Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-04-2022 Uruchomiony przez ErnieBrown (administrator) ERNIE (LENOVO 80K6) (04-05-2022 11:24:45) Uruchomiony z C:\Users\Joker Lombard\Downloads Załadowane profile: ErnieBrown Platform: Microsoft Windows 10 Home Wersja 21H1 19043.1645 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe ->) (InstallShield Software Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <3> (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe (explorer.exe ->) (LENOVO -> ) C:\Program Files\Lenovo\LenovoUtility\utility.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (explorer.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIPEE.EXE (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (InstallShield Software Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseInfo.exe (Microsoft Corporation -> ) C:\Program Files\PCHealthCheck\PCHealthCheck.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe (services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (InstallShield Software Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (WhatsApp, Inc -> WhatsApp) C:\Users\Joker Lombard\AppData\Local\WhatsApp\app-2.2214.12\WhatsApp.exe <7> ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16403712 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-06-24] (LENOVO -> ) HKLM-x32\...\Run: [Intel(R) RealSense(TM) SDK info server] => C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseInfo.exe [21144 2015-07-09] (Intel(R) Software Development Products -> Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\PL\Programs\Registration.exe [733184 2004-06-23] (Corel Corporation) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe --startup_mode (Brak pliku) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe --startup_mode (Brak pliku) HKU\S-1-5-21-677252881-3295170303-2238901163-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation) [Brak podpisu cyfrowego] HKU\S-1-5-21-677252881-3295170303-2238901163-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPEE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-677252881-3295170303-2238901163-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe --startup_mode (Brak pliku) HKLM\...\Print\Monitors\EPSON XP-332 335 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBPEE.DLL [180224 2014-03-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\HP B611 Status Monitor: C:\WINDOWS\system32\hpinkstsB611LM.dll [328552 2012-01-11] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.54\Installer\chrmstp.exe [2022-05-03] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {11B8403C-0FEC-443E-AF88-6AD466ADE49D} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {22970913-904B-4005-9AF4-37E6A40C79F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {240DBEAB-6870-4E9C-BEC9-398A78D45E96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-06] (Google Inc -> Google LLC) Task: {3F7A7F95-A14B-4C5E-8259-AE36504A9D8D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {536F46EE-DADD-4E3C-B595-EE6545085793} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (Brak pliku) Task: {69B65AB4-07A9-4EAC-9873-95449C99AE0A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {7AA57599-D406-434E-B79E-95D4436FAFD6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-06] (Google Inc -> Google LLC) Task: {859BD6E8-2762-439D-AE7D-EF815420BEBE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1a7d7395-c207-4715-9297-e1cd9fae04cf => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {85FADDC4-8B3D-4677-8E42-0E60AD794527} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {907E0905-1F2F-47FB-B445-02800D91FC9C} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.) Task: {9755AC32-6F80-4AB4-8CA1-CB5A4FFCDC67} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {9B5D44BF-4664-4F03-AD39-53C001463076} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9BEF300D-EB60-48F5-8CF6-A96584BD71BD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1f15ca80-e964-4892-8898-73eeb0783fa8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {9F5B4768-673E-4A38-B9DD-F72880057BD7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ad90ecab-6bf5-48fd-b66c-b0adce04466e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {A035C71D-57E2-4CDD-AFE1-59359DA2368C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A6D39B03-5301-4596-B593-31318BF0AB71} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {A8343883-4E1C-4FC1-8301-454B024A77BB} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {AE6C574C-4D14-4760-A09B-5FB80DD5FD3B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\be76389e-730e-41e5-a88e-372960d6f85b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {AFC8D1FC-0ADF-47BA-86E7-CA97DFB0CF51} - System32\Tasks\EPSON XP-332 335 Series Update {8746B7EF-B185-47A3-B835-991075AB8BA7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPEE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {BE93E7DE-D28D-4773-92D4-A13793AE3097} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe (Brak pliku) Task: {CF22F51F-514A-4738-8FD6-4A318AA90C04} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D1F556E7-1A70-46FA-9D42-C597A365D676} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D776370E-95B2-4296-9804-99D6D62940F5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ec23f600-fa03-4503-a455-f96d52f4f6d1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {DB1B7723-30DC-4031-8E5F-A4B81C1CC59F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {E164682E-4BCB-436D-A9AD-1159CE33DCD2} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (Brak pliku) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\EPSON XP-332 335 Series Update {8746B7EF-B185-47A3-B835-991075AB8BA7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPEE.EXE:/EXE:{8746B7EF-B185-47A3-B835-991075AB8BA7} /F:UpdateWORKGROUP\ERNIE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 8.8.8.8 Tcpip\..\Interfaces\{32d8d23e-75f2-4116-82a2-f019dd9caac9}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{3fd8bc01-4646-4423-ab4d-fa0eb1a8d345}: [DhcpNameServer] 192.168.0.222 8.8.8.8 Tcpip\..\Interfaces\{9383cc72-9bf6-4042-8fc9-d68dbf763d1d}: [DhcpNameServer] 192.168.1.1 8.8.8.8 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] FireFox: ======== FF DefaultProfile: m57nxqcd.default FF ProfilePath: C:\Users\Joker Lombard\AppData\Roaming\Mozilla\Firefox\Profiles\m57nxqcd.default [2022-05-04] FF NetworkProxy: Mozilla\Firefox\Profiles\m57nxqcd.default -> http", "178.79.130.180" FF NewTabOverride: Mozilla\Firefox\Profiles\m57nxqcd.default -> Disabled: {2ef58672-740c-46bd-a50d-b9880986b574} FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Joker Lombard\AppData\Roaming\Mozilla\Firefox\Profiles\m57nxqcd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-24] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2022-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2022-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Joker Lombard\AppData\Local\Google\Chrome\User Data\Default [2022-04-27] CHR Extension: (Prezentacje) - C:\Users\Joker Lombard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-14] CHR Extension: (Dokumenty) - C:\Users\Joker Lombard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-14] CHR Extension: (Dysk Google) - C:\Users\Joker Lombard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-14] CHR Extension: (YouTube) - C:\Users\Joker Lombard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-14] CHR Extension: (Arkusze) - C:\Users\Joker Lombard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-14] CHR Extension: (Dokumenty Google offline) - C:\Users\Joker Lombard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-18] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Joker Lombard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-13] CHR Extension: (Gmail) - C:\Users\Joker Lombard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-14] CHR HKU\S-1-5-21-677252881-3295170303-2238901163-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation) R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo) R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13274600 2022-04-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation) S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [Brak podpisu cyfrowego] S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-05-04 11:24 - 2022-05-04 11:26 - 000027192 _____ C:\Users\Joker Lombard\Downloads\FRST.txt 2022-05-04 11:23 - 2022-05-04 11:25 - 000000000 ____D C:\FRST 2022-05-04 11:21 - 2022-05-04 11:21 - 000320660 _____ C:\Users\Joker Lombard\Desktop\DISTRIBUTION AGREEMENT.pdf 2022-05-04 11:18 - 2022-05-04 11:18 - 002366976 _____ (Farbar) C:\Users\Joker Lombard\Downloads\FRST64.exe 2022-05-04 08:27 - 2022-05-04 08:27 - 000108718 _____ C:\Users\Joker Lombard\Desktop\Umowa Dystrybucji.pdf 2022-05-03 14:16 - 2022-05-04 07:59 - 000000310 _____ C:\Users\Joker Lombard\Desktop\MARCIN.txt 2022-04-23 17:58 - 2022-04-23 17:58 - 000671185 _____ C:\Users\Joker Lombard\Desktop\NatPol Plush Toys EURO.pdf 2022-04-23 17:44 - 2022-04-23 17:44 - 003448078 _____ C:\Users\Joker Lombard\Desktop\NatPol Machines 2022 EURO (FRANCE).pdf 2022-04-22 10:50 - 2022-04-22 10:50 - 000000000 ____D C:\Program Files\PCHealthCheck 2022-04-20 09:41 - 2022-04-22 08:08 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-04-20 09:41 - 2022-04-20 10:54 - 000000000 ____D C:\Program Files\CCleaner 2022-04-20 09:41 - 2022-04-20 09:41 - 000002878 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2022-04-20 09:41 - 2022-04-20 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2022-04-14 09:58 - 2022-04-14 09:58 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-04-14 09:58 - 2022-04-14 09:58 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-04-14 09:57 - 2022-04-14 09:57 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-04-14 09:56 - 2022-04-14 09:56 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-04-14 09:13 - 2022-04-14 09:13 - 000000000 ___HD C:\$WinREAgent ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-05-04 11:22 - 2020-06-19 16:26 - 000000000 ____D C:\Users\Joker Lombard\AppData\Roaming\WhatsApp 2022-05-04 11:14 - 2022-02-10 22:10 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-05-04 11:13 - 2018-02-14 09:51 - 000000000 ____D C:\Users\Joker Lombard\AppData\LocalLow\Mozilla 2022-05-04 11:12 - 2020-11-15 13:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-05-04 11:12 - 2019-06-06 08:18 - 000000000 ____D C:\Program Files (x86)\Google 2022-05-04 10:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-05-04 08:13 - 2018-11-16 21:30 - 000035016 _____ C:\Users\Joker Lombard\Documents\Rozliczenie Grzegorz, Delaney, Peny, Marcin.xlsx 2022-05-04 07:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-05-04 07:57 - 2018-02-08 21:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-05-03 14:23 - 2021-11-18 12:56 - 000000101 _____ C:\Users\Joker Lombard\Desktop\Skóry.txt 2022-05-03 14:23 - 2021-09-30 08:38 - 000000479 _____ C:\Users\Joker Lombard\Desktop\Gaja Dług.txt 2022-05-03 14:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-05-03 13:42 - 2021-01-14 14:02 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-05-03 13:42 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-05-03 13:37 - 2019-08-04 12:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-04-29 14:53 - 2021-10-19 07:52 - 000000000 ____D C:\Users\Joker Lombard\AppData\Local\WhatsApp 2022-04-29 14:49 - 2019-08-04 12:36 - 000000000 ____D C:\Users\Joker Lombard\AppData\Roaming\TeamViewer 2022-04-29 12:18 - 2020-11-15 14:01 - 001769800 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-04-29 12:18 - 2019-12-07 17:08 - 000785594 _____ C:\WINDOWS\system32\perfh015.dat 2022-04-29 12:18 - 2019-12-07 17:08 - 000152454 _____ C:\WINDOWS\system32\perfc015.dat 2022-04-29 12:18 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-04-28 14:23 - 2019-11-11 22:13 - 000000000 ____D C:\Users\Joker Lombard\AppData\Roaming\vlc 2022-04-23 17:44 - 2022-03-12 20:55 - 003448073 _____ C:\Users\Joker Lombard\Desktop\NatPol Machines 2022 EURO.pdf 2022-04-22 10:50 - 2021-11-05 08:45 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-04-20 13:07 - 2020-11-15 14:13 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-04-20 13:07 - 2020-11-15 14:13 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-04-20 10:54 - 2020-11-15 13:45 - 000454392 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-04-20 10:53 - 2020-11-15 14:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-04-20 10:53 - 2020-11-03 17:51 - 000008192 ___SH C:\DumpStack.log.tmp 2022-04-20 10:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-04-20 10:53 - 2018-02-14 10:03 - 000000000 ____D C:\Program Files\WinRAR 2022-04-20 10:52 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-04-20 10:07 - 2019-04-12 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2022-04-20 10:07 - 2019-04-12 14:38 - 000000000 ____D C:\Program Files (x86)\Java 2022-04-20 10:07 - 2018-02-14 10:03 - 000000000 ____D C:\Users\Joker Lombard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-04-20 10:07 - 2018-02-14 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-04-20 10:05 - 2019-04-12 14:39 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2022-04-20 10:03 - 2018-02-09 10:32 - 000000000 ____D C:\Users\Joker Lombard\AppData\Local\Packages 2022-04-20 09:53 - 2022-03-05 17:49 - 000000000 ____D C:\WINDOWS\Minidump 2022-04-20 09:53 - 2020-11-05 22:14 - 000000000 ___DC C:\WINDOWS\Panther 2022-04-17 10:00 - 2018-02-09 10:40 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-04-16 20:03 - 2018-02-09 10:40 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-04-15 15:10 - 2018-02-14 09:51 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-04-15 15:10 - 2018-02-14 09:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-04-15 15:08 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-04-15 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-04-15 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-04-15 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-04-15 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-04-15 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-04-15 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-04-15 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-04-15 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-04-15 12:19 - 2020-03-08 11:43 - 000000000 ____D C:\Users\Joker Lombard\Desktop\NAT 2022-04-14 13:02 - 2021-09-11 08:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-04-14 13:02 - 2018-02-14 09:51 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-04-14 10:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-04-10 16:49 - 2022-04-02 17:46 - 000000000 ____D C:\Users\Joker Lombard\Downloads\Vinted 2022-04-08 07:34 - 2018-02-14 21:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-04-07 07:55 - 2020-08-26 16:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-04-12 14:45 - 2019-04-12 14:45 - 000030601 _____ () C:\Users\Joker Lombard\x.exe 2018-02-17 15:42 - 2019-05-31 14:16 - 000005632 _____ () C:\Users\Joker Lombard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-02-14 14:59 - 2018-02-14 14:59 - 000000017 _____ () C:\Users\Joker Lombard\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================