Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-08-2021 Uruchomiony przez User (administrator) DESKTOP-Q2BVABD (Medion Akoya E6412T) (17-08-2021 08:50:45) Uruchomiony z C:\Users\User\Desktop Załadowane profile: User Platform: Windows 10 Home Wersja 2004 19041.1110 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe (Intel(R) pGFX 2020 -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3668184 2020-05-23] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390904 2020-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2020-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-2222033061-2449824583-4099904127-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-2222033061-2449824583-4099904127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2222033061-2449824583-4099904127-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5550304 2021-06-27] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2222033061-2449824583-4099904127-1001\...\Run: [Opera Browser Assistant] => C:\Users\User\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3126808 2020-09-08] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2222033061-2449824583-4099904127-1001\...\Run: [Spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe [23318248 2020-09-12] (Spotify AB -> Spotify Ltd) HKLM\...\Print\Monitors\novaPDF 7 Monitor: C:\WINDOWS\system32\novamnk7.dll [29504 2013-02-13] (Softland S.R.L. -> Softland) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-16] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {05F9D64C-887E-4A9B-B68C-14762DBB4A93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC) Task: {2E966C0D-E7ED-4115-A619-AEFC5B015ABC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282288 2021-08-03] (Microsoft Corporation -> Microsoft Corporation) Task: {34764084-F9C0-4897-8DF7-B4909596B2D9} - System32\Tasks\AdwCleaner_onReboot => C:\Users\User\Downloads\adwcleaner_8.0.6.exe Task: {3DF97C4A-37AB-46AF-B4F6-264B75C35A53} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4057D9F5-B221-4A47-B366-0BB656A67A7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: {4431ED3F-693E-4B1A-9B74-7B460BF9075D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282288 2021-08-03] (Microsoft Corporation -> Microsoft Corporation) Task: {6C67172F-965A-4C40-833E-6C49B7631288} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe Task: {912D8989-A79D-4633-85CE-9BEF04BE634C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC) Task: {9C721597-5968-4319-A463-FF3D7403E04E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113992 2021-08-03] (Microsoft Corporation -> Microsoft Corporation) Task: {9E48F71F-1EB4-4559-BCD7-FF01CA0F667C} - System32\Tasks\Office 2019 Statique Activation Planificateur => C:\Office.Professional.2019.ProPlus.PL.32bit.64bit\Office.2019.ProPlusPL.32bit.64bit\ActO19.cmd -renewalonly Task: {A9D44EEB-3550-4037-A166-CBE30676DC05} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform) Task: {AEF60284-37D2-49DF-85FC-A9301B20919D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {AF6C7558-F9B7-4160-BC07-3FA3A50E8BB4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation) Task: {BD2C0467-74C4-4A50-B391-B7C602BAF624} - System32\Tasks\Opera scheduled Autoupdate 1551742533 => C:\Users\User\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software) Task: {BDF03466-5432-4341-B88A-6C0E501BD0E4} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64920 2020-03-14] (Microsoft Corporation -> Microsoft) Task: {C90B0888-FAEF-4FF8-B660-287E0983EC4C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CB03ED33-ACBF-4145-9676-906C2230E654} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D55DB0A3-2AE0-4472-BEE5-FBCBC5D48B8A} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d48af9a520c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC) Task: {D719C939-E1E2-439B-9F0E-0FA155F4B9C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E21282B6-3626-4219-BAA5-53DAAABF9CEC} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d48af89a1d8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC) Task: {E24075E3-BFF8-4E6E-BE39-356B25A0AF4A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113992 2021-08-03] (Microsoft Corporation -> Microsoft Corporation) Task: {E91589BF-8783-4FAA-B2BA-E2001963CA95} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation) Task: {F2F9E106-34D1-47C7-BD9F-265D67B2E7BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{299a0b58-9616-458b-8019-05d039368f9e}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{a1248b49-ee9f-4668-97f3-5319ba94152d}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-17] FireFox: ======== FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2222033061-2449824583-4099904127-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\User\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-08-17] CHR Notifications: Default -> hxxps://meet.google.com CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Prezentacje) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-29] CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-29] CHR Extension: (Dysk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-29] CHR Extension: (Slinky Elegancki) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2020-05-09] CHR Extension: (OneTab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2021-08-04] CHR Extension: (uBlock Origin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-08-15] CHR Extension: (TimeDoser) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkneeaihlcdllananjlkmppnkdahdcc [2019-09-01] CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2020-07-16] CHR Extension: (MyJDownloader Browser Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-07-10] CHR Extension: (Arkusze) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-29] CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-10] CHR Extension: (No Coin - Block miners on the web!) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2019-09-03] CHR Extension: (VoiceNote II - Speech to text) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm [2019-09-01] CHR Extension: (Referer Control) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkcfpcejkafcihlgbojoidoihckciin [2019-09-01] CHR Extension: (Mendeley Importer (Unofficial)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphdehamhcobplmadppmcklnmnnnfpbe [2019-09-02] CHR Extension: (Battery Monitor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdiabnhbdikbmpaabginbifkmhbpbcf [2019-09-05] CHR Extension: (Progress Bar Timer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmnlbapfmmoaehepmgbkgfcgpddlhbko [2019-09-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31] CHR Extension: (e-pity - dodatek) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2021-05-23] CHR Extension: (MyBib: Free Citation Generator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\phidhnmbkbkbkbknhldmpmnacgicphkf [2020-11-14] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26] CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-24] CHR Extension: (Last.fm Scrobbler YouTube Canary) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncfaijgefbolbapchmpkfkjpgjelclh [2019-09-01] CHR Extension: (Sci-Hub) - C:\Users\User\Downloads\Sci-Hub-0.2 [2021-02-14] [UpdateUrl:hxxps://sci-hub.do/update] <==== UWAGA CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] Opera: ======= OPR Profile: C:\Users\User\AppData\Roaming\Opera Software\Opera Stable [2021-08-15] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (V7 Bookmarks) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bpmgfnikhlpakdkeeahboleoommganka [2021-01-26] OPR Extension: (Turn Off the Lights) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\ccbdoklfbpcifppcfahmmpmbkfdjjccm [2019-03-10] OPR Extension: (Rich Hints Agent) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-14] OPR Extension: (uBlock Origin) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2021-01-26] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9141648 2021-07-21] (Microsoft Corporation -> Microsoft Corporation) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-15] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-09-10] (Martin Malik - REALiX -> REALiX(tm)) R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO2.sys [50248 2021-02-03] (Intel(R) Serial IO Drivers -> Intel Corporation) R3 OEM-Geneic-RadioSwitch; C:\WINDOWS\System32\drivers\OEM-Geneic-RadioSwitch.sys [33024 2019-09-10] (WDKTestCert mmppe,131254031714989740 -> Windows (R) Win 7 DDK provider) S3 PegaRadioSwitch; C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys [33576 2017-03-24] (WDKTestCert VM-Marconi,131258538890438582 -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-15] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-15] (Microsoft Windows -> Microsoft Corporation) R3 xtouch; C:\WINDOWS\System32\drivers\xtouch.sys [182800 2020-05-23] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 MpKsl610215fa; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DBAD7805-BB50-43B3-B2AF-11FE80E5374B}\MpKslDrv.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-08-17 08:50 - 2021-08-17 08:52 - 000019829 _____ C:\Users\User\Desktop\FRST.txt 2021-08-17 08:49 - 2021-08-17 08:41 - 000011418 _____ C:\Users\User\Desktop\Fixlog.txt 2021-08-17 08:41 - 2021-08-17 08:41 - 000011418 _____ C:\Users\User\Downloads\Fixlog.txt 2021-08-16 07:08 - 2021-08-16 07:08 - 000156911 _____ C:\Users\User\Downloads\195-202_Psychiatria_3.2017_Kupnicka_ADHD.pdf 2021-08-15 22:30 - 2021-08-15 22:30 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-08-15 21:48 - 2021-08-15 21:48 - 012232024 _____ (AVAST Software) C:\Users\User\Desktop\avastclear.exe 2021-08-15 20:04 - 2021-08-15 20:04 - 000044897 _____ C:\Users\User\Downloads\Shortcut.txt 2021-08-15 20:00 - 2021-08-15 20:05 - 000043867 _____ C:\Users\User\Downloads\Addition.txt 2021-08-15 19:54 - 2021-08-15 20:05 - 000032818 _____ C:\Users\User\Downloads\FRST.txt 2021-08-15 19:11 - 2021-08-15 19:12 - 000000000 ____D C:\kopie zapasowe 2021-08-15 18:57 - 2021-08-17 08:51 - 000000000 ____D C:\FRST 2021-08-15 18:56 - 2021-08-15 18:56 - 002300416 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe 2021-08-15 18:33 - 2021-08-15 18:33 - 000000000 _____ C:\Users\User\Desktop\Nowy dokument tekstowy.txt 2021-08-15 16:57 - 2021-08-15 16:57 - 000000955 _____ C:\Users\User\Desktop\mks_vir skaner online.lnk 2021-08-15 16:56 - 2021-08-15 17:42 - 000000000 ____D C:\ProgramData\mks_vir 2021-08-15 16:54 - 2021-08-15 16:54 - 037095456 _____ (mks_vir) C:\Users\User\Downloads\mks_vir_online.exe 2021-08-04 08:01 - 2021-08-04 08:01 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb 2021-08-04 07:58 - 2021-08-04 07:58 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb 2021-08-04 07:58 - 2021-08-04 07:58 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb 2021-08-04 07:58 - 2021-08-04 07:58 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb 2021-08-04 07:57 - 2021-08-04 07:57 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-08-04 07:54 - 2021-08-04 07:54 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-08-17 08:46 - 2020-05-13 19:14 - 000000000 ____D C:\Program Files\CCleaner 2021-08-17 08:46 - 2019-08-29 00:31 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-17 08:44 - 2021-02-13 17:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-08-17 08:44 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-17 08:44 - 2018-12-10 13:50 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-08-17 08:43 - 2021-02-13 17:05 - 000008192 ___SH C:\DumpStack.log.tmp 2021-08-17 08:43 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-08-17 08:41 - 2020-06-10 19:48 - 000000000 ____D C:\Users\User\Desktop\programy 2021-08-17 08:39 - 2021-05-23 17:06 - 000002469 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-08-17 08:39 - 2021-02-13 17:44 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2222033061-2449824583-4099904127-1001 2021-08-17 08:39 - 2018-12-10 13:42 - 000000000 ___RD C:\Users\User\OneDrive 2021-08-17 08:37 - 2019-04-29 04:11 - 000000000 ____D C:\Users\User\AppData\Local\FluxSoftware 2021-08-17 08:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-08-17 08:28 - 2021-02-13 17:44 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-08-17 08:26 - 2018-12-10 13:50 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles 2021-08-16 08:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-08-16 08:09 - 2021-02-13 17:05 - 000437552 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-08-16 08:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-08-16 08:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-08-16 08:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-08-16 08:05 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-08-16 07:58 - 2021-02-13 17:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-16 07:48 - 2019-08-29 00:32 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-16 07:48 - 2019-08-29 00:32 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-08-16 07:45 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-08-15 22:27 - 2019-03-05 01:39 - 000000000 ____D C:\ProgramData\AVAST Software 2021-08-15 22:22 - 2021-02-13 17:44 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-08-15 22:02 - 2021-02-20 23:09 - 000000000 ____D C:\Users\User\Desktop\obrona 2021-08-15 22:02 - 2020-09-24 20:55 - 000000000 ____D C:\Users\User\Desktop\stare 2021-08-15 22:02 - 2019-09-03 20:41 - 000000000 ____D C:\Users\User\Desktop\pliki i dokumenty 2021-08-15 19:52 - 2020-10-21 19:08 - 000001088 _____ C:\Users\User\Desktop\praca.txt 2021-08-15 19:11 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-15 19:09 - 2018-12-10 13:29 - 000000000 ____D C:\Users\User\AppData\Local\Packages 2021-08-15 18:50 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-08-15 17:42 - 2020-06-10 19:38 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-15 16:52 - 2021-02-13 17:44 - 000003600 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57d48af9a520c 2021-08-15 16:52 - 2021-02-13 17:44 - 000003476 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57d48af89a1d8 2021-08-15 16:51 - 2018-12-10 13:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-08-15 16:38 - 2020-05-13 19:47 - 000000000 ____D C:\kopie rejstru 2021-08-15 16:36 - 2021-05-23 22:02 - 000000000 ____D C:\WINDOWS\Minidump 2021-08-15 16:36 - 2019-06-02 11:15 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps 2021-08-15 16:31 - 2019-09-10 17:12 - 000000000 ____D C:\ProgramData\ProductData 2021-08-04 08:11 - 2020-05-13 17:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-08-03 18:15 - 2018-12-10 13:42 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder 2021-08-03 18:04 - 2021-03-06 15:12 - 000003416 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7021bd68d520a 2021-08-03 18:04 - 2021-02-13 17:44 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-27 19:04 - 2021-02-13 17:44 - 000004240 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1551742533 2021-07-27 19:04 - 2019-03-05 01:35 - 000001451 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2021-07-25 19:13 - 2019-03-05 01:49 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-07-25 19:01 - 2019-03-05 01:48 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-07-25 17:13 - 2019-03-17 13:33 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-24 23:20 - 2021-02-13 17:44 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-07-24 23:20 - 2021-02-13 17:44 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-07-24 23:20 - 2021-02-13 17:44 - 000003272 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-07-24 23:20 - 2021-02-13 17:44 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-07-24 23:20 - 2021-02-13 17:44 - 000002438 _____ C:\WINDOWS\system32\Tasks\Office 2019 Statique Activation Planificateur 2021-07-24 23:20 - 2021-02-13 17:44 - 000002346 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot 2021-07-24 23:20 - 2021-02-13 17:44 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-07-24 23:20 - 2021-02-13 17:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-12-30 17:01 - 2020-12-30 17:01 - 000000867 _____ () C:\Users\User\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================