Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 23-02-2020 Uruchomiony przez Rodzina Adamsów (administrator) RODZINAADAMSÓW (Hewlett-Packard HP ProBook 4540s) (23-02-2020 18:45:31) Uruchomiony z C:\Users\Rodzina Adamsów\Downloads Załadowane profile: Rodzina Adamsów (Dostępne profile: Rodzina Adamsów) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe (Advanced Micro Devices Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ArcSoft, Inc. -> ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe (ATI Technologies Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe (Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (IVT Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (IVT Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WerFault.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (PDF Complete -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Portrait Displays, Inc. -> Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe (Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe (Softex Incorporated -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Softex Incorporated -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Rodzina Adamsów\AppData\Local\Kingsoft\WPS Office\11.2.0.9150\office6\wps.exe (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Rodzina Adamsów\AppData\Local\Kingsoft\WPS Office\11.2.0.9150\office6\wpscenter.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation -> Intel Corporation) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684024 2012-03-07] (PDF Complete -> PDF Complete Inc) HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft, Inc. -> ArcSoft Inc.) HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184704 2012-03-16] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364032 2012-08-16] (IVT Corporation) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-22] (Softex Incorporated -> Hewlett-Packard) HKU\S-1-5-21-2393163483-2970270535-3393990018-1001\...\MountPoints2: {d07a0114-507d-11ea-9757-a417312be0be} - D:\LGAutoRun.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{438363A8-F486-4C37-834C-4955773CB3D3}] -> msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2012-03-15] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> c:\windows\system32\DPLic.dll [2012-03-15] (DigitalPersona, Inc. -> DigitalPersona, Inc.) Lsa: [Notification Packages] DPPassFilter scecli FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0423D9C8-1258-45DF-BE56-8F2E9C5D9B88} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) Task: {3CB99F04-884B-4231-920C-4A8E82D5FCB3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [7255608 2011-09-10] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {4AEFFDA5-BF74-4A80-B79C-35E59EC1B3EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [729656 2011-09-10] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {65CCD5D6-2DB8-443A-B154-D8973CA38E48} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1835112 2020-02-23] (Avast Software s.r.o. -> AVAST Software) Task: {95751385-58E7-48B1-A175-242E302447FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [7255608 2011-09-10] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {9EFB99C1-8591-4ED9-9A6B-FE4B03609E72} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_Plugin.exe [1458232 2020-02-13] (Adobe Inc. -> Adobe) Task: {BFDE43F6-4785-49F7-8251-F4A6BD7E8CB8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-13] (Adobe Inc. -> Adobe) Task: {CA24D435-684D-4C41-ABDA-800661B2923C} - System32\Tasks\WpsExternal_Rodzina Adamsów_20200217140107 => C:\Users\Rodzina Adamsów\AppData\Local\Kingsoft\WPS Office\11.2.0.9150\office6\wps.exe [1073920 2020-02-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {D48075E4-C753-4B03-BBC2-3A66FC3C6EB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [850488 2011-06-14] (Hewlett-Packard Company -> Hewlett-Packard) Task: {E0D66990-0E17-4BCC-9234-C2D9CA1A0977} - System32\Tasks\WpsUpdateTask_Rodzina Adamsów => C:\Users\Rodzina Adamsów\AppData\Local\Kingsoft\WPS Office\11.2.0.9150\office6\wpsupdate.exe [157952 2020-02-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> ) Task: {F7B9E77A-536F-4B2D-9E93-7DA4BA848EB6} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [273352 2011-04-28] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{433BB520-94B7-4094-89D2-5CD0367C9455}: [DhcpNameServer] 172.168.0.2 Tcpip\..\Interfaces\{645E1C09-9437-4C7D-981C-64ED0CFAF965}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2393163483-2970270535-3393990018-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDF HKU\S-1-5-21-2393163483-2970270535-3393990018-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF SearchScopes: HKU\S-1-5-21-2393163483-2970270535-3393990018-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2393163483-2970270535-3393990018-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2393163483-2970270535-3393990018-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF SearchScopes: HKU\S-1-5-21-2393163483-2970270535-3393990018-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22] (Softex Incorporated -> Hewlett-Packard) FireFox: ======== FF DefaultProfile: 4pabaokt.default FF ProfilePath: C:\Users\Rodzina Adamsów\AppData\Roaming\Mozilla\Firefox\Profiles\4pabaokt.default [2019-08-23] FF ProfilePath: C:\Users\Rodzina Adamsów\AppData\Roaming\Mozilla\Firefox\Profiles\5za319vm.default-release [2020-02-23] FF Session Restore: Mozilla\Firefox\Profiles\5za319vm.default-release -> [funkcja włączona] FF Notifications: Mozilla\Firefox\Profiles\5za319vm.default-release -> hxxps://www.youtube.com; hxxps://6m5e8.videommm.pro; hxxps://www.wakacje.pl FF Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Rodzina Adamsów\AppData\Roaming\Mozilla\Firefox\Profiles\5za319vm.default-release\Extensions\sp@avast.com.xpi [2020-02-13] FF Extension: (Avast Online Security) - C:\Users\Rodzina Adamsów\AppData\Roaming\Mozilla\Firefox\Profiles\5za319vm.default-release\Extensions\wrc@avast.com.xpi [2020-01-23] FF Extension: (Hardware sync) - C:\Users\Rodzina Adamsów\AppData\Roaming\Mozilla\Firefox\Profiles\5za319vm.default-release\Extensions\{33c2a089-2b0c-4292-fa75-f834f36c4162}.xpi [2019-12-15] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2012-12-02] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_330.dll [2020-02-13] (Adobe Inc. -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_330.dll [2020-02-13] (Adobe Inc. -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.) R2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [235520 2012-03-29] (Microsoft Windows Hardware Compatibility Publisher -> AMD) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation) [Brak podpisu cyfrowego] R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation) [Brak podpisu cyfrowego] R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-03-15] (DigitalPersona, Inc. -> DigitalPersona, Inc.) S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-01-31] (Hewlett-Packard Company -> Hewlett-Packard Company) R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [372824 2012-03-22] (Softex Incorporated -> Hewlett-Packard) R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] (Intel Corporation -> ) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation -> Intel Corporation) R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-03-22] () [Brak podpisu cyfrowego] R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation -> Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation -> Microsoft Corporation) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-03-07] (PDF Complete -> PDF Complete Inc) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [314880 2012-03-05] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-04-05] (ArcSoft, Inc. -> ArcSoft, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation) S3 wpscloudsvr; C:\Users\Rodzina Adamsów\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [790784 2020-02-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 Accelerometer; C:\windows\System32\DRIVERS\Accelerometer.sys [43800 2012-03-16] (Hewlett-Packard Company -> Hewlett-Packard Company) R3 amdkmdag; C:\windows\System32\DRIVERS\atikmdag.sys [10859008 2012-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\windows\System32\DRIVERS\atikmpag.sys [328704 2012-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc. -> ArcSoft, Inc.) R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37616 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) S3 aswArPot; C:\windows\System32\drivers\aswArPot.sys [204824 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) S3 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [274456 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) S3 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [209552 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) S3 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [65120 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [276952 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) S3 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42736 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [171520 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) S3 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110320 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83792 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) S3 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848432 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\windows\System32\drivers\aswSP.sys [460448 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) S3 aswStm; C:\windows\System32\drivers\aswStm.sys [236024 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) S3 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316528 2020-01-05] (AVAST Software s.r.o. -> AVAST Software) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34880 2011-08-13] (Ralink Technology Corporation -> Ralink Corporation.) R3 BtAudioBusSrv; C:\windows\System32\Drivers\BtAudioBus.sys [23104 2011-08-13] (Ralink Technology Corporation -> Ralink Corporation) R3 BthL2caScoIfSrv; C:\windows\System32\Drivers\BtL2caScoIf.sys [51776 2012-04-03] (Ralink Technology Corporation -> Ralink Corporation) R3 btUrbFilterDrv; C:\windows\System32\Drivers\IvtUrbBtFlt.sys [48320 2012-03-05] (Ralink Technology Corporation -> Ralink Corporation) S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company -> Hewlett-Packard Company) R0 hpdskflt; C:\windows\System32\DRIVERS\hpdskflt.sys [30488 2012-03-16] (Hewlett-Packard Company -> Hewlett-Packard Company) R3 HpqKbFiltr; C:\windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-18] (Hewlett-Packard Company -> Hewlett-Packard Company) R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [93640 2012-03-22] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.) R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158792 2012-03-22] (MCAFEE INTERNATIONAL LTD. -> McAfee, Inc.) R1 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation -> Microsoft Corporation) R3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-28] (Microsoft Corporation -> Microsoft Corporation) R3 rtbth; C:\windows\System32\DRIVERS\rtbth.sys [685152 2012-06-14] (Ralink Technology Corporation -> Ralink Technology, Corp.) R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1862536 2012-07-28] (SONIX TECHNOLOGY CO. , LTD -> ) R3 STHDA; C:\windows\System32\DRIVERS\stwrt64.sys [536064 2012-03-05] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) U3 aswbdisk; Brak ImagePath U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34880 2011-08-13] (Ralink Technology Corporation -> Ralink Corporation.) S1 MpKsld83ae11b; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5D02562A-A10A-4E09-946A-8EBBBCAE3E42}\MpKsld83ae11b.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-02-23 18:41 - 2020-02-23 18:44 - 000057730 _____ C:\Users\Rodzina Adamsów\Downloads\Addition.txt 2020-02-23 18:38 - 2020-02-23 18:48 - 000028202 _____ C:\Users\Rodzina Adamsów\Downloads\FRST.txt 2020-02-23 18:38 - 2020-02-23 18:47 - 000000000 ____D C:\FRST 2020-02-23 18:37 - 2020-02-23 18:37 - 002279424 _____ (Farbar) C:\Users\Rodzina Adamsów\Downloads\FRST64.exe 2020-02-23 18:30 - 2020-02-23 18:32 - 000000000 ____D C:\AdwCleaner 2020-02-23 18:30 - 2020-02-23 18:30 - 008356016 _____ (Malwarebytes) C:\Users\Rodzina Adamsów\Downloads\AdwCleaner.exe 2020-02-19 14:42 - 2020-02-23 07:53 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-02-17 14:01 - 2020-02-17 14:01 - 000004282 _____ C:\windows\system32\Tasks\WpsExternal_Rodzina Adamsów_20200217140107 2020-02-17 14:01 - 2020-02-17 14:01 - 000000000 ____D C:\Users\Rodzina Adamsów\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office 2020-02-16 08:08 - 2020-02-16 08:12 - 000000000 ____D C:\Users\Rodzina Adamsów\Desktop\zdjecia ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-02-23 18:42 - 2009-07-14 05:45 - 000031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-02-23 18:42 - 2009-07-14 05:45 - 000031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-02-23 18:37 - 2012-08-16 02:46 - 000000787 _____ C:\windows\SysWOW64\bscs.ini 2020-02-23 18:36 - 2019-08-23 15:12 - 000000000 ____D C:\Users\Rodzina Adamsów\AppData\LocalLow\Mozilla 2020-02-23 18:34 - 2012-12-02 04:13 - 000004524 _____ C:\windows\SysWOW64\LOCALSERVICE.INI 2020-02-23 18:34 - 2012-12-02 04:13 - 000000043 _____ C:\windows\SysWOW64\LOCALDEVICE.INI 2020-02-23 18:34 - 2012-04-18 03:55 - 000000000 ____D C:\ProgramData\PDFC 2020-02-23 18:33 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT 2020-02-23 08:34 - 2020-01-05 11:37 - 000000000 ____D C:\ProgramData\AVAST Software 2020-02-23 07:57 - 2012-04-18 03:56 - 000000000 ____D C:\windows\SysWOW64\Macromed 2020-02-23 07:53 - 2019-11-17 08:17 - 000003886 _____ C:\windows\wininit.ini 2020-02-23 07:51 - 2019-08-23 15:05 - 000004030 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{A0D88212-22AB-45AD-848E-A0270D363D61} 2020-02-18 18:26 - 2009-07-14 06:08 - 000032626 _____ C:\windows\Tasks\SCHEDLGU.TXT 2020-02-17 14:01 - 2019-08-23 15:24 - 000003894 _____ C:\windows\system32\Tasks\WpsUpdateTask_Rodzina Adamsów 2020-02-16 08:31 - 2012-04-18 02:36 - 000891676 _____ C:\windows\system32\perfh015.dat 2020-02-16 08:31 - 2012-04-18 02:36 - 000208496 _____ C:\windows\system32\perfc015.dat 2020-02-16 08:31 - 2009-07-14 06:13 - 000006464 _____ C:\windows\system32\PerfStringBackup.INI 2020-02-13 19:30 - 2019-11-17 08:09 - 000004552 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-02-13 19:30 - 2019-11-17 08:08 - 000000000 ____D C:\windows\system32\Macromed 2020-02-13 19:30 - 2012-04-18 03:56 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe 2020-02-13 19:30 - 2012-04-18 03:56 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-02-13 19:30 - 2012-04-18 03:56 - 000004312 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater 2020-02-08 19:37 - 2020-01-05 11:39 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-11-11 19:06 - 2019-11-16 15:43 - 000007635 _____ () C:\Users\Rodzina Adamsów\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-02-19 14:18 ==================== Koniec FRST.txt ========================