Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-04-2020 Uruchomiony przez Michał (administrator) DESKTOP-D29CHJJ (LENOVO 81BG) (06-04-2020 17:48:04) Uruchomiony z C:\Users\Michał\Downloads Załadowane profile: defaultuser0 & Michał (Dostępne profile: defaultuser0 & Michał) Platform: Windows 10 Pro Wersja 1607 14393.1944 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc. -> The CefSharp Authors) C:\Program Files (x86)\Citrix\ICA Client\Browser\CtxWebBrowser.exe (Citrix Systems, Inc. -> The CefSharp Authors) C:\Program Files (x86)\Citrix\ICA Client\Browser\CtxWebBrowser.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe (Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe (LENOVO -> Lenovo) C:\Program Files\Lenovo\YMC\ymc.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Michał\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.21204.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Nenad Hrg -> Nenad Hrg SoftwareOK) C:\Users\Michał\Desktop\DesktopOK_x64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\update_notifier.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Michał\AppData\Local\Vivaldi\Application\vivaldi.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [914344 2017-06-13] (LENOVO -> Lenovo(beijing) Limited) HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3024920 2020-03-27] (Opera Software AS -> Opera Software) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [795744 2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460384 2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKU\S-1-5-21-1736392577-2743341064-45954849-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-1736392577-2743341064-45954849-1001\...\Run: [DesktopOK] => C:\Users\Michał\Desktop\DesktopOK_x64.exe [717184 2018-11-22] (Nenad Hrg -> Nenad Hrg SoftwareOK) HKU\S-1-5-21-1736392577-2743341064-45954849-1001\...\Run: [Vivaldi Update Notifier] => C:\Users\Michał\AppData\Local\Vivaldi\Application\update_notifier.exe [1880648 2020-03-20] (Vivaldi Technologies AS -> Vivaldi Technologies AS) HKU\S-1-5-21-1736392577-2743341064-45954849-1001\...\Run: [Steam] => E:\Steam\steam.exe [3370272 2020-03-27] (Valve -> Valve Corporation) HKU\S-1-5-21-1736392577-2743341064-45954849-1001\...\MountPoints2: {2246bd31-d9f6-11e8-b5cd-f894c25e2b39} - "D:\Autorun.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC) GroupPolicy: Ograniczenia ? <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {00C28924-90BD-4360-AB59-1AD07CE496A5} - System32\Tasks\{5BB3229A-CB25-48F8-ACF0-56607C97759A} => C:\Windows\system32\pcalua.exe -a E:\BiA\System\EiB.exe -d E:\BiA\System Task: {010C86A6-276C-48AA-9C6C-9B5B202BE8B5} - System32\Tasks\TR_FastScan_Daily_Michał => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [3919584 2020-03-23] (Simply Super Software -> Simply Super Software) Task: {082A0D8D-F7C8-4856-83FA-E3ED2AFC69F2} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {0B7ADEB5-C59C-4D38-920B-2F3B2C0E4610} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {147F42CD-96B1-47B9-B96B-6AAA2BE81EA9} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61} Task: {18046EDD-84A9-4799-96AA-E20A4A3D786C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-30] (Adobe Inc. -> Adobe) Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61} Task: {1B721AB5-DDCB-420F-BDC0-F147D663E3D3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {1BAA8C67-2CAB-4ED9-8FB9-D51CCA7DC104} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [5714944 2020-04-05] () [Brak podpisu cyfrowego] Task: {1C8187FD-B7C4-49AB-AAA0-859024104DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-04] (Google Inc -> Google Inc.) Task: {261D29AB-3E20-48CE-B504-918C5866D95F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\02543563-9021-4ddc-9691-61c9e265276f => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.) Task: {262B1F44-6CC9-43D4-ACB6-6C1803D14D56} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [743616 2019-04-19] (@ByELDI -> @ByELDI) [Brak podpisu cyfrowego] Task: {2ACDBE97-C354-4931-84D5-398E262EC9AE} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-02-11] (Lenovo -> ) Task: {2B1411B4-1853-4AE6-A0EA-26D065665E1C} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {38C7B1BF-69A7-482B-B3F1-D156BCF98BF6} - System32\Tasks\Opera scheduled assistant Autoupdate 1580114990 => C:\Program Files\Opera\launcher.exe [1538584 2020-03-27] (Opera Software AS -> Opera Software) Task: {3B1C7591-8A8B-4108-AC85-FA5626198952} - System32\Tasks\Opera scheduled Autoupdate 1514468433 => C:\Program Files\Opera\launcher.exe [1538584 2020-03-27] (Opera Software AS -> Opera Software) Task: {4128020F-3CE8-43BA-95BC-4EB1F37C6AD9} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {45F779E9-EFDC-4B8B-988C-2CB9B5C6DCE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-04] (Google Inc -> Google Inc.) Task: {60FB422B-3ABB-40C9-953F-C5F2CEA966DD} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-11-02] (Microsoft Windows -> Microsoft Corporation) Task: {62850F9B-C3CC-4448-BF58-C44AA3F9D3A1} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {6C42AC83-F0BF-4E97-9755-878A242B55F0} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {6EBA2CC3-B722-46B2-AA22-C40CCE07DE2D} - System32\Tasks\TR_AntiHijack => C:\Program Files (x86)\Trojan Remover\TRAntiHJ.exe Task: {909390C9-5939-42B8-8FE5-34095103BBDC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {937A838E-54EC-4983-AD47-3DE8CAD5BA17} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-11-02] (Microsoft Windows -> Microsoft Corporation) Task: {9E048FA6-383C-412B-B5EF-4443BCE0E9E3} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => "%windir%\system32\WindowsPowerShell\v1.0\PowerShell.exe" "powershell -executionpolicy bypass -file %ProgramData%\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\data\Maintenance.ps1" Task: {A485ACE4-0B46-4D0A-AAC8-64E75D738555} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {A587B14D-EED6-42DD-B423-EB903E7941E8} - System32\Tasks\TR_Updater => C:\Program Files (x86)\Trojan Remover\Trupd.exe [3919064 2019-12-12] (Simply Super Software -> Simply Super Software) Task: {A8910F9A-26BD-4F6A-9EF8-488034C0DB85} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {B3EE1F1E-68E0-4726-8955-86346B21EBF2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {B660CBA5-6824-46D3-A3AB-37991818683B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\09d2fcfb-fe7a-40fd-8976-c564eb8bb889 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.) Task: {BB726C38-3546-48D8-B9E1-2C883FE13C78} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2018-05-02] () [Brak podpisu cyfrowego] Task: {BBCBEEC9-B3E3-4CF3-B155-2953931E93EB} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {C3557234-09C3-4005-B60F-3C05E384D66D} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-02-11] (Lenovo -> ) Task: {C50C5F01-F1E5-4182-B1C9-85B2AF3EE392} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {C7CFD642-9ED9-4822-8991-55075B14533A} - System32\Tasks\TR_FastScan_AtLogon => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [3919584 2020-03-23] (Simply Super Software -> Simply Super Software) Task: {C9F259EA-BB6B-43F5-9652-27A9AA5FABD0} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {D474687D-EFFA-4754-8F23-9F1C0D37E827} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\789c3f49-7a99-4bca-981b-2b4d3b54b1a9 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.) Task: {D4CA382C-AE34-4CB6-8853-62FF3BBFDB2A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {D7CF0DAB-1520-4953-BBCE-292D4565D993} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {DA631A55-C805-40B8-AF3B-7DD33E6997A3} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-D29CHJJ-Michał DESKTOP-D29CHJJ => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [470720 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {DB29EB49-3AF0-46E1-A6D1-572E29748900} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [54424 2020-02-11] (Lenovo -> Lenovo Group Ltd.) Task: {E4B0A65C-AFA7-495B-9D3F-003FF0611CDC} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {F5F643C4-2E52-484B-A324-A25BCE5913A2} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1736392577-2743341064-45954849-1001 => C:\Users\Michał\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {FC64A869-1FFA-4FA4-ABDE-42CBD8477827} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\761ef370-0d5b-4628-a0ac-0fcf92ff2546 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{5e800dba-6123-407f-91a6-a0f0f9f79c85}: [NameServer] 156.154.70.25,156.154.71.25 Tcpip\..\Interfaces\{5e800dba-6123-407f-91a6-a0f0f9f79c85}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{d86f35a4-e297-4e04-b2bb-934bf1de9592}: [NameServer] 156.154.70.25,156.154.71.25 Internet Explorer: ================== BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-02-01] (Oracle America, Inc. -> Oracle Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-01] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default [2020-04-05] CHR Notifications: Default -> hxxps://player.pl; hxxps://wibor.money.pl; hxxps://www.dobreprogramy.pl; hxxps://www.eobuwie.com.pl; hxxps://www.youtube.com CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Dokumenty) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-04] CHR Extension: (FilmBooster) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdojnljhhnmokjbpbhmngmmfnhokgij [2018-07-08] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (AdBlocker Ultimate) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2019-12-04] CHR Extension: (Chrome Media Router) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-12] Opera: ======= OPR Notifications: hxxps://www.siepomaga.pl OPR Extension: (Search and Newtab) - C:\Users\Michał\AppData\Roaming\Opera Software\Opera Stable\Extensions\gffphgpcblfoaknmcaldoggadmomcgmm [2020-04-05] OPR Extension: (Save to Pocket) - C:\Users\Michał\AppData\Roaming\Opera Software\Opera Stable\Extensions\hedlhkdmdlcjhiblbmfggdiaeekblnoi [2019-08-02] OPR Extension: (uBlock Origin) - C:\Users\Michał\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2020-03-16] OPR Extension: (V7 Sessions) - C:\Users\Michał\AppData\Roaming\Opera Software\Opera Stable\Extensions\khmbgihnlknbjgjhmekjeoidpfimabpp [2020-02-23] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [873560 2020-01-14] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2651840 2019-04-11] (Comodo Security Solutions, Inc. -> COMODO) R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4202680 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [533048 2018-04-17] (Intel Corporation -> Intel Corporation) R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-05] (Malwarebytes Inc -> Malwarebytes) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324584 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-08-08] (Microsoft Corporation -> Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [282200 2018-01-05] (Synaptics Incorporated -> Synaptics Incorporated) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-14] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-14] (Microsoft Corporation -> Microsoft Corporation) R2 ymc; C:\Program Files\Lenovo\YMC\ymc.exe [49032 2016-12-23] (LENOVO -> Lenovo) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2018-10-27] (Tages SA -> ) S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider) S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17872 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO) R1 cmdcss; C:\Windows\system32\drivers\cmdcss.sys [125000 2018-02-28] (Comodo Security Solutions, Inc. -> COMODO) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [43416 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [849048 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [51672 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-11-18] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-11-18] (Disc Soft Ltd -> Disc Soft Ltd) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136256 2018-04-17] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [134280 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO) R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2018-10-27] (Tages SA -> ) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> ) R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8614464 2018-05-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_f584cfa7db0ccadc\nvlddmkm.sys [22738296 2019-10-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1010648 2017-12-13] (Realtek Semiconductor Corp. -> Realtek ) R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [203296 2018-10-27] (Disc Soft Ltd -> Duplex Secure Ltd) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [57944 2018-01-05] (Synaptics Incorporated -> Synaptics Incorporated) R1 vbdenum; C:\Windows\System32\drivers\vbdenum.sys [119432 2019-07-24] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46680 2018-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [330936 2018-12-14] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-14] (Microsoft Windows -> Microsoft Corporation) S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-04-06 17:48 - 2020-04-06 17:48 - 000416128 _____ C:\Users\Michał\Downloads\OTL.Txt 2020-04-06 17:13 - 2020-04-06 17:14 - 000050769 _____ C:\Users\Michał\Downloads\Addition.txt 2020-04-06 17:10 - 2020-04-06 17:48 - 000037492 _____ C:\Users\Michał\Downloads\FRST.txt 2020-04-06 17:10 - 2020-04-06 17:48 - 000000000 ____D C:\FRST 2020-04-06 17:10 - 2020-04-06 17:10 - 002281472 _____ (Farbar) C:\Users\Michał\Downloads\FRST64.exe 2020-04-06 17:10 - 2020-04-06 17:10 - 000000000 ____D C:\Users\Michał\Downloads\FRST-OlderVersion 2020-04-05 20:33 - 2020-04-05 20:33 - 000000000 ____D C:\Windows\AutoKMS 2020-04-05 20:13 - 2020-04-06 17:38 - 000000000 ____D C:\ProgramData\TEMP 2020-04-05 20:11 - 2020-04-05 20:11 - 012054352 _____ (Simply Super Software ) C:\Users\Michał\Desktop\trjsetup695.exe 2020-04-05 20:11 - 2020-04-05 20:11 - 000004146 _____ C:\Windows\system32\Tasks\TR_FastScan_Daily_Michał 2020-04-05 20:11 - 2020-04-05 20:11 - 000004004 _____ C:\Windows\system32\Tasks\TR_FastScan_AtLogon 2020-04-05 20:11 - 2020-04-05 20:11 - 000003930 _____ C:\Windows\system32\Tasks\TR_Updater 2020-04-05 20:11 - 2020-04-05 20:11 - 000003786 _____ C:\Windows\system32\Tasks\TR_AntiHijack 2020-04-05 20:11 - 2020-04-05 20:11 - 000001267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Trojan Remover Updater.lnk 2020-04-05 20:11 - 2020-04-05 20:11 - 000001216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Trojan Remover.lnk 2020-04-05 20:11 - 2020-04-05 20:11 - 000001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Trojan Remover FastScan.lnk 2020-04-05 20:11 - 2020-04-05 20:11 - 000000000 ____D C:\Users\Michał\Documents\Simply Super Software 2020-04-05 20:11 - 2020-04-05 20:11 - 000000000 ____D C:\ProgramData\Simply Super Software 2020-04-05 20:11 - 2020-04-05 20:11 - 000000000 ____D C:\Program Files (x86)\Trojan Remover 2020-04-05 20:10 - 2020-04-05 20:10 - 002304995 _____ C:\Users\Michał\Downloads\HiJackThis.zip 2020-04-05 20:10 - 2019-01-14 17:00 - 007241296 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Michał\Desktop\HiJackThis.exe 2020-04-05 19:56 - 2020-04-05 19:56 - 000000000 ____D C:\Users\Michał\AppData\Local\Steam 2020-04-05 19:24 - 2020-04-05 19:24 - 000000000 ____D C:\Users\Michał\AppData\Local\mbam 2020-04-05 19:24 - 2020-04-05 19:24 - 000000000 ____D C:\Users\Michał\AppData\Local\cache 2020-04-05 19:23 - 2020-04-05 19:23 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-04-05 19:23 - 2020-04-05 19:23 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2020-04-05 19:23 - 2020-04-05 19:23 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-04-05 19:23 - 2020-04-05 19:23 - 000000000 ____D C:\Users\Michał\AppData\Local\mbamtray 2020-04-05 19:23 - 2020-04-05 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-04-05 19:23 - 2020-04-05 19:23 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-04-05 19:23 - 2020-04-05 19:23 - 000000000 ____D C:\Program Files\Malwarebytes 2020-04-05 19:22 - 2020-04-05 19:22 - 001957784 _____ (Malwarebytes) C:\Users\Michał\Downloads\MBSetup.exe 2020-04-05 19:12 - 2020-04-05 19:53 - 000000000 ____D C:\Users\Michał\AppData\Roaming\dovhvqav11v 2020-04-05 19:12 - 2020-04-05 19:52 - 000000000 ____D C:\Program Files (x86)\Borot 2020-04-05 19:10 - 2020-04-05 19:10 - 000000000 ____D C:\Users\Michał\AppData\Roaming\Mozilla 2020-04-05 19:08 - 2020-04-05 19:08 - 000069888 _____ C:\Users\Michał\AppData\Local\Config.xml 2020-04-05 19:08 - 2020-04-05 19:08 - 000000000 ____D C:\Users\Michał\AppData\Roaming\Python 2020-04-05 19:07 - 2020-04-05 19:53 - 000000000 ____D C:\Users\Michał\AppData\Roaming\3mrvtwp2owu 2020-04-05 19:07 - 2020-04-05 19:52 - 000000000 ____D C:\Program Files (x86)\aozfilk 2020-04-05 19:07 - 2020-04-05 19:16 - 000000000 ____D C:\Users\Michał\AppData\Local\inetinfoservice 2020-04-05 19:07 - 2020-04-05 19:07 - 000000000 ____D C:\Program Files (x86)\Seed Trade 2020-04-05 10:40 - 2020-04-05 19:52 - 000000000 ____D C:\Users\Michał\AppData\Roaming\SystemDiag 2020-04-05 10:40 - 2020-04-05 10:40 - 000000000 ____D C:\Users\Michał\Desktop\StrongRecovery 3.9.6.1 2020-04-05 10:02 - 2020-04-05 10:02 - 000000000 ____D C:\Users\Michał\Downloads\StrongRecovery 2020-04-02 21:33 - 2020-04-02 21:33 - 000001007 _____ C:\Users\Michał\Downloads\Easy Sharpening-336-1-9-5-1583165497.zip 2020-04-02 17:29 - 2020-04-02 17:30 - 003381493 _____ C:\Users\Michał\Downloads\Easy To See Herbs-213-1-0-1545187791.zip 2020-04-02 15:34 - 2020-04-02 15:34 - 000001765 _____ C:\Users\Michał\Downloads\Perf Lower quality user.cfg-482-1-06.zip 2020-04-01 21:26 - 2020-04-01 21:26 - 000005021 _____ C:\Users\Michał\Downloads\Standard user.cfg-482-1-6.zip 2020-04-01 21:18 - 2020-04-01 21:18 - 000131851 _____ C:\Users\Michał\Downloads\A Sorted Inventory 1.18-290-1-18-1563515654.7z 2020-03-31 16:34 - 2020-03-31 16:34 - 000001057 _____ C:\Users\Michał\Downloads\Uninstaller for kcd_optimized_graphic_preset-121-1-0-743-1-0-0-1559506239.zip 2020-03-31 16:24 - 2020-03-31 16:24 - 012443471 _____ C:\Users\Michał\Downloads\Lockpicking Overhaul - Normal-3-1-9-7-3-1582790580.zip 2020-03-31 16:21 - 2020-03-31 16:21 - 000351741 _____ C:\Users\Michał\Downloads\Sectorial Lockpicking - No Symbols Version-32-1.rar 2020-03-31 16:10 - 2020-03-31 16:10 - 000048126 _____ C:\Users\Michał\Downloads\kcd_optimized_graphic_presets_3-6-2_unofficial-743-3-6-2-1559809784.zip 2020-03-31 16:08 - 2020-03-31 16:08 - 000210370 _____ C:\Users\Michał\Downloads\Instant Herb Picking-367-1-9-5-1583163690.zip 2020-03-31 14:28 - 2020-03-31 14:28 - 000007588 _____ C:\Users\Michał\Downloads\Unlimited Saving - No Schnapps Version-1-2-5-1559053707.zip 2020-03-31 11:54 - 2020-03-31 11:54 - 000000549 _____ C:\Users\Public\Desktop\Steam.lnk 2020-03-31 11:54 - 2020-03-31 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2020-03-31 11:53 - 2020-03-31 11:53 - 001573568 _____ C:\Users\Michał\Downloads\SteamSetup (1).exe 2020-03-30 20:02 - 2020-03-31 12:46 - 000000000 ____D C:\Users\Michał\AppData\Local\Citrix 2020-03-30 20:02 - 2020-03-30 20:12 - 000000000 ____D C:\ProgramData\Citrix 2020-03-30 20:01 - 2020-03-30 20:01 - 000002534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Workspace.lnk 2020-03-30 20:01 - 2020-03-30 20:01 - 000000000 ____D C:\Program Files (x86)\Citrix 2020-03-21 12:11 - 2020-03-21 12:11 - 000000000 ____D C:\ProgramData\Steam 2020-03-21 11:59 - 2020-03-21 11:59 - 000000000 ____D C:\Users\Michał\Documents\WB Games 2020-03-21 11:59 - 2020-03-21 11:59 - 000000000 ____D C:\Users\Michał\AppData\Roaming\NVIDIA 2020-03-21 10:22 - 2020-03-21 10:22 - 000001025 _____ C:\Users\Public\Desktop\Batman Arkham City GOTY.lnk 2020-03-21 10:22 - 2020-03-21 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rocksteady Studios 2020-03-19 10:08 - 2020-03-19 10:19 - 000000000 ____D C:\Users\Michał\Desktop\Praca Zdalna BDP 2020-03-19 10:02 - 2020-03-19 10:05 - 000000000 ____D C:\Users\Michał\AppData\Local\TeamViewer 2020-03-19 10:02 - 2020-03-19 10:02 - 000000000 ____D C:\Users\Michał\AppData\Roaming\TeamViewer 2020-03-19 10:00 - 2020-03-19 10:00 - 026985448 _____ (TeamViewer Germany GmbH) C:\Users\Michał\Desktop\TeamViewer_Setup.exe 2020-03-18 23:22 - 2020-03-18 23:23 - 001369179 _____ C:\Users\Michał\Downloads\bilans-dla-jednostki-malej.pdf 2020-03-17 12:13 - 2020-03-17 12:13 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_vidd_02_19_00.Wdf 2020-03-16 09:03 - 2020-03-16 09:03 - 000000000 ____D C:\Users\Michał\AppData\Local\Frontier Developments 2020-03-16 09:03 - 2020-03-16 09:03 - 000000000 ____D C:\ProgramData\Frontier Developments 2020-03-12 20:19 - 2020-03-12 20:19 - 000143034 _____ C:\Users\Michał\Downloads\cit-st-7-informacja-podatnika-do-ustalenia-naleznych-jednostk.pdf 2020-03-12 16:45 - 2020-03-12 16:45 - 000000000 ____D C:\Windows\Lenovo ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-04-06 17:41 - 2019-01-26 18:17 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat 2020-04-06 17:18 - 2017-12-28 22:26 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-04-06 16:02 - 2020-01-20 10:06 - 000000374 _____ C:\Users\Michał\.vivaldi_reporting_data 2020-04-06 15:07 - 2018-12-02 12:30 - 000005350 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-D29CHJJ-Michał DESKTOP-D29CHJJ 2020-04-06 14:51 - 2017-12-28 18:51 - 000000000 ____D C:\Users\Michał\AppData\Local\CrashDumps 2020-04-05 20:33 - 2018-09-23 19:08 - 000003656 _____ C:\Windows\system32\Tasks\AutoKMS 2020-04-05 20:31 - 2017-12-28 15:33 - 005073316 _____ C:\Windows\system32\PerfStringBackup.INI 2020-04-05 20:31 - 2016-07-17 00:05 - 002344256 _____ C:\Windows\system32\perfh015.dat 2020-04-05 20:31 - 2016-07-17 00:05 - 000635364 _____ C:\Windows\system32\perfc015.dat 2020-04-05 20:27 - 2020-01-24 11:03 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper 2020-04-05 20:27 - 2020-01-23 09:01 - 000000104 _____ C:\Windows\SysWOW64\AbBakConfig.dat 2020-04-05 20:27 - 2020-01-23 09:00 - 000000150 _____ C:\Windows\SysWOW64\winsevr.dat 2020-04-05 20:27 - 2017-12-28 22:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-04-05 20:27 - 2017-12-28 17:14 - 000000000 ____D C:\ProgramData\NVIDIA 2020-04-05 20:27 - 2017-12-28 16:04 - 000000000 __SHD C:\Users\Michał\IntelGraphicsProfiles 2020-04-05 20:26 - 2016-07-16 08:04 - 000524288 _____ C:\Windows\system32\config\BBI 2020-04-05 19:54 - 2017-12-28 15:37 - 000000000 ____D C:\Program Files\Opera 2020-04-05 19:54 - 2017-12-28 15:29 - 000000000 ____D C:\Users\Michał 2020-04-05 19:52 - 2018-02-04 18:13 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-04-05 19:52 - 2018-02-04 18:13 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-04-05 19:52 - 2017-12-28 15:39 - 000000000 ___RD C:\Users\Michał\Desktop\Pobrane 2020-04-05 19:23 - 2016-07-16 13:47 - 000000000 ___HD C:\Windows\ELAMBKUP 2020-04-05 10:39 - 2017-12-28 17:13 - 000000000 ____D C:\ProgramData\Package Cache 2020-04-03 15:46 - 2017-12-29 13:07 - 000000000 ____D C:\Users\Michał\Documents\Dokumenty AFi 2020-04-03 15:34 - 2020-02-23 18:09 - 000001305 _____ C:\Users\Michał\Desktop\PITy 2019.lnk 2020-04-02 15:34 - 2017-12-28 15:40 - 000004000 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1514468433 2020-04-02 15:34 - 2017-12-28 15:40 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2020-04-02 15:30 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness 2020-04-01 06:54 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps 2020-03-30 20:02 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF 2020-03-30 17:14 - 2018-01-10 18:35 - 000004702 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-03-30 17:14 - 2018-01-10 18:34 - 000000000 ____D C:\Users\Michał\AppData\Local\Adobe 2020-03-30 17:13 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-03-30 17:13 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\Macromed 2020-03-28 17:34 - 2020-01-27 10:49 - 000004170 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1580114990 2020-03-27 16:46 - 2017-12-28 17:41 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2020-03-22 18:33 - 2020-01-20 10:06 - 000002396 _____ C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk 2020-03-22 18:33 - 2020-01-20 10:06 - 000002359 _____ C:\Users\Michał\Desktop\Vivaldi.lnk 2020-03-22 18:33 - 2020-01-20 10:06 - 000000000 ____D C:\Users\Michał\AppData\Local\Vivaldi 2020-03-21 12:05 - 2020-02-10 19:15 - 000000000 ____D C:\Program Files\EaseUS 2020-03-21 12:05 - 2017-12-28 22:26 - 000360048 _____ C:\Windows\system32\FNTCACHE.DAT 2020-03-20 22:25 - 2018-02-23 17:26 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-03-20 22:25 - 2018-02-23 17:26 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-03-20 22:22 - 2018-02-04 18:11 - 000003570 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-20 22:22 - 2018-02-04 18:11 - 000003446 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-03-17 23:23 - 2017-12-30 16:58 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1736392577-2743341064-45954849-1001 2020-03-17 23:23 - 2017-12-28 15:31 - 000002410 _____ C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-03-17 23:23 - 2017-12-28 15:31 - 000000000 ___RD C:\Users\Michał\OneDrive 2020-03-14 17:27 - 2020-01-21 12:27 - 000000000 ____D C:\Users\Michał\AppData\Roaming\KeePass 2020-03-14 17:24 - 2020-01-21 12:47 - 000002862 _____ C:\Users\Michał\Documents\michalKeePass-!Z.kdbx 2020-03-12 16:45 - 2018-11-24 17:07 - 000000000 ____D C:\Program Files (x86)\Lenovo 2020-03-12 16:45 - 2018-01-01 22:54 - 000000000 ____D C:\Program Files\Lenovo 2020-03-07 20:03 - 2018-02-20 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Formularze IPS 2020-03-07 20:03 - 2018-02-20 17:18 - 000000000 ____D C:\Program Files (x86)\PITy ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-04-05 19:08 - 2020-04-05 19:08 - 000069888 _____ () C:\Users\Michał\AppData\Local\Config.xml 2018-05-06 16:03 - 2018-05-06 16:03 - 000003584 _____ () C:\Users\Michał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-02-21 19:09 - 2018-02-21 19:09 - 000007598 _____ () C:\Users\Michał\AppData\Local\Resmon.ResmonCfg 2018-07-29 10:10 - 2018-07-29 10:15 - 000000130 _____ () C:\Users\Michał\AppData\Local\uts.ini ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-04-03 15:28 ==================== Koniec FRST.txt ========================