (WhatsApp) C:\Users\user.noname\Downloads\WhatsAppSetup.exe 2021-10-04 12:33 - 2021-10-04 12:33 - 000000064 _____ C:\Users\user.noname\Desktop\transmode.txt 2021-10-04 09:01 - 2021-10-04 09:01 - 008814160 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw08.sys 2021-10-04 09:01 - 2021-10-04 09:01 - 002684236 _____ C:\WINDOWS\system32\Drivers\Netwfw08.dat 2021-10-04 09:01 - 2021-10-04 09:01 - 001518160 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll 2021-09-30 21:07 - 2021-09-30 21:16 - 000003357 _____ C:\Users\user.noname\Documents\VW POLO.txt 2021-09-28 21:15 - 2021-10-10 21:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-09-28 07:39 - 2021-09-28 11:15 - 000000000 ____D C:\ProgramData\Pulse Secure 2021-09-28 07:39 - 2021-09-28 07:39 - 000000000 ____D C:\Users\Public\Pulse Secure 2021-09-28 07:39 - 2021-09-28 07:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure 2021-09-28 07:39 - 2021-09-28 07:39 - 000000000 ____D C:\Program Files (x86)\Pulse Secure 2021-09-28 07:39 - 2020-07-20 11:36 - 000149040 _____ (Pulse Secure, LLC) C:\WINDOWS\system32\Drivers\PulseSAM.sys 2021-09-28 07:39 - 2020-07-20 11:36 - 000098280 _____ (Pulse Secure, LLC) C:\WINDOWS\system32\Drivers\jnprTdi_918_3143.sys 2021-09-28 07:39 - 2020-07-20 11:33 - 000507192 _____ (Juniper Networks) C:\WINDOWS\system32\Drivers\jnprns.sys 2021-09-28 07:37 - 2021-09-28 07:37 - 024494080 _____ C:\Users\user.noname\Downloads\PulseSecure.x64.msi 2021-09-27 08:56 - 2021-09-27 08:56 - 000000000 ____D C:\Users\user.noname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pulse Secure 2021-09-27 08:54 - 2021-09-27 08:54 - 003158016 _____ C:\Users\user.noname\Downloads\PulseSecureAppLauncher.msi 2021-09-23 21:11 - 2021-09-23 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePassXC 2021-09-23 21:11 - 2021-09-23 21:11 - 000000000 ____D C:\Program Files\KeePassXC 2021-09-23 21:10 - 2021-09-23 21:10 - 045412352 _____ C:\Users\user.noname\Downloads\KeePassXC-2.6.6-Win64.msi 2021-09-22 12:59 - 2021-09-22 12:59 - 000001401 _____ C:\Users\user.noname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-09-21 13:17 - 2021-09-27 08:56 - 000000000 ____D C:\Users\user.noname\AppData\Roaming\Pulse Secure 2021-09-21 13:17 - 2021-09-21 13:17 - 000000000 ____D C:\Users\user.noname\AppData\Local\Pulse Secure ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-10-21 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-10-21 21:34 - 2020-12-02 17:22 - 000000000 ____D C:\ProgramData\Mozilla 2021-10-21 21:32 - 2020-12-04 14:24 - 000000000 ____D C:\Users\user.noname\AppData\LocalLow\Mozilla 2021-10-21 21:09 - 2021-07-09 12:49 - 000000000 ____D C:\Users\user.noname\.oracle_jre_usage 2021-10-21 21:06 - 2020-12-02 17:22 - 000000000 ____D C:\Program Files (x86)\Google 2021-10-21 20:57 - 2020-12-28 08:35 - 000000000 ___RD C:\Users\user.noname\Dysk Google 2021-10-21 20:56 - 2020-12-02 16:16 - 000000000 __SHD C:\Users\user.noname\IntelGraphicsProfiles 2021-10-21 20:56 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-10-21 14:13 - 2020-12-02 16:29 - 000000000 ____D C:\Users\user.noname\AppData\Local\CrashDumps 2021-10-21 14:01 - 2020-12-15 14:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-10-21 12:06 - 2020-12-15 14:39 - 001768628 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-10-21 12:06 - 2019-12-07 17:09 - 000787218 _____ C:\WINDOWS\system32\perfh015.dat 2021-10-21 12:06 - 2019-12-07 17:09 - 000153062 _____ C:\WINDOWS\system32\perfc015.dat 2021-10-21 12:06 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-10-21 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-10-21 11:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-10-21 11:26 - 2020-12-15 14:30 - 000678616 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-10-21 11:26 - 2020-12-02 17:23 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-10-21 11:25 - 2020-12-15 14:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-10-21 11:25 - 2020-12-15 14:30 - 000008192 ___SH C:\DumpStack.log.tmp 2021-10-21 11:25 - 2020-12-04 23:44 - 000037417 _____ C:\WINDOWS\system32\SEAPODATUR.USB.VID_03F0&PID_0269&MI_00.zip 2021-10-21 11:25 - 2020-12-02 17:07 - 000000128 _____ C:\WINDOWS\system32\config\netlogon.ftl 2021-10-21 11:25 - 2020-10-13 10:42 - 000000000 ___HD C:\Intel 2021-10-21 11:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-10-21 11:25 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-10-21 08:42 - 2020-12-04 21:45 - 000000000 ____D C:\Users\user.noname\AppData\Local\D3DSCache 2021-10-21 08:31 - 2020-10-13 10:48 - 000000000 ____D C:\ProgramData\Package Cache 2021-10-21 07:45 - 2020-12-28 08:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-10-19 12:27 - 2020-12-04 23:13 - 000000000 ____D C:\Users\user.noname\poczta_ET 2021-10-19 11:55 - 2020-12-23 12:31 - 000000000 ____D C:\Users\user.noname\AppData\Local\KeePassXC 2021-10-19 11:42 - 2021-04-12 12:11 - 000000000 ____D C:\Program Files\Java 2021-10-18 19:50 - 2020-10-13 10:54 - 000000000 ____D C:\Program Files\Microsoft Office 2021-10-18 08:29 - 2020-02-23 21:06 - 000000000 ____D C:\Program Files (x86)\HP 2021-10-18 08:28 - 2020-12-04 22:04 - 000000000 ____D C:\hpswsetup 2021-10-18 07:58 - 2020-12-02 16:16 - 000000000 ____D C:\Users\user.noname\AppData\Roaming\hpqLog 2021-10-17 17:07 - 2020-12-04 14:26 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-10-17 17:02 - 2021-09-13 22:34 - 000002072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-10-17 17:02 - 2021-09-13 22:34 - 000001907 _____ C:\Users\Default\Desktop\Google Slides.lnk 2021-10-17 17:02 - 2021-09-13 22:34 - 000001907 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2021-10-17 17:02 - 2021-09-13 22:34 - 000001895 _____ C:\Users\Default\Desktop\Google Docs.lnk 2021-10-15 12:11 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-10-15 12:11 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-10-15 12:11 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-10-15 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-10-15 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-10-15 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-10-15 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-10-15 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-10-15 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-10-15 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-10-15 11:41 - 2020-12-02 16:16 - 000000000 ____D C:\Users\user.noname\AppData\Local\Packages 2021-10-15 09:31 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-10-15 09:23 - 2021-06-11 21:27 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-10-15 09:23 - 2020-12-02 16:38 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-10-15 09:19 - 2020-12-02 16:38 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-10-13 11:50 - 2021-04-12 12:10 - 000001361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRD.lnk 2021-10-13 08:39 - 2020-12-02 17:23 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-10-10 22:32 - 2020-12-02 17:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-10-10 21:31 - 2020-12-02 17:22 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-10-10 08:53 - 2020-12-05 23:01 - 000000000 ____D C:\_priv 2021-10-10 08:51 - 2021-01-12 08:28 - 000003416 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d2def1cfd965 2021-10-10 08:51 - 2020-12-15 14:37 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-10-08 14:42 - 2020-12-02 16:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-10-07 11:52 - 2020-12-06 00:15 - 000000000 ____D C:\Users\user.noname\AppData\Roaming\WhatsApp 2021-10-06 20:49 - 2020-12-15 14:37 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3767591881-831697395-2510540753-1001 2021-10-06 20:49 - 2020-12-15 14:33 - 000002461 _____ C:\Users\user.noname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-10-06 20:49 - 2019-04-19 20:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-10-05 07:40 - 2021-01-15 12:12 - 000002257 _____ C:\Users\user.noname\Desktop\WhatsApp.lnk 2021-10-05 07:40 - 2020-12-06 00:15 - 000000000 ____D C:\Users\user.noname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2021-10-05 07:40 - 2020-12-06 00:15 - 000000000 ____D C:\Users\user.noname\AppData\Local\SquirrelTemp 2021-10-04 09:01 - 2020-12-04 22:24 - 005336144 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelWLANdriver.dll 2021-10-03 10:01 - 2020-12-15 14:37 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-10-03 10:01 - 2020-12-15 14:37 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-09-30 20:48 - 2021-05-05 10:01 - 000002298 ____H C:\Users\user.noname\Documents\Default.rdp 2021-09-30 20:48 - 2020-12-02 17:16 - 000000000 ____D C:\Users\user.noname\AppData\Local\FortiClient 2021-09-28 14:18 - 2020-12-15 14:33 - 000000000 ____D C:\Users\user.noname 2021-09-27 08:53 - 2020-12-02 17:08 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2021-09-22 15:09 - 2021-08-17 14:26 - 000000000 ____D C:\Users\user.noname\AppData\Roaming\reolink 2021-09-21 11:42 - 2020-12-04 21:52 - 000000000 ____D C:\Users\user.noname\AppData\Local\HP ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-12-23 09:54 - 2020-12-23 09:54 - 000044120 __RSH () C:\Program Files (x86)\DLS8Uninstall.log 2020-12-06 00:35 - 2021-09-02 11:05 - 000000128 _____ () C:\Users\user.noname\AppData\Roaming\winscp.rnd 2020-12-05 23:30 - 2020-12-05 23:31 - 000000600 _____ () C:\Users\user.noname\AppData\Local\PUTTY.RND 2021-07-23 16:55 - 2021-07-23 16:55 - 000000017 _____ () C:\Users\user.noname\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================