Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21-08-2021 Uruchomiony przez Rychu (administrator) RYCHU_ELMET (LENOVO 20351) (23-08-2021 08:38:45) Uruchomiony z C:\Users\Rychu\Desktop Załadowane profile: Rychu Platform: Windows 10 Home Wersja 1909 18363.1556 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Atheros) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Comarch S.A. -> ) C:\Program Files (x86)\Comarch ERP Optima\GenRap\GenRapClient.exe (Comarch S.A. -> Comarch S.A.) C:\Program Files (x86)\Comarch ERP Optima\Comarch OPT!MA.exe (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Hewlett-Packard Company -> Hewlett Packard) C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe (Ivaylo Beltchev -> IvoSoft) [Brak podpisu cyfrowego] C:\Program Files\Classic Shell\ClassicStartMenu.exe (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe (McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.RESET2\MSSQL\Binn\sqlservr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <13> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Sanford, L.P.) [Brak podpisu cyfrowego] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [Brak podpisu cyfrowego] HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [165928 2021-08-16] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> ) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKU\S-1-5-21-3265044768-942972550-2750620262-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3265044768-942972550-2750620262-1001\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3724824 2021-05-10] (IObit CO., LTD -> IObit) HKU\S-1-5-21-3265044768-942972550-2750620262-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Windows x64\Print Processors\ssj1MPC: C:\Windows\System32\spool\prtprocs\x64\ssj1mpc.dll [43520 2015-04-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\DYMO LabelWriter Wireless v2 Monitor: C:\WINDOWS\system32\LWWV2MON.DLL [34128 2018-07-27] (Microsoft Windows Hardware Compatibility Publisher -> DYMO Corp.) HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\HPM1210LM: C:\WINDOWS\system32\HPM1210LM.DLL [409088 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\PDF-XChange4: C:\WINDOWS\system32\pxc40pm.dll [50456 2010-03-02] (Tracker Software Products Ltd -> Tracker Software Products Ltd.) HKLM\...\Print\Monitors\Seagull Network Monitor: C:\WINDOWS\system32\ssnetmon.d64 [1781744 2017-04-11] (Seagull Scientific, Inc -> Seagull Scientific, Inc.) HKLM\...\Print\Monitors\ssj1M Langmon: C:\WINDOWS\system32\ssj1mlm.dll [22528 2015-04-08] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\...\AppCompatFlags\Custom\Comarch ERP Altum HR.exe: [{6713fee8-dd53-48f5-adc5-b5a0498bde48}.sdb] -> Comarch ERP WMPAINT Fix HKLM\Software\...\AppCompatFlags\Custom\Comarch ERP XL HR.exe: [{6713fee8-dd53-48f5-adc5-b5a0498bde48}.sdb] -> Comarch ERP WMPAINT Fix HKLM\Software\...\AppCompatFlags\Custom\Comarch OPT!MA.exe: [{6713fee8-dd53-48f5-adc5-b5a0498bde48}.sdb] -> Comarch ERP WMPAINT Fix HKLM\Software\...\AppCompatFlags\InstalledSDB\{6713fee8-dd53-48f5-adc5-b5a0498bde48}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{6713fee8-dd53-48f5-adc5-b5a0498bde48}.sdb [2020-07-16] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-19] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [Brak podpisu cyfrowego] HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [Brak podpisu cyfrowego] HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0620BDE7-8E6D-4B68-BF87-982B23E3FF38} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard) Task: {141986CE-44C7-48B7-ACA2-3E1E87F13618} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {19BCD363-E5F6-4390-B266-72F139B3988A} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2020-07-31] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {1A79FD20-1111-44D8-BF75-D40C55A6ACE3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {269A767E-E582-4E9E-82E7-EE81E89F09BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {26D5A706-28E2-49C7-9677-6DD761E9DF76} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation) Task: {34E92921-EA77-4C30-9BA1-E2FEB9F72546} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722536 2021-08-09] (Microsoft Corporation -> Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {39AB5C1D-FD1E-4EC6-99E9-E76F485ACC4B} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe Task: {3A0D7425-440D-4AF5-9699-14A5887A6A53} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation) Task: {3BD1F55A-C2BA-40BE-B01A-F9D6161A63A0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation) Task: {435C9A3B-2104-42E7-9FF6-C68622BA7B36} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {43DA3D36-B7DA-4C42-9AC2-1963D14E2455} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {493CE2F5-D8CC-482B-B42C-C4210C760988} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform) Task: {4D1943E6-2C75-47D6-86FB-F30A4F34AC78} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722536 2021-08-09] (Microsoft Corporation -> Microsoft Corporation) Task: {59DD3B85-089F-41F1-A707-02FCA7096210} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {5FE74DFE-9F40-4481-A434-21C0273FC3AD} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {62406C9E-50CC-4973-9FA0-646393D85771} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [4546072 2021-06-30] (IObit CO., LTD -> IObit) Task: {625A81D0-D299-4A0A-B763-4971E29543C4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {64581634-035E-44F6-B240-67B0F6953C9C} - \WPD\SqmUpload_S-1-5-21-3265044768-942972550-2750620262-1001 -> Brak pliku <==== UWAGA Task: {69D7581F-613C-4DEF-83AF-1ECF8F6F47EA} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Brak pliku <==== UWAGA Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {725C3AA1-20B6-469C-8B66-BBE7E2897365} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {7293DA2D-2562-4160-89AB-1D1BA3FDE9BD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation) Task: {73D90CAC-7FA8-4603-8EB0-A1523C8DDD13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {82D91314-4680-4D2D-B315-D277160ED40E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-06-08] (Google Inc -> Google Inc.) Task: {86F1FD4B-5DB8-44A3-BED1-70DDAE0B7225} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {88884EA8-62CE-46A7-B41A-1DDCAF6DF28F} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-19] (Mozilla Corporation -> Mozilla Foundation) Task: {8DDA3758-900B-4799-90FE-0556D667BBA2} - System32\Tasks\ASC_SkipUac_Rychu => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [9578520 2021-06-30] (IObit CO., LTD -> IObit) Task: {994591F7-2272-4139-B9B8-5B6138124AED} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {9A46595E-A538-43B2-8A17-E2D6ACFAFAFA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {9B813868-4B27-41AA-B7B8-47E2E274E2F1} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\Platform\McAMTaskAgent.exe [650768 2015-05-06] (McAfee, Inc. -> McAfee, Inc.) Task: {9D5943C9-632A-4291-9EC8-ECC71CC0F9D9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-16] (Microsoft Corporation -> Microsoft Corporation) Task: {A159C014-1A19-4210-84EA-7DA5C27C98AA} - System32\Tasks\Uninstaller_SkipUac_Rychu => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6706200 2021-04-27] (IObit CO., LTD -> IObit) Task: {A7D3B5AA-9690-4239-9F16-E26B676A40A1} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9612eeb6732 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-06-08] (Google Inc -> Google Inc.) Task: {B0DB6439-BBAC-4797-A944-0B0F21D15EB8} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {B2D0C8A7-447D-4BD1-AF29-8BCA82D18C6A} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {B62DFFB6-BE63-49D9-93BA-DF56016B1A2C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {C2D9D9FA-3CCF-4EA8-878C-1B79B604CC45} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {C45B7D31-71A9-4C16-9113-E31C21A64866} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D3A321E7-A9EF-4D32-9A0F-0A14BFA3676F} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {DD7FAA2A-BE43-49B5-AA0B-796C2EB073DE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-08-17] (LENOVO -> Lenovo) Task: {E0810788-814A-4A25-9BBB-B3D4418B7AA5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {F448A6D1-7B41-45E8-B6AF-6CFEAFD618B9} - System32\Tasks\CCleanerSkipUAC - Rychu => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F6BA8530-93D5-4E76-BADC-B6FD5C9C02F3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {F95335BB-1121-4252-B5E8-E74E52B97BD0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [133215968 2021-08-11] (Microsoft Windows -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0291b1fd-4485-481b-be54-9b2650b93018}: [DhcpNameServer] 194.204.152.34 194.204.159.1 Tcpip\..\Interfaces\{aadb9360-5e88-421f-8835-6f6c1dfcf000}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{fe3a2f8f-28dd-47dc-ab8e-6e76e409c208}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge Profile: C:\Users\Rychu\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-19] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: y7gu4mbl.DomyĹ›lny uĹĽytkownik FF ProfilePath: C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\y7gu4mbl.DomyĹ›lny uĹĽytkownik [nie znaleziono] <==== UWAGA FF ProfilePath: C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old [2021-08-23] FF user.js: detected! => C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old\user.js [2021-05-14] FF Session Restore: Mozilla\Firefox\Profiles\aguvauqn.old -> [funkcja włączona] FF Notifications: Mozilla\Firefox\Profiles\aguvauqn.old -> hxxps://dashboard.zopim.com; hxxps://mielno.webcamera.pl; hxxps://www.leroymerlin.pl; hxxps://www.facebook.com; hxxps://inpost.pl; hxxps://app.smartsupp.com; hxxps://poczta.wp.pl FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2020-07-28] FF Extension: (Print Edit WE) - C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old\Extensions\printedit-we@DW-dev.xpi [2021-08-06] FF Extension: (BMW M logo) - C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old\Extensions\{192b3d0e-252c-4579-889f-99de5b438890}.xpi [2020-12-29] FF Extension: (Carbon BMW M) - C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old\Extensions\{5a5dfae3-3c1c-4510-8e11-ebdf5f3e0548}.xpi [2020-12-29] FF Extension: (Compteur BMW Motorsport) - C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old\Extensions\{9b69c6ec-27b9-49da-9d3a-69038f002116}.xpi [2020-12-29] FF Extension: (BMW M3 Art Car) - C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old\Extensions\{ad804756-a3cf-4e81-98cc-25d37ed12e29}.xpi [2020-12-29] FF Extension: (BMW Roundel) - C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old\Extensions\{c75e9f9e-f7b4-4765-8ba7-0c879e025ae4}.xpi [2020-12-29] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-07-28] FF Extension: (BMW M5 E60) - C:\Users\Rychu\AppData\Roaming\Mozilla\Firefox\Profiles\aguvauqn.old\Extensions\{e79f4527-da3c-48d5-b13e-fda7b095e148}.xpi [2020-12-29] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2015-06-29] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> ) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [2015-05-13] (McAfee, Inc. -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> ) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [2015-05-13] (McAfee, Inc. -> ) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-08-23] Chrome: ======= CHR Profile: C:\Users\Rychu\AppData\Local\Google\Chrome\User Data\Default [2021-08-20] CHR Notifications: Default -> hxxps://www.wp.pl CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Rychu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-29] CHR Extension: (Adobe Acrobat) - C:\Users\Rychu\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-16] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Rychu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-13] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Rychu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-18] CHR Extension: (Gmail) - C:\Users\Rychu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-30] CHR Extension: (Chrome Media Router) - C:\Users\Rychu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-30] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe) R2 AdvancedSystemCareService14; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1295384 2021-04-28] (IObit CO., LTD -> IObit) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-12-07] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142128 2021-08-05] (Microsoft Corporation -> Microsoft Corporation) S3 ComarchAutomatSynchronizacji; C:\Program Files (x86)\Comarch ERP Optima\ComarchOptimaSerwisOperacjiAutomatycznych.exe [181960 2020-07-16] (Comarch S.A. -> Comarch S.A.) R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [27136 2021-03-18] (Sanford, L.P.) [Brak podpisu cyfrowego] R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [3079464 2021-08-16] (ESET, spol. s r.o. -> ESET) S2 gupdate1d0c53847bc3fbd; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-06-08] (Google Inc -> Google Inc.) S2 gupdatem1d0c53847bd515f; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-06-08] (Google Inc -> Google Inc.) S3 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc. -> McAfee, Inc.) S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Brak podpisu cyfrowego] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-10-19] (IObit Information Technology -> IObit) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-17] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-09] (Malwarebytes Inc -> Malwarebytes) S3 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [754280 2015-05-13] (McAfee, Inc. -> McAfee, Inc.) S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc. -> McAfee, Inc.) S3 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc. -> McAfee, Inc.) S3 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [207344 2015-06-04] (McAfee, Inc. -> McAfee, Inc.) S3 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc. -> McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc. -> McAfee, Inc.) S3 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc. -> McAfee, Inc.) S3 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc. -> McAfee, Inc.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-04-08] (McAfee, Inc. -> McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-05-14] (McAfee, Inc. -> McAfee, Inc.) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [250672 2015-04-08] (McAfee, Inc. -> McAfee, Inc.) R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc. -> McAfee, Inc.) R2 MSSQL$RESET2; C:\Program Files\Microsoft SQL Server\MSSQL11.RESET2\MSSQL\Binn\sqlservr.exe [194240 2016-09-24] (Microsoft Corporation -> Microsoft Corporation) S3 MYPOINT; C:\Program Files (x86)\MyPoint\v1.1.0.0\Comarch.BI.MyPoint.exe [137728 2019-12-11] () [Brak podpisu cyfrowego] S3 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.) S3 RBSS_OptimaBI; C:\Program Files (x86)\Comarch ERP Optima\Analizy BI\bin\reports book\Comarch.Msp.ReportsBook.Subscriptions.Service.exe [112640 2020-05-29] (Comarch S.A.) [Brak podpisu cyfrowego] S4 SQLAgent$RESET2; C:\Program Files\Microsoft SQL Server\MSSQL11.RESET2\MSSQL\Binn\SQLAGENT.EXE [613056 2016-09-24] (Microsoft Corporation -> Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13238568 2021-07-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WTService; C:\WINDOWS\system32\atwtusb.exe [914664 2011-01-26] (WALTOP International Corporation -> ) [Brak podpisu cyfrowego] R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-29] (Atheros) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AscFileControl; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [40496 2020-06-03] (IObit Information Technology -> IObit) R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [46008 2020-07-21] (IObit Information Technology -> IObit) R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46008 2020-06-03] (IObit Information Technology -> IObit) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-01-03] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [68784 2015-04-08] (McAfee, Inc. -> McAfee, Inc.) R3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2021-08-20] (CPUID -> CPUID) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169424 2021-08-03] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [123472 2021-08-03] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [194776 2021-08-03] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43904 2021-08-03] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70232 2021-08-03] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-08-03] (ESET, spol. s r.o. -> ESET) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc. -> McAfee, Inc.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-12-06] (Martin Malik - REALiX -> REALiX(tm)) R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit) R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit) R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-09] (Malwarebytes Inc -> Malwarebytes) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [402888 2015-04-08] (McAfee, Inc. -> McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [338272 2015-04-08] (McAfee, Inc. -> McAfee, Inc.) R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [101872 2015-04-08] (McAfee, Inc. -> McAfee, Inc.) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80160 2015-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [488000 2015-04-08] (McAfee, Inc. -> McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [864200 2015-04-08] (McAfee, Inc. -> McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc. -> McAfee, Inc.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc. -> McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [335944 2015-04-08] (McAfee, Inc. -> McAfee, Inc.) R3 moufiltr; C:\WINDOWS\System32\drivers\moufiltr.sys [7680 2009-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [48480 2017-03-21] (IObit Information Technology -> IObit Information Technology) S4 RsFx0201; C:\WINDOWS\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation -> Microsoft Corporation) R3 vhidmini; C:\WINDOWS\System32\drivers\walvhid.sys [7552 2009-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 VSBC8; C:\WINDOWS\System32\drivers\evsbc8.sys [125624 2017-01-18] (Element 5 Limited Liability Company -> ELTIMA Software) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429288 2020-11-06] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-06] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-08-23 08:38 - 2021-08-23 08:41 - 000038521 _____ C:\Users\Rychu\Desktop\FRST.txt 2021-08-23 08:34 - 2021-08-23 08:34 - 002300928 _____ (Farbar) C:\Users\Rychu\Desktop\FRST64.exe 2021-08-23 08:34 - 2021-08-23 08:34 - 000000000 ____D C:\Users\Rychu\Desktop\FRST-OlderVersion 2021-08-23 08:33 - 2021-08-23 08:40 - 000000000 ____D C:\FRST 2021-08-23 08:12 - 2021-08-23 08:12 - 000313366 _____ C:\Users\Rychu\Desktop\WindowsUpdateDiagnostic.diagcab 2021-08-23 07:01 - 2021-08-23 07:01 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-08-19 09:38 - 2021-08-20 07:00 - 000000000 ____D C:\Program Files\ruxim 2021-08-19 07:05 - 2021-08-19 07:05 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-08-19 07:05 - 2021-08-19 07:05 - 000002896 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Rychu 2021-08-19 07:04 - 2021-08-19 07:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-08-18 07:29 - 2021-08-18 07:29 - 001568768 _____ C:\WINDOWS\system32\config\DEFAULT.iobit 2021-08-18 07:29 - 2021-08-18 07:29 - 000061440 _____ C:\WINDOWS\system32\config\SECURITY.iobit 2021-08-18 07:29 - 2021-08-18 07:29 - 000045056 _____ C:\WINDOWS\system32\config\SAM.iobit 2021-08-18 07:28 - 2021-08-18 07:29 - 139505664 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit 2021-08-16 14:08 - 2021-08-16 14:08 - 000012175 _____ C:\Users\Rychu\Desktop\wykaz stalek ceny.xlsx 2021-08-12 10:45 - 2021-08-12 10:45 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2021-08-09 11:52 - 2021-08-19 14:47 - 001789967 _____ C:\Users\Rychu\Desktop\bulk-import_v4.0_pl.xlsm 2021-08-09 09:48 - 2021-08-09 09:48 - 012227084 _____ C:\Users\Rychu\Desktop\Cennik 2021 FESTA.xlsx 2021-08-03 11:05 - 2021-08-03 11:05 - 000000000 ____D C:\Users\Rychu\AppData\Roaming\PC-FAX TX 2021-08-03 08:27 - 2021-08-03 08:26 - 000194776 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys 2021-08-03 08:27 - 2021-08-03 08:26 - 000169424 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys 2021-08-03 08:27 - 2021-08-03 08:26 - 000107456 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2021-08-03 08:27 - 2021-08-03 08:26 - 000070232 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys 2021-08-03 08:27 - 2021-08-03 08:26 - 000043904 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys 2021-08-02 08:29 - 2021-08-02 08:29 - 000000000 ___HD C:\$WINDOWS.~BT 2021-07-30 07:08 - 2021-08-12 09:14 - 000000000 ____D C:\Users\Rychu\Desktop\prosperplast 2021-07-29 07:53 - 2021-07-29 07:53 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-08-23 08:40 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-23 08:37 - 2019-10-03 11:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-08-23 08:31 - 2015-05-14 22:24 - 000000000 ____D C:\Users\Rychu\AppData\Local\ClassicShell 2021-08-23 08:09 - 2015-05-15 11:49 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-23 07:18 - 2016-11-23 09:03 - 000000000 ____D C:\Users\Rychu\AppData\LocalLow\Mozilla 2021-08-23 07:06 - 2017-04-10 06:27 - 000000000 ____D C:\Program Files\CCleaner 2021-08-23 07:06 - 2015-05-14 22:20 - 000000000 ____D C:\ProgramData\Mozilla 2021-08-23 07:02 - 2015-05-14 21:44 - 000000000 __SHD C:\Users\Rychu\IntelGraphicsProfiles 2021-08-20 13:02 - 2015-08-21 07:41 - 000000000 ____D C:\Users\Rychu\AppData\Local\ElevatedDiagnostics 2021-08-20 12:55 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF 2021-08-20 12:05 - 2015-05-15 07:15 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-08-20 12:02 - 2020-01-03 21:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-08-20 12:01 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-08-20 09:49 - 2015-05-15 14:17 - 000000000 ____D C:\Users\Rychu\AppData\Local\CrashDumps 2021-08-20 09:46 - 2020-01-03 21:32 - 001520506 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-08-20 09:46 - 2019-03-19 14:23 - 000676044 _____ C:\WINDOWS\system32\perfh015.dat 2021-08-20 09:46 - 2019-03-19 14:23 - 000132858 _____ C:\WINDOWS\system32\perfc015.dat 2021-08-20 09:42 - 2019-12-06 07:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-08-20 09:42 - 2016-11-24 08:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-08-20 09:17 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-20 09:17 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-08-20 07:19 - 2017-12-01 18:04 - 000000000 ____D C:\Users\Rychu\AppData\Local\Packages 2021-08-20 07:02 - 2016-10-03 07:15 - 000000000 ____D C:\ProgramData\ProductData 2021-08-19 14:46 - 2015-06-11 07:23 - 000000000 ____D C:\Users\Rychu\Desktop\cenniki 2021-08-19 13:22 - 2015-06-26 11:27 - 000000000 ____D C:\Users\Rychu\Desktop\DOK REJESTROWE 2021-08-19 12:11 - 2020-07-21 08:14 - 000002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-08-19 12:11 - 2015-07-23 13:11 - 000002318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-19 08:41 - 2015-09-04 14:21 - 000000000 ____D C:\Users\Rychu\Desktop\yg-1 2021-08-19 08:29 - 2015-06-12 08:01 - 000000000 ____D C:\Users\Rychu\AppData\Roaming\TeamViewer 2021-08-19 07:03 - 2015-05-14 22:20 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-08-18 07:36 - 2020-11-23 15:21 - 000001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2021-08-18 07:36 - 2016-03-29 13:27 - 000000000 ____D C:\Users\Rychu\AppData\Roaming\Notepad++ 2021-08-18 07:01 - 2021-01-11 08:07 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-18 07:01 - 2021-01-11 08:07 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-08-17 10:40 - 2020-01-03 21:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-16 07:14 - 2015-05-15 09:37 - 000000000 ____D C:\Program Files\Microsoft Office 2021-08-13 07:50 - 2016-01-28 14:01 - 000001291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-08-11 07:23 - 2015-05-20 10:23 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-08-11 07:13 - 2015-05-20 10:23 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-08-10 09:55 - 2021-05-27 07:39 - 000000000 ____D C:\Users\Rychu\Desktop\rekl 2021-08-06 07:04 - 2021-02-05 08:11 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-06 07:04 - 2021-02-05 08:11 - 000003476 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d1e9612eeb6732 2021-08-03 11:05 - 2019-12-03 10:18 - 000000086 _____ C:\WINDOWS\Brpfx04a.ini 2021-08-03 11:05 - 2019-12-03 10:18 - 000000000 ____D C:\ProgramData\PCFaxTx 2021-08-03 08:26 - 2016-04-14 15:09 - 000123472 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys 2021-08-02 08:33 - 2019-12-09 07:53 - 000000000 ___DC C:\WINDOWS\Panther 2021-08-02 08:12 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared ==================== Pliki w katalogu głównym wybranych folderów ======== 2016-07-06 13:56 - 2016-07-06 13:56 - 000000132 _____ () C:\Users\Rychu\AppData\Roaming\Preferencje formatu GIF CS6 firmy Adobe 2020-01-07 11:52 - 2020-01-07 12:01 - 000000132 _____ () C:\Users\Rychu\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2019-10-22 08:57 - 2020-03-24 09:18 - 000001496 _____ () C:\Users\Rychu\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs 2018-10-05 08:09 - 2018-10-05 08:09 - 000000000 _____ () C:\Users\Rychu\AppData\Local\oobelibMkey.log 2015-08-10 16:14 - 2020-10-29 16:05 - 000000600 _____ () C:\Users\Rychu\AppData\Local\PUTTY.RND ==================== FLock ============================== 2021-08-19 13:22 C:\Users\Rychu\Desktop\DOK REJESTROWE 2020-09-04 11:16 C:\Users\Rychu\Desktop\fela ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================