Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 03-07-2021 Uruchomiony przez Magda (administrator) LAPTOP-RET0FPJ7 (Acer Aspire ES1-572) (03-07-2021 14:08:00) Uruchomiony z C:\Users\Magda\Desktop Załadowane profile: Magda Platform: Windows 10 Home Wersja 1803 17134.1304 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\ProgramData\DatacardService\DCService.exe (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\125.4.3474\QtWebEngineProcess.exe <3> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <63> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co.,Ltd. -> ) C:\Program Files (x86)\MobileBrServ\mbbService.exe (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxext.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\IntelCpHeciSvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows10Upgrade\Windows10UpgraderApp.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe (Opera Software AS -> Opera Software) C:\Users\Magda\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [] => [X] HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8167200 2021-06-19] (Dropbox, Inc -> Dropbox, Inc.) HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\Run: [] => [X] HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\Run: [Opera Browser Assistant] => C:\Users\Magda\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3989200 2021-06-24] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Magda\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Magda\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\RunOnce: [Uninstall 21.099.0516.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Magda\AppData\Local\Microsoft\OneDrive\21.099.0516.0003" HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\MountPoints2: {4ee16cb4-c9d8-11e9-b2ad-fc45969e1ff3} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\MountPoints2: {5ad5b3e2-708a-11e8-b268-fc45969e1ff3} - "E:\AutoRun.exe" HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\MountPoints2: {85d87f2f-7bae-11e8-b26f-fc45969e1ff3} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\MountPoints2: {ba09f7e9-d473-11e9-b2b1-fc45969e1ff3} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2986788638-176516453-764042509-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4103224 2020-01-07] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA HKU\S-1-5-18\...\Run: [GarminExpress] => "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized HKLM\...\Print\Monitors\IppMon: C:\WINDOWS\system32\IPPMon.dll [251392 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-02] (Google LLC -> Google LLC) Startup: C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2017-10-12] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {04890450-5369-417B-BE19-BE8A2BABA26F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0E493E27-418D-4CC5-A535-8A4828E88944} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1609C370-86CC-48F6-9B79-CC8C56EEC97A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated) Task: {292238E0-AD29-434D-BB96-49B8A56D9BEB} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: ) Task: {2B2CAB85-F4DB-4B47-ADF4-FD2AC7F6C3C2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-10] (Microsoft Windows -> Microsoft Corporation) Task: {2E2E04B4-E82B-4F9D-B8FA-E8DA45D5F254} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {31D041C3-0D7A-46D6-A598-4AB451DE76F2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-14] (Dropbox, Inc -> Dropbox, Inc.) Task: {3C718BD1-6FC0-44D5-9641-E64C759FFFBE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4384094E-1314-4BBD-B63F-2FCF995AED0F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> ) Task: {43BD4B99-688F-4F99-90C1-62E226E743E8} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer) Task: {43C30821-5CEC-468C-AAD4-5B5243E3D1F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-15] (Google Inc -> Google Inc.) Task: {49D4F891-6EE1-43CF-A841-32AC9217341C} - System32\Tasks\Opera scheduled assistant Autoupdate 1592128764 => C:\Users\Magda\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-06-29] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Magda\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {5966D081-10B6-4ED8-BCE2-F92E5F03F4C4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-17] (Microsoft Corporation -> Microsoft Corporation) Task: {5DE3BBA3-BD0B-4FAA-9095-76E945A9B3C3} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {611AFE4E-3441-4190-AA85-D71E66E3B938} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-25] (Acer Incorporated -> ) Task: {6F425DE7-A39F-442D-AF8B-DE3A7375900B} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {6F8B6D40-2560-480F-BB26-9D9B546F0A14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-15] (Google Inc -> Google Inc.) Task: {7A0166FA-02ED-47F1-9440-6229B2686814} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {7A8C9790-171E-44E3-BA84-F5F072D2A704} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform) Task: {7BE487D0-E0AE-4391-B87A-6AF20786A9BA} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated) Task: {7FC7C5A4-8C05-433B-ACB5-89222763E3FF} - System32\Tasks\Opera scheduled Autoupdate 1592128761 => C:\Users\Magda\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-06-29] (Opera Software AS -> Opera Software) Task: {871A2BD9-F436-4C92-B8D1-448186BEF10F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-06-26] (Microsoft Corporation -> Microsoft Corporation) Task: {8E9CCED9-70A2-49CB-A406-E401BFC2F759} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {A224BDBE-4381-46E7-9CCC-FCAA0A65FA58} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2770736 2019-09-26] (Acer Incorporated -> Acer Incorporated) Task: {AE0192F8-6168-4DF9-A837-048D4DD99A89} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software) Task: {B89E32C8-BA60-4DE5-B65B-D35E751CED96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BE7A9A94-75A4-4EBB-9881-11F22A9B7C00} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-10] (Microsoft Windows -> Microsoft Corporation) Task: {C000B27D-8697-461F-8B74-8F140EABEF18} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-06-26] (Microsoft Corporation -> Microsoft Corporation) Task: {C5795438-F814-4877-B098-8964264AFFF2} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> ) Task: {D3BABD13-0C6A-4DC8-8BBC-BE40B8563D11} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-14] (Dropbox, Inc -> Dropbox, Inc.) Task: {D48E6CB7-86E7-48A0-A3B6-4D805F7A74F3} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe Task: {D52B8DBB-4843-4E55-8B85-1FD14038C667} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-17] (Microsoft Corporation -> Microsoft Corporation) Task: {DDDCE94E-81EF-4652-BE59-02101B4B700C} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446256 2019-09-26] (Acer Incorporated -> Acer Incorporated) Task: {F7E1469D-855A-49DE-9886-F14AA34D8787} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474368 2019-09-25] (Acer Incorporated -> Acer Incorporated) Task: {FB3A1268-4A2C-42E0-8B83-7977E99D0AC2} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> ) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.63 Tcpip\..\Interfaces\{1bbfd719-ec1c-477a-b84d-b171e69b7af7}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{1c06495a-a954-41c8-abcf-c54536deeced}: [DhcpNameServer] 62.179.1.61 62.179.1.63 Tcpip\..\Interfaces\{6e019b6f-910b-443e-b2ab-a1f2c0c12505}: [NameServer] 213.158.199.1 213.158.199.5 Tcpip\..\Interfaces\{bc186909-c32e-4af5-ba78-d56bfcc6e2c9}: [NameServer] 213.158.199.1 213.158.199.5 FireFox: ======== FF DefaultProfile: 3dbeo8ma.default-1521126561419 FF ProfilePath: C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\3dbeo8ma.default-1521126561419 [2021-07-03] FF Homepage: Mozilla\Firefox\Profiles\3dbeo8ma.default-1521126561419 -> hxxps://www.google.pl/?gws_rd=ssl FF Session Restore: Mozilla\Firefox\Profiles\3dbeo8ma.default-1521126561419 -> [funkcja włączona] FF Notifications: Mozilla\Firefox\Profiles\3dbeo8ma.default-1521126561419 -> hxxps://poczta.onet.pl FF Extension: (Brak nazwy) - C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\3dbeo8ma.default-1521126561419\Extensions\abs@avira.com.xpi [2019-01-26] [Brak podpisu cyfrowego] FF Extension: (Brak nazwy) - C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\3dbeo8ma.default-1521126561419\Extensions\ffext_basicvideoext@startpage24.xpi [2021-01-10] [Brak podpisu cyfrowego] FF Extension: (Brak nazwy) - C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\3dbeo8ma.default-1521126561419\Extensions\sp@avast.com.xpi [2020-08-25] [Brak podpisu cyfrowego] FF Extension: (Brak nazwy) - C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\3dbeo8ma.default-1521126561419\Extensions\wrc@avast.com.xpi [2020-06-17] [Brak podpisu cyfrowego] FF Extension: (Brak nazwy) - C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\3dbeo8ma.default-1521126561419\Extensions\{6ced8803-5737-4d13-ae02-2cdabaf5f804}.xpi [2018-11-18] [Brak podpisu cyfrowego] FF Extension: (Brak nazwy) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [nie znaleziono] FF Extension: (Brak nazwy) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-05-28] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-08] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default [2021-07-03] CHR Notifications: Default -> hxxps://meet.google.com; hxxps://poczta.onet.pl; hxxps://teams.microsoft.com; hxxps://www.lento.pl CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Dokumenty) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-15] CHR Extension: (Dysk Google) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-07] CHR Extension: (YouTube) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-15] CHR Extension: (SWPS Logowanie / Login) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdgjmmnmcaagpjbhlbcakapchleobld [2018-10-01] CHR Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-26] CHR Extension: (Arkusze) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-15] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-06-26] CHR Extension: (Avira Browser Safety) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-07-02] CHR Extension: (Dokumenty Google offline) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-02] CHR Extension: (SWPS Logowanie / Login) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkkaeccojkldbaglbfoegmhaeooeplh [2018-10-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23] CHR Extension: (Gmail) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-07] CHR Extension: (Chrome Media Router) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-26] CHR Profile: C:\Users\Magda\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-08] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] Opera: ======= OPR Profile: C:\Users\Magda\AppData\Roaming\Opera Software\Opera Stable [2021-07-03] OPR Notifications: Opera Stable -> hxxps://poczta.onet.pl; hxxps://www-butyjana-pl-03.salesmanagopush.com OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Magda\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-26] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-17] (Microsoft Corporation -> Microsoft Corporation) S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-14] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-14] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-06-19] (Dropbox, Inc -> Dropbox, Inc.) R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [Brak podpisu cyfrowego] R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971976 2021-05-15] (McAfee, LLC -> McAfee, LLC) R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] (Huawei Technologies Co.,Ltd. -> ) S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2019-09-26] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2019-09-26] (Acer Incorporated -> Acer Incorporated) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-28] (Acer Incorporated -> acer) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe" [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [83456 2010-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-16] (Acer Incorporated -> Acer Incorporated) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-16] (Acer Incorporated -> Acer Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-13] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-13] (Microsoft Windows -> Microsoft Corporation) U3 aswbdisk; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-07-03 14:08 - 2021-07-03 14:10 - 000028252 ____C C:\Users\Magda\Desktop\FRST.txt 2021-07-03 14:06 - 2021-07-03 14:10 - 000000000 ____D C:\FRST 2021-07-03 13:57 - 2021-07-03 13:44 - 002300928 ____C (Farbar) C:\Users\Magda\Desktop\FRST64.exe 2021-07-01 18:58 - 2021-07-01 18:58 - 000000000 ___HD C:\$GetCurrent 2021-06-26 13:26 - 2021-06-26 13:26 - 000000000 ___DC C:\Users\Magda\Documents\Nagrania dźwiękowe 2021-06-26 10:26 - 2021-06-26 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-06-26 09:42 - 2021-07-03 00:21 - 000000000 ____D C:\WINDOWS\Panther 2021-06-19 15:55 - 2021-06-19 15:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-06-19 15:55 - 2021-06-19 15:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-06-19 15:55 - 2021-06-19 15:55 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-06-19 15:55 - 2021-06-19 15:55 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2021-06-13 09:30 - 2021-07-01 18:58 - 000000799 ____C C:\Users\Magda\Desktop\Asystent aktualizacji do systemu Windows 10.lnk 2021-06-11 00:27 - 2021-06-24 22:31 - 000004460 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1592128764 2021-06-08 14:40 - 2021-06-08 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Narzędzia pakietu Microsoft Office ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-07-03 14:00 - 2018-06-22 18:20 - 000004222 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{BD48D9DE-919B-4EC7-8D1A-8103CFE8A479} 2021-07-03 13:49 - 2019-10-10 20:42 - 000003536 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck 2021-07-03 13:47 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-07-03 13:24 - 2019-09-12 12:33 - 000000000 ____D C:\Program Files\CCleaner 2021-07-03 12:28 - 2018-06-22 18:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-07-02 22:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps 2021-07-02 22:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-07-02 22:46 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-07-02 07:31 - 2018-03-15 17:07 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-07-02 07:30 - 2021-03-09 19:31 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-02 07:30 - 2021-03-09 19:31 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-07-01 19:03 - 2020-06-14 11:59 - 000004248 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1592128761 2021-07-01 19:03 - 2020-06-14 11:59 - 000001409 ____C C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2021-07-01 19:02 - 2018-06-22 18:20 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2986788638-176516453-764042509-1001 2021-07-01 19:02 - 2018-06-22 18:13 - 000002427 ____C C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-07-01 19:02 - 2017-06-02 12:13 - 000000000 ___RD C:\Users\Magda\OneDrive 2021-07-01 18:58 - 2019-10-18 21:03 - 000000000 ____D C:\Windows10Upgrade 2021-07-01 18:58 - 2018-03-15 07:59 - 000000811 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent aktualizacji do systemu Windows 10.lnk 2021-06-26 10:54 - 2018-06-22 18:22 - 000838606 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-06-26 10:54 - 2018-04-12 17:51 - 000014810 _____ C:\WINDOWS\system32\perfh015.dat 2021-06-26 10:54 - 2018-04-12 17:51 - 000004406 _____ C:\WINDOWS\system32\perfc015.dat 2021-06-26 10:54 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF 2021-06-26 10:52 - 2019-10-10 13:13 - 000000000 ___DC C:\Users\Magda\AppData\Local\D3DSCache 2021-06-26 10:46 - 2018-06-22 18:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-06-26 10:46 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-06-26 10:46 - 2017-06-02 12:11 - 000000000 __SHD C:\Users\Magda\IntelGraphicsProfiles 2021-06-26 10:35 - 2018-11-17 13:47 - 000000000 ___DC C:\Users\Magda\AppData\Roaming\ControlCenter4 2021-06-26 10:31 - 2017-01-17 00:38 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-06-26 10:26 - 2019-01-14 18:25 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-06-26 10:20 - 2017-01-17 01:18 - 000000000 ____D C:\ProgramData\McAfee 2021-06-26 10:20 - 2017-01-17 01:18 - 000000000 ____D C:\Program Files\mcafee 2021-06-26 10:20 - 2017-01-17 01:18 - 000000000 ____D C:\Program Files\Common Files\McAfee 2021-06-26 10:19 - 2019-01-14 18:25 - 000001182 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2021-06-26 10:19 - 2019-01-14 18:25 - 000001178 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2021-06-26 10:17 - 2018-06-22 18:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2021-06-26 10:17 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-06-26 09:36 - 2021-05-23 16:24 - 000000000 ___HD C:\Users\Magda\.opera 2021-06-25 20:04 - 2019-01-14 18:25 - 000004242 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2021-06-25 20:04 - 2019-01-14 18:25 - 000004010 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2021-06-18 13:24 - 2019-09-12 12:33 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-06-13 09:33 - 2018-03-15 14:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-06-12 10:33 - 2018-06-22 19:45 - 000000000 ____D C:\ProgramData\Packages 2021-06-09 18:13 - 2017-06-02 22:02 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-06-09 18:09 - 2017-06-02 22:02 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-06-08 17:35 - 2018-06-22 18:13 - 000000000 ____D C:\Users\Magda 2021-06-08 14:40 - 2019-10-15 09:54 - 000002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2021-06-08 14:40 - 2019-10-15 09:54 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2021-06-08 14:40 - 2019-10-15 09:54 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2021-06-08 14:40 - 2019-10-15 09:54 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2021-06-08 14:40 - 2019-10-15 09:54 - 000002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2021-06-08 14:40 - 2019-10-15 09:54 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2021-06-08 14:40 - 2019-10-15 09:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================