Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-07-2022 Uruchomiony przez Jacek (administrator) JACEK-DELL (Dell Inc. Latitude E5500) (15-07-2022 16:28:47) Uruchomiony z C:\Users\Jacek\Desktop\FRST Załadowane profile: Jacek Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4> (AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler.exe (AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler64.exe (C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe ->) (Splashtop Inc. -> Splashtop Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRAgent.exe (C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe ->) (Splashtop Inc. -> Splashtop Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRAppPB.exe (C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe ->) (Splashtop Inc. -> Splashtop Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe (C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe ->) (Splashtop Inc. -> Splashtop Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe (explorer.exe ->) () [Brak podpisu cyfrowego] C:\Program Files\ScreenShooter5\ScreenShooter5.exe (explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (explorer.exe ->) (AVG Technologies USA, LLC -> AVG Technologies) [Brak podpisu cyfrowego] C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe <20> (explorer.exe ->) (Lavasoft Software Canada Inc. -> Lavasoft) [Brak podpisu cyfrowego] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\calc.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe (explorer.exe ->) (RENAULT S.A.S.) [Brak podpisu cyfrowego] C:\Program Files (x86)\DDT2000\DDT2000_menu.exe (explorer.exe ->) (win.rar GmbH -> Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe <3> (Google LLC -> Google LLC) [Brak podpisu cyfrowego] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18> (Mozilla Corporation -> Mozilla Corporation) C:\Mozilla Firefox\firefox.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) [Brak podpisu cyfrowego] C:\Program Files\AVG\Antivirus\aswidsagent.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe (services.exe ->) (McAfee, LLC. -> McAfee, LLC.) C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Splashtop Inc. -> Splashtop Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (services.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) [Brak podpisu cyfrowego] C:\Program Files\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [241592 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1865795168-2565998012-1836526600-1000\...\Run: [AVGBrowserAutoLaunch_227A57B4BBF752A8C741C65F44110CE3] => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2695608 2022-04-15] (AVG Technologies USA, LLC -> AVG Technologies) [Brak podpisu cyfrowego] HKU\S-1-5-21-1865795168-2565998012-1836526600-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1865795168-2565998012-1836526600-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2021-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-1865795168-2565998012-1836526600-1000\...\Run: [screenshooter] => C:\Program Files\ScreenShooter5\ScreenShooter5.exe [967680 2021-03-01] () [Brak podpisu cyfrowego] HKU\S-1-5-21-1865795168-2565998012-1836526600-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9250224 2022-04-27] (Lavasoft Software Canada Inc. -> Lavasoft) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\HP 9a11 Status Monitor: C:\Windows\system32\hpinksts9a11LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-10] (Google LLC -> Google LLC) [Brak podpisu cyfrowego] HKLM\Software\...\Authentication\Credential Providers: [{97E1814E-5601-41c8-9971-10C319EF61CC}] -> C:\Windows\system32\SRCredentialProvider.dll [2022-01-11] (Splashtop Inc. -> Splashtop Inc.) Startup: C:\Users\Jacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDT2000 Quick Menu.lnk [2021-06-22] ShortcutTarget: DDT2000 Quick Menu.lnk -> C:\Program Files (x86)\DDT2000\DDT2000_menu.exe (RENAULT S.A.S.) [Brak podpisu cyfrowego] Startup: C:\Users\Jacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitoruj alerty dotyczące pojemnika z tuszem - HP DJ 2130 series.lnk [2022-05-06] ShortcutAndArgument: Monitoruj alerty dotyczące pojemnika z tuszem - HP DJ 2130 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP DeskJet 2130 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN5AL3838R067S;CONNECTION=USB;MONITOR=1; Startup: C:\Users\Jacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\My DDT2000 Quick Menu.lnk [2021-06-24] ShortcutTarget: My DDT2000 Quick Menu.lnk -> C:\Program Files (x86)\DDT2000\DDT2000_menu.exe (RENAULT S.A.S.) [Brak podpisu cyfrowego] Startup: C:\Users\Jacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenShooter.lnk [2022-02-09] ShortcutTarget: ScreenShooter.lnk -> C:\Program Files\ScreenShooter\ScreenShooter.exe (ROSTPAY LTD -> ) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0E12CAC6-289E-492A-9F27-1941730F7797} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5026232 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {111DF214-B327-484E-AD34-E58FDCCCD74F} - System32\Tasks\Microsoft\Windows\Wininet\CacheTask => {0358b920-0ac7-461f-98f4-58e32cd89148} Task: {1FAF154A-5822-42F4-8950-BA01241116F5} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2695608 2022-04-15] (AVG Technologies USA, LLC -> AVG Technologies) [Brak podpisu cyfrowego] Task: {349C08BC-4591-4566-BD3D-2CD961F7F305} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-27] (Google LLC -> Google LLC) Task: {387BBA14-6770-4AB8-AB60-81B69224494C} - System32\Tasks\CCleanerSkipUAC - Jacek => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {3BE42AB0-708A-4CC2-BD54-9B76C27F9FC0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614360 2022-05-27] (Microsoft Corporation -> Microsoft Corporation) Task: {40476A11-6ECA-4FA9-AE66-6C96DD68E35E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160664 2022-06-19] (Microsoft Corporation -> Microsoft Corporation) Task: {4567D4AD-52BD-4AF6-A06F-146AA9EEB7CB} - System32\Tasks\HPCustParticipation HP DeskJet 2130 series => C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPCustPartic.exe [6438536 2017-04-18] (Hewlett Packard -> HP Inc.) Task: {4D3F4931-D84F-40AD-BC58-7AF57F889FAD} - System32\Tasks\HPCustPartic.exe_{4C26B177-4DF3-4233-9B71-2E994518DABB} => C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPCustPartic.exe [6438536 2017-04-18] (Hewlett Packard -> HP Inc.) Task: {54F140DD-254D-4060-9136-256100EC01EB} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-05-24] (AVG Technologies USA, LLC -> AVG Technologies) [Brak podpisu cyfrowego] Task: {586A509E-394F-4257-B948-3B674B32326C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {6CFC933D-8901-48C2-ABE9-6903A258C7C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2021-12-23] (Microsoft Corporation -> Microsoft Corporation) Task: {6D529D58-505D-4712-910F-6363247CC347} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2022-06-20] (Piriform Software Ltd -> Piriform Software Ltd) Task: {8B029975-6DA3-4785-BDFF-0C29479F368C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614360 2022-05-27] (Microsoft Corporation -> Microsoft Corporation) Task: {8DB5CA41-CEC0-42F4-AF1E-30C3D210BB99} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2021-12-23] (Microsoft Corporation -> Microsoft Corporation) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan (Brak pliku) Task: {AA418A84-0EE8-419C-9289-44B01BB4D536} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-07-01] (AVG Technologies USA, LLC -> AVG Technologies) Task: {BC3DA57D-09DA-4874-B9F8-3F3627723C8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-27] (Google LLC -> Google LLC) Task: {C1185B7E-0421-4FBF-BECB-D78F12F77E5A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160664 2022-06-19] (Microsoft Corporation -> Microsoft Corporation) Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe -IdleTask -TaskName MpIdleTask (Brak pliku) Task: {C5DE9718-D60A-4FDA-AFA6-07E236CC4287} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2695608 2022-04-15] (AVG Technologies USA, LLC -> AVG Technologies) [Brak podpisu cyfrowego] Task: {CF3BCA96-8F9E-43FD-A587-18B3F75B9751} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {EC854402-A071-4E5D-977B-C419CBB2C97A} - System32\Tasks\{4B82310A-2672-4516-BF63-7BB5EE337C9C} => C:\Windows\system32\pcalua.exe -a C:\Users\Jacek\Downloads\ScreenShooter5-Setup.exe -d C:\Users\Jacek\Downloads Task: {EEDFAA7F-D713-402D-ACED-689F34B288B1} - System32\Tasks\{2479A7CA-9139-4B1F-8359-F823C7B5D8B3} => C:\Windows\system32\pcalua.exe -a "C:\Users\Jacek\Desktop\DDT2000 v2.6.0.0\DDT2000_v2.6.0.0\vbrun60sp5.exe" -d "C:\Users\Jacek\Desktop\DDT2000 v2.6.0.0\DDT2000_v2.6.0.0" Task: {F26B905E-9A03-4EEC-A8E6-8862125DB6C1} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-07-01] (AVG Technologies USA, LLC -> AVG Technologies) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Antivirus Emergency Update.job => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{01CD21F1-A192-46FD-9657-B65A60E9A1B6}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{79864F4D-9F64-4600-B8AB-1DC4F825ABE9}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{E28A1A45-9DAE-463A-A4C5-23FC6DA3830A}: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF DefaultProfile: colp8ues.default FF ProfilePath: C:\Users\Jacek\AppData\Roaming\Mozilla\Firefox\Profiles\colp8ues.default [2022-07-15] FF Homepage: Mozilla\Firefox\Profiles\colp8ues.default -> hxxps://poshukach.com?fr=ps&gp=496722&altserp=1 FF NewTab: Mozilla\Firefox\Profiles\colp8ues.default -> hxxps://poshukach.com?fr=ps&gp=496722&altserp=1 FF Notifications: Mozilla\Firefox\Profiles\colp8ues.default -> hxxps://drive.google.com FF Extension: (iMacros for Firefox) - C:\Users\Jacek\AppData\Roaming\Mozilla\Firefox\Profiles\colp8ues.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2022-05-07] [Przestarzałe] FF Extension: (Video DownloadHelper) - C:\Users\Jacek\AppData\Roaming\Mozilla\Firefox\Profiles\colp8ues.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-02] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Jacek\AppData\Roaming\Mozilla\Firefox\Profiles\colp8ues.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-24] FF SearchPlugin: C:\Users\Jacek\AppData\Roaming\Mozilla\Firefox\Profiles\colp8ues.default\searchplugins\Poshukach Engin Search.xml [2022-06-16] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2021-07-01] (AVG Technologies USA, LLC -> AVG Technologies) FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2021-07-01] (AVG Technologies USA, LLC -> AVG Technologies) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) [Brak podpisu cyfrowego] StartMenuInternet: Firefox-9388B6559483FD17 - C:\Mozilla Firefox\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Default [2022-07-15] CHR HomePage: Default -> hxxps://poshukach.com?fr=ps&gp=496722&altserp=1 CHR StartupUrls: Default -> "hxxps://poshukach.com?fr=ps&gp=496722&altserp=1" CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496722&altserp=1 CHR DefaultSearchKeyword: Default -> poshukach engin search CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms} CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-07-03] CHR Extension: (uBlock Origin) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-07-01] CHR Extension: (Tampermonkey) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-05-12] CHR Extension: (Video Downloader professional) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2022-05-07] CHR Extension: (EPUBReader) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2022-05-07] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-07] CHR Profile: C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-07-14] CHR Profile: C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-16] CHR HomePage: Profile 1 -> hxxps://poshukach.com?fr=ps&gp=496722&altserp=1 CHR StartupUrls: Profile 1 -> "hxxps://poshukach.com?fr=ps&gp=496722&altserp=1" CHR DefaultSearchURL: Profile 1 -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496722&altserp=1 CHR DefaultSearchKeyword: Profile 1 -> Poshukach Engin Search CHR DefaultSuggestURL: Profile 1 -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms} CHR Extension: (Prezentacje) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-05-07] CHR Extension: (Dokumenty) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2022-05-07] CHR Extension: (Dysk Google) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-05-07] CHR Extension: (Arkusze) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-05-07] CHR Extension: (Dokumenty Google offline) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-07] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-07] CHR Profile: C:\Users\Jacek\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-14] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-07-01] (AVG Technologies USA, LLC -> AVG Technologies) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [594872 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [594872 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8543912 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) [Brak podpisu cyfrowego] S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-07-01] (AVG Technologies USA, LLC -> AVG Technologies) S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\100.0.15871.129\elevation_service.exe [1972944 2022-04-15] (AVG Technologies USA, LLC -> AVG Technologies) [Brak podpisu cyfrowego] R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-04] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139024 2022-05-27] (Microsoft Corporation -> Microsoft Corporation) S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-11-29] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\elevation_service.exe [1646920 2022-07-02] (Google LLC -> Google LLC) [Brak podpisu cyfrowego] S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2021-02-28] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.2254\McCHSvc.exe [416752 2021-06-26] (McAfee, LLC -> McAfee, LLC) S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\\McCSPServiceHost.exe [2687856 2020-01-25] (McAfee, LLC. -> McAfee, LLC.) [Brak podpisu cyfrowego] R2 SafeConnectService; C:\Program Files (x86)\McAfee\McAfee Safe Connect\SafeConnect.ServiceHost.exe [19760 2021-02-04] (McAfee, LLC. -> McAfee, LLC.) R2 SplashtopRemoteService; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [771168 2022-01-19] (Splashtop Inc. -> Splashtop Inc.) [Brak podpisu cyfrowego] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14614960 2022-02-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) [Brak podpisu cyfrowego] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [36912 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [229056 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [379000 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [253040 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [100464 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42552 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [269600 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [546448 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2021-06-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [109040 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84104 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [855464 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [556232 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [216080 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [321048 2022-04-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) [Brak podpisu cyfrowego] R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [367096 2022-04-27] (Bitdefender SRL -> Bitdefender) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-07-15 16:28 - 2022-07-15 16:29 - 000000000 ____D C:\FRST 2022-07-15 16:27 - 2022-07-15 16:28 - 000000000 ____D C:\Users\Jacek\Desktop\FRST 2022-07-14 10:37 - 2022-07-14 10:37 - 000001145 _____ C:\Users\Public\Desktop\Charger Master.lnk 2022-07-14 10:37 - 2022-07-14 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkyRC 2022-07-14 10:37 - 2022-07-14 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charger Master 2022-07-14 10:37 - 2022-07-14 10:37 - 000000000 ____D C:\Program Files (x86)\SkyRC 2022-07-14 10:33 - 2022-07-14 10:34 - 062168039 _____ C:\Users\Jacek\Downloads\Charger%20Master%20V1.08.rar 2022-07-03 08:06 - 2022-07-03 08:22 - 000000000 ____D C:\Users\Jacek\Desktop\Anka schody 2022-07-03 07:31 - 2022-07-03 07:31 - 000696925 _____ C:\Users\Jacek\Downloads\faktura_33447_LMS_2022.pdf 2022-06-25 06:06 - 2022-06-25 06:06 - 000040453 _____ C:\Users\Jacek\Downloads\202206221330_Potwierdzenie_BLIK.pdf 2022-06-25 06:04 - 2022-06-25 06:04 - 000040550 _____ C:\Users\Jacek\Downloads\202203211610_Potwierdzenie_BLIK.pdf 2022-06-25 05:58 - 2022-06-25 05:58 - 044247942 _____ C:\Users\Jacek\Downloads\download (6).zip 2022-06-25 05:56 - 2022-06-25 05:56 - 000696945 _____ C:\Users\Jacek\Downloads\faktura_28119_LMS_2022 (1).pdf 2022-06-25 05:34 - 2022-06-25 05:34 - 000020356 _____ C:\Users\Jacek\Downloads\FVPL-22-06-00024615.pdf 2022-06-23 09:54 - 2022-06-23 09:54 - 009531041 _____ C:\Users\Jacek\Downloads\download (5).zip 2022-06-19 10:54 - 2022-06-19 10:54 - 000100541 _____ C:\Users\Jacek\Downloads\FV_202206_281439928_09766_b.pdf 2022-06-19 10:46 - 2022-06-19 10:46 - 000325334 _____ C:\Users\Jacek\Downloads\FV_202206_281329634_05801_b.pdf 2022-06-19 10:46 - 2022-06-19 10:46 - 000296419 _____ C:\Users\Jacek\Downloads\FV_202204_281329634_05771_b (1).pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-07-15 16:25 - 2021-02-26 16:38 - 000000000 ____D C:\Program Files (x86)\Google 2022-07-15 16:22 - 2021-02-27 17:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-07-15 15:59 - 2021-06-04 16:05 - 000000000 ____D C:\Program Files\CCleaner 2022-07-15 15:49 - 2022-05-07 00:57 - 000000000 ____D C:\Windows\Panther 2022-07-14 10:42 - 2009-07-14 06:45 - 000022928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-07-14 10:42 - 2009-07-14 06:45 - 000022928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-07-10 10:29 - 2021-02-27 10:29 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-07-10 10:29 - 2021-02-27 10:29 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-07-10 09:47 - 2021-05-18 09:01 - 000000000 ____D C:\Users\Jacek\AppData\Roaming\vlc 2022-07-03 08:08 - 2021-08-22 06:01 - 000002812 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Jacek 2022-07-03 08:08 - 2021-07-05 10:09 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2022-07-03 08:08 - 2021-06-22 11:15 - 000003268 _____ C:\Windows\system32\Tasks\{2479A7CA-9139-4B1F-8359-F823C7B5D8B3} 2022-07-03 08:08 - 2021-06-04 16:05 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update 2022-07-03 08:08 - 2021-03-01 13:12 - 000003152 _____ C:\Windows\system32\Tasks\{4B82310A-2672-4516-BF63-7BB5EE337C9C} 2022-07-03 08:08 - 2021-02-27 18:37 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2022-07-03 08:08 - 2021-02-27 17:56 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0 2022-07-03 08:08 - 2021-02-27 10:29 - 000003568 _____ C:\Windows\system32\Tasks\HPCustParticipation HP DeskJet 2130 series 2022-07-03 08:08 - 2021-02-27 10:29 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2022-07-03 08:08 - 2021-02-27 10:29 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-07-03 08:08 - 2021-02-27 10:29 - 000002946 _____ C:\Windows\system32\Tasks\HPCustPartic.exe_{4C26B177-4DF3-4233-9B71-2E994518DABB} 2022-07-03 07:32 - 2011-04-12 15:21 - 000720452 _____ C:\Windows\system32\perfh015.dat 2022-07-03 07:32 - 2011-04-12 15:21 - 000145984 _____ C:\Windows\system32\perfc015.dat 2022-07-03 07:32 - 2009-07-14 07:13 - 001613286 _____ C:\Windows\system32\PerfStringBackup.INI 2022-07-03 07:32 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2022-07-01 06:47 - 2022-02-24 10:41 - 000000000 ____D C:\Program Files\TeamViewer 2022-07-01 06:47 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-06-28 03:49 - 2021-02-26 16:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-06-28 03:49 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2022-06-28 03:48 - 2021-02-26 16:02 - 000000000 ____D C:\Program Files\Microsoft Office 2022-06-28 03:46 - 2021-06-04 16:05 - 000000000 ____D C:\ProgramData\AVG 2022-06-23 10:00 - 2022-02-09 12:15 - 000001876 _____ C:\Users\Jacek\Desktop\ScreenShooter.lnk 2022-06-16 09:03 - 2021-11-29 17:23 - 000000000 ____D C:\Users\Jacek\AppData\Roaming\Lavasoft 2022-06-16 09:03 - 2021-11-29 17:23 - 000000000 ____D C:\Users\Jacek\AppData\Local\Lavasoft 2022-06-16 09:03 - 2021-11-29 17:23 - 000000000 ____D C:\ProgramData\Lavasoft ==================== Pliki w katalogu głównym wybranych folderów ======== 2022-05-08 12:21 - 2022-05-08 12:21 - 000000000 _____ () C:\Users\Jacek\AppData\Local\oobelibMkey.log ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2022-06-06 00:56 ==================== Koniec FRST.txt ========================