Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22.05.2024 01 Uruchomiony przez Edyta (administrator) SAMSUNG370 (SAMSUNG ELECTRONICS CO., LTD. 3570R/370R/470R/450R/510R/4450RV) (26-05-2024 23:59:37) Uruchomiony z C:\Users\Edyta\Downloads\FRST64.exe Załadowane profile: Edyta Platforma: Microsoft Windows 8.1 (Update) (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2> (Advanced Micro Devices Inc.) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_2\RdrCEF.exe <7> (C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (ATI Technologies Inc.) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (C:\Program Files (x86)\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe (C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.140\msedgewebview2.exe <6> (C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2> (C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (explorer.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\RocketDock\RocketDock.exe (explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <28> (services.exe ->) () [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (services.exe ->) (Huawei Technologies Co.,Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe (services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\iCLS Client\HeciServer.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe (services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxext.exe (svchost.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\S Agent\CommonAgent.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3272968 2014-04-17] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp [7818040 2013-09-19] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-05-07] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKU\S-1-5-21-487917205-4277715039-1335388587-1001\...\Run: [safe_urls768] => C:\Users\Edyta\AppData\Roaming\Browser-Security\s768.exe [2548944 2016-07-08] (Vondos Media GmbH -> ) <==== UWAGA HKU\S-1-5-21-487917205-4277715039-1335388587-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Brak podpisu cyfrowego] HKU\S-1-5-21-487917205-4277715039-1335388587-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91585088 2020-03-31] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-487917205-4277715039-1335388587-1001\...\Run: [Discord] => C:\Users\Edyta\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-487917205-4277715039-1335388587-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher [1848320 2017-07-21] (Microsoft Windows Hardware Compatibility Publisher -> ) HKU\S-1-5-21-487917205-4277715039-1335388587-1001\...\Run: [OfficeSyncProcess] => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" (Brak pliku) HKU\S-1-5-21-487917205-4277715039-1335388587-1001\...\MountPoints2: {2866533f-a2f6-11e9-8274-c8f73308781f} - "E:\AutoRun.exe" HKU\S-1-5-21-487917205-4277715039-1335388587-1001\...\MountPoints2: {7ea3bb93-b4b5-11ea-8296-c8f73308781f} - "D:\AutoRun.exe" HKU\S-1-5-21-487917205-4277715039-1335388587-1001\...\MountPoints2: {fa9bcd18-b534-11e9-8274-c8f73308781f} - "E:\AutoRun.exe" HKU\S-1-5-21-487917205-4277715039-1335388587-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-11-21] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\ssj1MPC: C:\Windows\System32\spool\prtprocs\x64\ssj1mpc.dll [43520 2017-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\ssj1M Langmon: C:\Windows\system32\ssj1mlm.dll [22528 2017-07-21] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2023-10-05] (Google LLC -> Google LLC) Startup: C:\Users\Edyta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skicka till OneNote.lnk [2024-01-14] ShortcutTarget: Skicka till OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {5840AF78-F3A3-4170-98CC-DDE375746619} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {6139163A-F057-4531-8CC1-38B5D2ECBD6D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.) Task: {1C44B460-FE5F-48EF-BBCD-B636EBB8F8D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-27] (Google Inc -> Google Inc.) Task: {4BC2F9AA-D97C-4C07-816A-986390B8C0C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-27] (Google Inc -> Google Inc.) Task: {47520D31-08F1-4947-AF7D-8251E9FF7EAD} - System32\Tasks\klcp_update => CodecTweakTool.exe -> %ProgramFiles(x86)%\K-Lite Codec Pack\Tools\/verysilent /update /freq=30 Task: {CFDAEEDB-2002-41DC-AB9F-25E0461E22B7} - System32\Tasks\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2180416 2015-06-24] (Samsung Electronics CO., LTD. -> ) Task: {118B6BAE-57EB-4793-A83F-78A0EE5A509B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294240 2023-02-16] (Microsoft Corporation -> Microsoft Corporation) Task: {DF130C75-7F00-45D3-9E66-544A7A57113C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294240 2023-02-16] (Microsoft Corporation -> Microsoft Corporation) Task: {F2CD791F-379C-48A2-8A8C-70FED6534E9B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-02-17] (Microsoft Corporation -> Microsoft Corporation) Task: {C406E557-315E-4ADD-9565-91BC89138C8E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-02-17] (Microsoft Corporation -> Microsoft Corporation) Task: {3CB4A652-EFA1-4078-B580-EAB013ECA1F9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168920 2023-02-17] (Microsoft Corporation -> Microsoft Corporation) Task: {E0D4E494-F3A5-4F2B-80C5-769C995E1D15} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\rundll32.exe [54784 2014-11-21] (Microsoft Windows -> Microsoft Corporation) -> aepdu.dll,AePduRunUpdate -nolegacy Task: {623EEA64-06C9-4F56-8549-EFDE392CAED2} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [686496 2024-05-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (dane wartości zawierają 6 znaków więcej). Task: {99C8775F-9D27-438C-BF3B-2AFE6C91B4CE} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [724384 2024-05-18] (Mozilla Corporation -> Mozilla Foundation) Task: {DD1140CA-E880-4378-94B7-6C740ED0C6CD} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3060072 2022-07-17] (Microsoft Corporation -> Microsoft Corporation) Task: {136C11AE-9271-4D10-AFCA-0EA66CD2B569} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-487917205-4277715039-1335388587-1001 => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3060072 2022-07-17] (Microsoft Corporation -> Microsoft Corporation) Task: {5BDD8D8E-DCB8-40D0-A023-3EB7DC1B4E19} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [3602632 2017-04-26] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {59339323-CB93-4098-A080-58CEA9CB0F51} - System32\Tasks\SettingsEventHandlerMonitor => C:\Program Files (x86)\Samsung\Settings\CmdServer\RSSettingEventHandler.exe [1775936 2015-06-24] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) Task: {D63D55AE-A675-41E6-822A-D2CE341387F3} - System32\Tasks\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [1721152 2015-06-24] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) Task: {0BC73B0D-AA92-46FF-AB5F-22E6C5B33712} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [3148800 2015-08-18] (Samsung Electronics CO., LTD.) [Brak podpisu cyfrowego] (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{B4B05F5D-0D7C-4BA4-9EDA-E96C6D1E7001}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{B4B05F5D-0D7C-4BA4-9EDA-E96C6D1E7001}\051434F4: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B4B05F5D-0D7C-4BA4-9EDA-E96C6D1E7001}\051434F40253027484A7: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B4B05F5D-0D7C-4BA4-9EDA-E96C6D1E7001}\25F6375602: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{B4B05F5D-0D7C-4BA4-9EDA-E96C6D1E7001}\44575CCB16023797079616C6E69616: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{B7CAEA11-96CC-4F13-B7C1-038CB60BB1E4}: [DhcpNameServer] 82.209.169.71 82.209.169.72 FireFox: ======== FF DefaultProfile: s7eynxvs.default-1540050402553 FF ProfilePath: C:\Users\Edyta\AppData\Roaming\Mozilla\Firefox\Profiles\s7eynxvs.default-1540050402553 [2024-05-26] FF Session Restore: Mozilla\Firefox\Profiles\s7eynxvs.default-1540050402553 -> [funkcja włączona] FF Notifications: Mozilla\Firefox\Profiles\s7eynxvs.default-1540050402553 -> hxxps://sportowefakty.wp.pl; hxxps://mail.yahoo.com; hxxps://www.webhallen.com; hxxps://www.byggahus.se FF Extension: (uBlock Origin) - C:\Users\Edyta\AppData\Roaming\Mozilla\Firefox\Profiles\s7eynxvs.default-1540050402553\Extensions\uBlock0@raymondhill.net.xpi [2024-04-13] FF Extension: (Color of Rainbow) - C:\Users\Edyta\AppData\Roaming\Mozilla\Firefox\Profiles\s7eynxvs.default-1540050402553\Extensions\{0764362e-a64d-4da8-aac2-c392b8826d7d}.xpi [2019-05-22] FF Extension: (alex-tag) - C:\Users\Edyta\AppData\Roaming\Mozilla\Firefox\Profiles\s7eynxvs.default-1540050402553\Extensions\{80cfc528-38c5-48a1-b50a-40160dde75c5}.xpi [2019-05-22] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [Brak podpisu cyfrowego] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-05-12] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Default [2023-11-28] CHR Notifications: Default -> hxxps://mail.yahoo.com; hxxps://openload.co; hxxps://www.filmweb.pl CHR Extension: (Just Black) - C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-13] CHR Extension: (uBlock Origin) - C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-11-10] CHR Extension: (Dokumenty Google offline) - C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-09] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-15] CHR Profile: C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-06] CHR Profile: C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-12-09] CHR Notifications: Profile 1 -> hxxps://www.youtube.com CHR HomePage: Profile 1 -> hxxp://samsung13.msn.com/ CHR Session Restore: Profile 1 -> [funkcja włączona] CHR Extension: (Dokumenty Google offline) - C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-28] CHR Extension: (GCalPlus) - C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjelhipeelammmhpghkpigkdonihkakj [2023-10-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-20] CHR Extension: (Hide morning in Calendar) - C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oaikandahkibeihnampagmegnpfefhca [2022-03-13] CHR Profile: C:\Users\Edyta\AppData\Local\Google\Chrome\User Data\System Profile [2023-12-05] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512176 2023-02-16] (Microsoft Corporation -> Microsoft Corporation) S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\FileSyncHelper.exe [2448232 2022-07-17] (Microsoft Corporation -> Microsoft Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2014-11-20] (Huawei Technologies Co.,Ltd. -> ) S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe [2836840 2022-07-17] (Microsoft Corporation -> Microsoft Corporation) R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1594176 2015-06-24] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3296672 2017-06-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [18592056 2024-05-03] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] () [Brak podpisu cyfrowego] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AMPPAL; C:\Windows\System32\drivers\AMPPAL.sys [165344 2013-07-29] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider) S3 AMPPALP; C:\Windows\system32\DRIVERS\amppal.sys [165344 2013-07-29] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) R3 MpKsl80cf6656; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3FD8A3D4-B5FE-4C80-A99B-1175DE148737}\MpKslDrv.sys [54568 2024-05-23] (Microsoft Windows -> Microsoft Corporation) S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Samsung Electronics CO., LTD. -> Windows (R) Win 7 DDK provider) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) R3 vuhub; C:\Windows\System32\drivers\vuhub.sys [47616 2007-12-17] (Eltima Software -> ) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Windows -> Microsoft Corporation) S3 MDA_NTDRV; \??\C:\Windows\system32\MDA_NTDRV.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-05-26 23:59 - 2024-05-27 00:00 - 000026678 _____ C:\Users\Edyta\Downloads\FRST.txt 2024-05-26 23:58 - 2024-05-27 00:00 - 000000000 ____D C:\FRST 2024-05-26 23:55 - 2024-05-26 23:55 - 002395136 _____ (Farbar) C:\Users\Edyta\Downloads\FRST64.exe 2024-05-26 23:55 - 2024-05-26 23:55 - 002395136 _____ (Farbar) C:\Users\Edyta\Downloads\FRST64(1).exe 2024-05-26 23:50 - 2024-05-26 23:50 - 000000000 ____D C:\Users\Edyta\Documents\dIAGNOSTYNA sAMSUNG nOTEBOOOK 2024-05-22 22:47 - 2024-05-22 22:47 - 000033114 _____ C:\Users\Edyta\Downloads\RUT_1716410857.xml 2024-05-22 22:47 - 2024-05-22 22:47 - 000001667 _____ C:\Users\Edyta\Downloads\ROT_1716410852.xml 2024-05-22 22:15 - 2024-05-22 22:15 - 000186646 _____ C:\Users\Edyta\Downloads\SEB utskrift-8.pdf 2024-05-21 19:21 - 2024-05-21 19:21 - 000125381 _____ C:\Users\Edyta\Downloads\aneks do umowy - Klyvningsvägen 9.pdf 2024-05-21 19:13 - 2024-05-21 19:13 - 002914752 _____ C:\Users\Edyta\Downloads\Aneks.eml 2024-05-21 14:14 - 2024-05-21 14:14 - 000047054 _____ C:\Users\Edyta\Downloads\Bg396-6124_Details_RefFörskott Materialkostnad_09042024.pdf 2024-05-21 14:13 - 2024-05-21 14:13 - 000206451 _____ C:\Users\Edyta\Downloads\SEB utskrift-7.pdf 2024-05-21 11:56 - 2024-05-21 11:56 - 000009558 _____ C:\Users\Edyta\Downloads\ROT_1716285368.xml 2024-05-20 21:35 - 2024-05-20 21:35 - 000029335 _____ C:\Users\Edyta\Downloads\export-2024-05-20T19 35 02.556Z.pax 2024-05-20 20:21 - 2024-05-20 20:21 - 000012099 _____ C:\Users\Edyta\Downloads\export-2024-05-20T18 21 03.698Z.pax 2024-05-20 20:19 - 2024-05-20 20:19 - 000012051 _____ C:\Users\Edyta\Downloads\export-2024-05-20T18 19 12.657Z.pax 2024-05-20 20:18 - 2024-05-20 20:18 - 000001510 _____ C:\Users\Edyta\Downloads\export-2024-05-20T18 18 34.892Z.pax 2024-05-20 20:17 - 2024-05-20 20:17 - 000017187 _____ C:\Users\Edyta\Downloads\export-2024-05-20T18 17 32.893Z.pax 2024-05-20 11:38 - 2024-05-20 11:38 - 000047225 _____ C:\Users\Edyta\Downloads\Avi 634632491 (2024-04-23, Edyta Morawska).pdf 2024-05-20 11:38 - 2024-05-20 11:38 - 000047191 _____ C:\Users\Edyta\Downloads\Avi 645569799 (2024-05-06, Edyta Morawska).pdf 2024-05-19 10:30 - 2024-05-19 10:30 - 000103424 _____ C:\Users\Edyta\Downloads\[BT]2024-05-18 TR on ESPN MC).mkv.torrent 2024-05-19 10:30 - 2024-05-19 10:30 - 000103424 _____ C:\Users\Edyta\Downloads\[BT]2024-05-18 TR on ESPN MC).mkv(1).torrent 2024-05-14 10:27 - 2024-05-14 10:27 - 000073570 _____ C:\Users\Edyta\Downloads\20240505_523004703547.pdf 2024-05-14 10:25 - 2024-05-14 10:25 - 000746438 _____ C:\Users\Edyta\Downloads\635557682.pdf 2024-05-08 20:19 - 2024-05-08 20:19 - 000929761 _____ C:\Users\Edyta\Downloads\5435-application-for-a-certificate-of-entitlement-to-medical-care.pdf 2024-05-08 20:19 - 2024-05-08 20:19 - 000864150 _____ C:\Users\Edyta\Downloads\5456-registration-information-required-to-obtain-social-insurance-cover.pdf 2024-05-07 17:03 - 2024-05-07 17:03 - 000001363 _____ C:\Users\Edyta\Downloads\BYGGLOSEN_2024-05-07T17 02 38+02 00_559292-5332.xml 2024-05-07 15:07 - 2024-05-07 15:07 - 000016777 _____ C:\Users\Edyta\Downloads\Kvittens_165593141889-2.pdf 2024-05-07 15:02 - 2024-05-07 15:02 - 000016778 _____ C:\Users\Edyta\Downloads\Kvittens_165591041636-3.pdf 2024-05-07 14:55 - 2024-05-07 14:55 - 000016778 _____ C:\Users\Edyta\Downloads\Kvittens_165592925332-2.pdf 2024-05-05 10:19 - 2024-05-05 10:19 - 000006167 _____ C:\Users\Edyta\Downloads\[BT]Saul Alvarez vs Jaime Munguia.mp4.torrent 2024-05-03 15:39 - 2024-05-03 15:39 - 000001664 _____ C:\Users\Edyta\Downloads\ROT_1714743512.xml 2024-04-30 22:37 - 2024-04-30 22:37 - 000003183 _____ C:\Users\Edyta\Downloads\Fora_202403_1714509406.json 2024-04-30 22:31 - 2024-04-30 22:31 - 000002676 _____ C:\Users\Edyta\Downloads\Fora_202403_1714509038.json 2024-04-30 22:15 - 2024-04-30 22:15 - 000000297 _____ C:\Users\Edyta\Downloads\Detaljer för inrapporterade löner(1).csv 2024-04-30 15:44 - 2024-04-30 15:44 - 000000376 _____ C:\Users\Edyta\Downloads\Fora5505698841001(2).txt ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-05-26 23:53 - 2023-07-02 10:44 - 000000000 ____D C:\Users\Edyta\AppData\Roaming\qBittorrent 2024-05-26 23:40 - 2017-10-01 19:57 - 000003992 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{BB092DE0-B481-4DCE-8B28-08852061AE4E} 2024-05-26 23:36 - 2017-07-27 14:10 - 000000000 ____D C:\Program Files (x86)\Google 2024-05-25 21:26 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF 2024-05-25 20:32 - 2022-07-22 22:28 - 000003466 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-05-25 20:32 - 2022-07-22 22:28 - 000003338 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-05-24 21:42 - 2017-07-27 14:50 - 000000000 ____D C:\Users\Edyta\AppData\Roaming\Microsoft\Word 2024-05-23 21:14 - 2017-07-27 14:51 - 000000000 ____D C:\Users\Edyta\AppData\Roaming\Microsoft\Excel 2024-05-23 21:09 - 2017-07-27 14:49 - 000000000 ____D C:\ProgramData\TEMP 2024-05-22 13:49 - 2017-07-27 14:26 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2024-05-21 18:34 - 2019-10-11 17:33 - 000000000 ____D C:\Users\Edyta\Documents\ALBY 2024-05-21 16:43 - 2024-04-02 23:09 - 000000000 ____D C:\Users\Edyta\Documents\Imperial Court 2024-05-21 11:32 - 2022-02-14 08:49 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-05-21 11:27 - 2014-11-21 06:46 - 000016164 _____ C:\Windows\system32\PerfStringBackup.INI 2024-05-21 11:27 - 2014-11-21 06:07 - 000017346 _____ C:\Windows\system32\perfh015.dat 2024-05-21 11:27 - 2014-11-21 06:07 - 000006644 _____ C:\Windows\system32\perfc015.dat 2024-05-21 11:27 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf 2024-05-21 11:19 - 2017-07-27 13:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-05-21 11:19 - 2017-07-27 13:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2024-05-21 11:19 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-05-21 11:19 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2024-05-21 09:57 - 2017-07-27 10:17 - 000000000 ____D C:\Users\Edyta 2024-05-19 10:31 - 2023-10-01 09:06 - 000000000 ____D C:\Users\Edyta\Downloads\BOKS 2024-05-18 12:03 - 2017-07-27 10:51 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-487917205-4277715039-1335388587-1001 2024-05-18 10:21 - 2017-07-27 14:06 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2024-05-18 10:20 - 2022-10-13 22:16 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2024-05-18 10:20 - 2022-10-13 22:16 - 000002067 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk 2024-05-18 10:06 - 2021-10-16 18:18 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2024-05-18 10:06 - 2017-07-27 13:55 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-05-15 23:12 - 2017-07-27 10:17 - 000000000 ____D C:\Users\Edyta\AppData\Local\Packages 2024-05-07 16:34 - 2020-06-01 19:51 - 000000000 ____D C:\Users\Edyta\AppData\Roaming\Kodi 2024-05-03 18:32 - 2023-08-11 10:35 - 000000000 ____D C:\Users\Edyta\Desktop\slutlön ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-06-25 21:30 - 2019-06-25 21:30 - 000000017 _____ () C:\Users\Edyta\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2024-05-23 21:39 ==================== Koniec FRST.txt ========================