Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 13-05-2020 01 Uruchomiony przez Admin (administrator) ADMIN-KOMPUTER (Gateway DT71) (17-05-2020 16:25:16) Uruchomiony z H:\PROGRAMY\Inne użytkowe\Skanowanie plików Załadowane profile: Admin Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\ulcore\1589372020\fshoster64.exe <2> (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\ulcore\1589372020\fsorsp64.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\ulcore\1589372020\FsPisces.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\ulcore\1589372020\fsulprothoster.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Bezpieczny Internet\fshoster32.exe <3> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (IvoSoft) [Brak podpisu cyfrowego] C:\Program Files\Classic Shell\ClassicStartMenu.exe (Krzysztof Kowalczyk -> Krzysztof Kowalczyk) C:\Program Files\SumatraPDF\SumatraPDF.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe <2> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8> (Piotr Pawlowski) [Brak podpisu cyfrowego] C:\Program Files (x86)\foobar2000\foobar2000.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [151552 2013-06-29] (IvoSoft) [Brak podpisu cyfrowego] HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-1564907306-3229291386-2892780254-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2020-01-19] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-1564907306-3229291386-2892780254-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-1564907306-3229291386-2892780254-1000\...\MountPoints2: {df91ab74-c35c-11e6-8e35-50e5495a743c} - F:\setup.exe HKU\S-1-5-21-1564907306-3229291386-2892780254-1000\...\MountPoints2: {df91abb0-c35c-11e6-8e35-50e5495a743c} - G:\setup.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-08] (Google LLC -> Google LLC) IFEO\IMF_ActionCenterDownloader.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoReactivator.exe IFEO\iush.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoReactivator.exe IFEO\Jpro.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoReactivator.exe IFEO\SpecUTool.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoReactivator.exe BootExecute: autocheck autochk * GroupPolicy: Ograniczenia ? <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {5369465D-E907-451C-BA99-C5AE38B86E50} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [141439 2019-04-28] (The Git Development Community) [Brak podpisu cyfrowego] Task: {58591765-DD3C-4127-9579-D54E9D9C2104} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-26] (Google Inc -> Google Inc.) Task: {6A937EF7-57C3-46A9-B049-FD9BF241F380} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-26] (Google Inc -> Google Inc.) Task: {753120E0-0609-468E-B4A5-EAB8FEF3DB79} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-19] (Adobe Inc. -> Adobe) Task: {B0F54355-AE7C-46DA-9BCF-9B6364BE0955} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [136688 2020-01-19] (Glarysoft LTD -> Glarysoft Ltd) Task: {B5CB22AA-EDC4-4E0F-AF98-F7F07CE0CAC7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-19] (Adobe Inc. -> Adobe) Task: {C5461E54-A0AF-45EA-B860-A0B2E8190AF7} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\Bezpieczny Internet\fs_hotfix.exe [281472 2019-08-05] (F-Secure Corporation -> F-Secure Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{61DDE40D-DE41-4553-A0F1-D709D1FD8A08}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{AB0C7EFE-CF7A-49B0-B37F-17D8578B5424}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{CE2151D9-0C05-4667-955C-6F10641BDE50}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1564907306-3229291386-2892780254-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/?gws_rd=ssl BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-06-29] (IvoSoft) [Brak podpisu cyfrowego] BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\nif\1582124234\browser\install\fs_ie_https\fs_ie_https64.dll [2020-02-19] (F-Secure Corporation -> F-Secure Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-14] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-14] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-06-29] (IvoSoft) [Brak podpisu cyfrowego] BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\nif\1582124234\browser\install\fs_ie_https\fs_ie_https.dll [2020-02-19] (F-Secure Corporation -> F-Secure Corporation) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-06-29] (IvoSoft) [Brak podpisu cyfrowego] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-06-29] (IvoSoft) [Brak podpisu cyfrowego] FireFox: ======== FF DefaultProfile: nm465gn4.default-1535982990528 FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nm465gn4.default-1535982990528 [2020-05-17] FF Homepage: Mozilla\Firefox\Profiles\nm465gn4.default-1535982990528 -> www.interia.pl FF NetworkProxy: Mozilla\Firefox\Profiles\nm465gn4.default-1535982990528 -> type", 0 FF Notifications: Mozilla\Firefox\Profiles\nm465gn4.default-1535982990528 -> hxxps://www.youtube.com; hxxps://www.fixitpc.pl FF Extension: (Grammarly for Firefox) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nm465gn4.default-1535982990528\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2019-12-21] FF Extension: (WCAG Color contrast checker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nm465gn4.default-1535982990528\Extensions\colorchecker@colorcheckerniquelao.net.xpi [2020-01-10] FF Extension: (headingsMap) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nm465gn4.default-1535982990528\Extensions\headings@niquelheadings.net.xpi [2020-04-14] FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nm465gn4.default-1535982990528\Extensions\uBlock0@raymondhill.net.xpi [2020-05-16] FF Extension: (ColorZilla) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nm465gn4.default-1535982990528\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2019-04-28] FF Extension: (Selenium IDE) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nm465gn4.default-1535982990528\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2020-03-17] FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\nif\1582124234\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\nif\1582124234\browser\install\fs_firefox_https\fs_firefox_https.xpi [2020-02-19] FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\nif\1582124234\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-19] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-14] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-14] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-19] (Adobe Inc. -> ) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin HKU\S-1-5-21-1564907306-3229291386-2892780254-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Brak pliku] FF Plugin HKU\S-1-5-21-1564907306-3229291386-2892780254-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Admin\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-17] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npatgpc.dll [2020-05-08] Chrome: ======= CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2020-05-08] CHR StartupUrls: Default -> "hxxp://www.interia.pl/" CHR Extension: (Prezentacje) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-26] CHR Extension: (Dokumenty) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-26] CHR Extension: (Dysk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-26] CHR Extension: (Lighthouse) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blipmdconlkpinefehnmjammfjpmpbjk [2019-12-27] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-26] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-05-08] CHR Extension: (Arkusze) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-26] CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-08] CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2019-12-27] CHR Extension: (Selenium IDE) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mooikfkahbdckldjjndioackbalphokd [2020-05-08] CHR Extension: (Website SEO Checker: Free Audit & Analysis) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nljcdkjpjnhlilgepggmmagnmebhadnk [2019-12-27] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07] CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30] CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-08] CHR Extension: (SEO Analysis with Seoptimer) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbjgemahdghhnelnlihpflpdkkmmgj [2019-05-02] CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 fshoster; C:\Program Files (x86)\Bezpieczny Internet\fshoster32.exe [217472 2019-08-05] (F-Secure Corporation -> F-Secure Corporation) R2 fsnethoster; C:\Program Files (x86)\Bezpieczny Internet\fshoster32.exe [217472 2019-08-05] (F-Secure Corporation -> F-Secure Corporation) R2 fsulhoster; C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\ulcore\1589372020\fshoster64.exe [584776 2020-05-13] (F-Secure Corporation -> F-Secure Corporation) R2 fsulnethoster; C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\ulcore\1589372020\fshoster64.exe [584776 2020-05-13] (F-Secure Corporation -> F-Secure Corporation) R2 fsulorsp; C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\ulcore\1589372020\fsorsp64.exe [101248 2020-05-13] (F-Secure Corporation -> F-Secure Corporation) R2 fsulprothoster; C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\ulcore\1589372020\fsulprothoster.exe [584776 2020-05-13] (F-Secure Corporation -> F-Secure Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Brak podpisu cyfrowego] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-29] (Malwarebytes Inc -> Malwarebytes) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [192000 2012-12-29] (Microsoft Corporation -> Microsoft Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2020-04-30] (Realtek Semiconductor.) [Brak podpisu cyfrowego] S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [612864 2012-12-29] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-08-08] (Microsoft Windows -> Microsoft Corporation) S3 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [117608 2017-12-11] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-06-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10278912 2012-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [368640 2012-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) S3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [237416 2017-12-11] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.) R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [85704 2017-06-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [43720 2017-06-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) S3 ampa; C:\Windows\system32\ampa.sys [19568 2015-11-10] (ChengDu AoMei Tech Co., Ltd -> ) [Brak podpisu cyfrowego] S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-09-18] (AVAST Software a.s. -> The OpenVPN Project) R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 F-Secure Gatekeeper; C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\ulcore\1589372020\fsulgk.sys [290184 2020-05-13] (F-Secure Corporation -> F-Secure Corporation) R1 F-Secure UL HIPS; C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\ulcore\1589372020\fshs.sys [102792 2020-05-13] (F-Secure Corporation -> F-Secure Corporation) R0 fsbts; C:\Windows\System32\drivers\fsbts.sys [57512 2019-10-02] (F-Secure Corporation -> ) R3 fsni; C:\Program Files (x86)\Bezpieczny Internet\apps\Ultralight\nif\1582124234\fsni64.sys [111472 2020-02-19] (F-Secure Corporation -> F-Secure Corporation) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-08-10] (Glarysoft LTD -> Glarysoft Ltd) S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated) [Brak podpisu cyfrowego] R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [66128 2019-07-14] (Martin Malik - REALiX -> REALiX(tm)) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) S3 qcusbnet; C:\Windows\System32\DRIVERS\innosusbnet.sys [510976 2012-10-26] (QUALCOMM Incorporated) [Brak podpisu cyfrowego] S3 qcusbser; C:\Windows\System32\DRIVERS\innosusbser.sys [369792 2012-10-26] (QUALCOMM Incorporated) [Brak podpisu cyfrowego] S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation -> Microsoft Corporation) S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation ) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [Brak podpisu cyfrowego] R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [58536 2012-08-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R3 vmulti; C:\Windows\System32\DRIVERS\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 atillk64; \??\C:\Program Files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-05-17 16:22 - 2020-05-17 16:26 - 000000000 ____D C:\FRST 2020-05-17 14:58 - 2020-05-17 14:58 - 000077080 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT 2020-05-17 13:52 - 2020-05-17 13:52 - 000000000 ____D C:\Program Files (x86)\DB Software Laboratory 2020-05-17 12:38 - 2020-05-17 12:38 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2020-05-10 14:22 - 2020-05-13 23:07 - 000133204 _____ C:\Users\Admin\Filtrowanie_map_apply.ipynb 2020-05-08 23:32 - 2020-05-09 22:21 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-05-08 20:06 - 2020-05-08 20:06 - 000000000 ____D C:\Users\Admin\AppData\Local\BayesFusion 2020-05-08 20:05 - 2020-05-09 09:47 - 000000000 ____D C:\Program Files (x86)\GeNIe 2.5 Academic 2020-05-08 20:05 - 2020-05-08 20:05 - 000001091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QGeNIe 2.5 Academic.lnk 2020-05-08 20:05 - 2020-05-08 20:05 - 000001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeNIe 2.5 Academic.lnk 2020-05-06 17:19 - 2020-05-06 17:19 - 000135527 _____ C:\Users\Admin\Desktop\Krzysztof Sobota - CV (Reaxum).pdf 2020-05-06 14:25 - 2020-05-06 14:25 - 000141222 _____ C:\Users\Admin\Desktop\Krzysztof Sobota - CV (FAR).pdf 2020-05-06 00:05 - 2020-05-06 00:05 - 000031732 _____ C:\Users\Admin\Desktop\epdf.pub_smoothing-methods-in-statistics.pdf 2020-05-03 22:04 - 2020-05-03 22:04 - 000159988 _____ C:\Users\Admin\Desktop\Wniosek_o_wydanie_legitymacji_ON.pdf 2020-04-29 13:47 - 2020-04-29 13:47 - 000054726 _____ C:\Users\Admin\Desktop\DW Challenges - all editions and days.pdf 2020-04-28 22:18 - 2020-05-17 14:30 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\IGDump 2020-04-26 22:26 - 2020-04-28 17:28 - 000141013 _____ C:\Users\Admin\Desktop\Krzysztof Sobota - CV (Britenet).pdf 2020-04-21 20:09 - 2020-04-21 20:11 - 000134748 _____ C:\Users\Admin\Desktop\Krzysztof Sobota - CV.pdf 2020-04-20 22:56 - 2020-04-20 22:56 - 000000000 ____D C:\Program Files\AdoptOpenJDK 2020-04-20 22:48 - 2020-04-20 23:08 - 000000000 ____D C:\Users\Admin\.sfdx 2020-04-20 22:48 - 2020-04-20 22:48 - 000000000 ____D C:\Users\Admin\AppData\Local\sfdx 2020-04-20 22:39 - 2020-04-20 22:39 - 000000000 ____D C:\Program Files\Salesforce CLI 2020-04-19 18:42 - 2020-04-19 20:54 - 000000000 ____D C:\Users\Admin\Kaggle 2020-04-17 21:20 - 2020-04-17 21:20 - 000000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-05-17 16:03 - 2016-09-18 16:41 - 000000000 ____D C:\Users\Admin\AppData\Roaming\foobar2000 2020-05-17 15:39 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2020-05-17 14:40 - 2016-11-18 08:58 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla 2020-05-17 14:23 - 2017-12-13 15:18 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5 2020-05-17 12:38 - 2020-03-18 17:48 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Zoom 2020-05-17 08:46 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-05-17 08:46 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-05-17 08:41 - 2011-04-12 15:21 - 016722598 _____ C:\Windows\system32\perfh015.dat 2020-05-17 08:41 - 2011-04-12 15:21 - 005668934 _____ C:\Windows\system32\perfc015.dat 2020-05-17 08:41 - 2009-07-14 07:13 - 000006694 _____ C:\Windows\system32\PerfStringBackup.INI 2020-05-17 08:37 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-05-17 00:06 - 2020-02-22 00:06 - 000000000 ____D C:\Users\Admin\developer_survey_2017 2020-05-17 00:06 - 2020-02-18 18:43 - 000000000 ____D C:\Users\Admin\AppData\Roaming\jupyter 2020-05-16 20:43 - 2020-02-19 01:10 - 000000000 ____D C:\Users\Admin\Energy_usage 2020-05-16 20:17 - 2019-04-29 18:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\GitHub Desktop 2020-05-16 19:27 - 2020-02-18 17:08 - 000000000 ____D C:\Users\Admin\.conda 2020-05-16 19:23 - 2019-04-29 18:10 - 000002296 _____ C:\Users\Admin\Desktop\GitHub Desktop.lnk 2020-05-16 19:23 - 2019-04-29 18:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2020-05-16 19:23 - 2019-04-29 18:10 - 000000000 ____D C:\Users\Admin\AppData\Local\GitHubDesktop 2020-05-16 19:23 - 2018-03-26 19:42 - 000000000 ____D C:\Users\Admin\AppData\Local\SquirrelTemp 2020-05-16 19:20 - 2020-02-19 01:12 - 000000000 ____D C:\Users\Admin\Bank 2020-05-16 13:24 - 2019-10-13 20:37 - 000000070 _____ C:\Users\Admin\.condarc 2020-05-13 23:07 - 2016-09-17 21:26 - 000000000 ____D C:\Users\Admin 2020-05-10 14:23 - 2020-02-18 19:21 - 000000000 ____D C:\Users\Admin\.ipynb_checkpoints 2020-05-09 23:28 - 2019-06-29 15:52 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Code 2020-05-09 23:21 - 2020-02-18 17:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2020-05-09 22:21 - 2016-09-18 17:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-05-09 00:12 - 2020-01-23 20:34 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc 2020-05-04 14:37 - 2020-02-18 18:37 - 000000000 ____D C:\Users\Admin\Anaconda3 2020-04-30 23:35 - 2020-02-19 01:11 - 000000000 ____D C:\Users\Admin\London_bike 2020-04-30 16:31 - 2016-09-17 22:34 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2020-04-30 16:31 - 2016-09-17 22:33 - 000000000 ___HD C:\Program Files (x86)\Temp 2020-04-30 16:30 - 2016-09-17 22:33 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-04-30 16:30 - 2016-09-17 22:33 - 000000000 ____D C:\Program Files (x86)\Realtek 2020-04-30 14:24 - 2018-09-19 08:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2020-04-29 14:45 - 2017-03-11 23:38 - 000000000 ____D C:\Users\Admin\AppData\Local\ESET 2020-04-28 22:44 - 2019-08-05 20:07 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-04-20 23:06 - 2017-09-06 23:38 - 000000000 ____D C:\Users\Admin\AppData\Roaming\npm-cache 2020-04-19 23:40 - 2020-03-24 19:05 - 000000000 ____D C:\Users\Admin\Bacteriofags 2020-04-17 21:27 - 2020-02-18 17:02 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit) ==================== Pliki w katalogu głównym wybranych folderów ======== 2017-01-29 23:50 - 2020-01-23 19:58 - 000003584 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-07-13 21:48 - 2019-07-13 21:48 - 000000348 _____ () C:\Users\Admin\AppData\Local\karboncalligraphyrc 2019-07-13 21:03 - 2019-07-13 22:57 - 000016253 _____ () C:\Users\Admin\AppData\Local\krita.log 2019-07-13 22:57 - 2019-07-13 22:57 - 000000181 _____ () C:\Users\Admin\AppData\Local\kritadisplayrc 2019-07-13 21:03 - 2019-07-13 22:57 - 000024400 _____ () C:\Users\Admin\AppData\Local\kritarc 2020-02-17 23:25 - 2020-02-17 23:25 - 000005392 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel 2016-09-18 23:29 - 2016-09-18 23:29 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-05-17 12:08 ==================== Koniec FRST.txt ========================