Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21-11-2020 Uruchomiony przez media (administrator) MEDIA-HP (Hewlett-Packard HP Pavilion dv6 Notebook PC) (21-11-2020 17:46:40) Uruchomiony z C:\Users\media\Downloads-old Załadowane profile: media Platform: Windows 10 Home Wersja 1709 16299.967 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ABBYY Software House -> ABBYY (BIT Software)) C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Andrea Electronics Corporation) [Brak podpisu cyfrowego] C:\Program Files\IDT\WDM\AESTSr64.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (Hewlett-Packard Company -> ) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Company -> ) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation - pGFX -> Intel Corporation) C:\WINDOWS\System32\hkcmd.exe (Intel Corporation - pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxpers.exe (Intel Corporation - pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxtray.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Macrovision Europe Ltd.) [Brak podpisu cyfrowego] C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\media\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\WINDOWS\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\WINDOWS\System32\atiesrxx.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe (Motorola Inc -> Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe (Motorola Inc -> Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe (Motorola Inc -> Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe (Motorola Inc -> Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6> (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Validity Sensors, Inc -> Validity Sensors, Inc.) C:\WINDOWS\System32\vcsFPService.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.) [Brak podpisu cyfrowego] HKLM\...\Run: [BTMTrayAgent] => C:\Program Files\Motorola\Bluetooth\btmshell.dll [24783624 2010-06-10] (Motorola Inc -> Motorola, Inc.) HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] (Hewlett-Packard Company -> ) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-03-30] (Synaptics Incorporated -> Synaptics Incorporated) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-06-02] (EasyBits Software AS -> EasyBits Software AS) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe [102400 2005-04-08] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKU\S-1-5-21-3550354000-425692153-1505289350-1000\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] (Hewlett-Packard Company -> ) HKU\S-1-5-21-3550354000-425692153-1505289350-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3550354000-425692153-1505289350-1000\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe -os-restarted hxxp://security.symantec.com/?go=pfb&products=NortonSecurity&versions=22.17.1.50&oslocale=PLK&uninstall=y&g=5D43AF45-2E5D-11E0-ABB5-83B (dane wartości zawierają 93 znaków więcej). HKU\S-1-5-21-3550354000-425692153-1505289350-1000\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKU\S-1-5-21-3550354000-425692153-1505289350-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-3550354000-425692153-1505289350-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-3550354000-425692153-1505289350-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [36864 2017-09-29] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\IppMon: C:\WINDOWS\system32\IPPMon.dll [226816 2017-09-29] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [120200 2015-12-09] (pdfforge GmbH -> pdfforge GmbH) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP HKLM\Software\...\Authentication\Credential Providers: [{2A16DF2F-490B-4F2B-8C68-21EF46FCCC37}] -> C:\Windows\system32\dpcrprov.dll [2010-04-22] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{3ADC7042-51AF-4D0F-BD1D-4D6965A77323}] -> C:\Windows\system32\dpcrprov.dll [2010-04-22] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{4C0F0D42-DA2D-45da-85BC-B7A1AB53BF65}] -> C:\Windows\system32\dpcrprov.dll [2010-04-22] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> HKLM\Software\...\Authentication\Credential Providers: [{57E84B57-5533-4624-AB49-E29C8C5489D6}] -> C:\Windows\system32\dpcrprov.dll [2010-04-22] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{70099717-17C8-4BD0-B3D4-FAF721AB1A62}] -> C:\Windows\system32\dpcrprov.dll [2010-04-22] (DigitalPersona, Inc. -> DigitalPersona, Inc.) HKLM\Software\...\Authentication\Credential Provider Filters: [{FD2AB138-F9A8-4ab6-9095-EEE7AF8B6C28}] -> C:\Windows\system32\dpcrprov.dll [2010-04-22] (DigitalPersona, Inc. -> DigitalPersona, Inc.) Lsa: [Notification Packages] DPPassFilter scecli Startup: C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verbatim GREEN BUTTON.lnk [2012-05-05] ShortcutTarget: Verbatim GREEN BUTTON.lnk -> C:\Program Files (x86)\Verbatim GREEN BUTTON\GREEN BUTTON.exe () [Brak podpisu cyfrowego] ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0D14AE34-C1D9-442C-AF85-A49D45DD1D63} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Brak pliku <==== UWAGA Task: {0D88D837-2AF8-4C3B-AFE3-FB445C0605EF} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2010-05-24] (Hewlett-Packard Company -> ) Task: {164A563E-1F81-423A-850A-81864704AA54} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {1E74E25E-BC9F-4AD2-B879-9EE3A15F93E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2013-11-04] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {1F3A343A-5398-4FFC-B064-C0CCD6EF118F} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {25ECEBE4-479A-47B1-8C26-71274592BF78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {27999844-69B8-43E0-A95C-C4843CC1255B} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-21] (Mozilla Corporation -> Mozilla Foundation) Task: {32A7701B-783C-4D1F-9BD4-510E1C0CFEBD} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {3359D34E-301A-4295-A7EB-6BCE02488C8B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [630584 2014-05-12] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4CDF07C7-CDFE-4AC6-9C6E-B49F1D0FCD58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2013-11-04] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {4E891C00-64E7-446B-9808-F5B3E3D1E871} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1059704 2018-11-09] (HP Inc. -> HP Inc.) Task: {51767E50-7838-4EC2-B23D-876918F15414} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5B51E85F-A1B2-41FE-BC65-9438617C0A13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-26] (Google Inc -> Google Inc.) Task: {76164292-B6BB-4B75-BAF6-4B5C90137428} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {769CBD50-E416-4EFD-A80A-42E79DA41FB3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {96CE18AD-2A0B-4F63-B149-63D9549E5B02} - System32\Tasks\e-pity2017_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe Task: {9A7E2921-E27F-48F2-830B-65F9D64630A2} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe Task: {9AFF0828-193E-4FAB-AB9F-835188084576} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9D2B214B-CDA1-4837-B9E4-8953FEEB4FD5} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {A05EC876-9D5A-4696-B8E6-5C7990FF179D} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.16.2.22\SymErr.exe Task: {A733325F-8326-408B-8FAC-4F38E20EF656} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B28E6B38-070D-4469-8044-B12664777E0A} - System32\Tasks\e-pity2017_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe Task: {BFA447C2-C3AD-4FFA-ACAE-3D0FBC9F20F2} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.16.2.22\SymErr.exe Task: {CDB0785E-F474-4C14-AEEF-DEDD35312628} - System32\Tasks\HPCeeScheduleFormedia => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704 2010-01-05] (Hewlett-Packard Company -> Hewlett-Packard) Task: {CEA3A284-B812-49DC-9232-6E5B0AD45E5E} - \MirageAgent -> Brak pliku <==== UWAGA Task: {D0AC87AF-E3A7-479E-ABE2-70E843237722} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-26] (Google Inc -> Google Inc.) Task: {E24E2B75-BB22-426D-BFAA-F1FEE3002A9B} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.16.2.22\SymErr.exe Task: {E72EA169-E81E-4922-A586-DCB5BF8C4542} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {EEED0713-5E58-46EC-A194-5C945DC35CFC} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {F44E309D-5454-4A76-9D96-46444C1B6FC3} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2010-05-24] (Hewlett-Packard Company -> ) Task: {FB9DD495-F5FA-42E7-8232-6D398A19871E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FC91131D-9C65-46B9-8D93-E6204C655CD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FD3F4F00-162D-4C44-9E5A-A2F3A8AA6AEF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle America, Inc. -> Oracle Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\HPCeeScheduleFormedia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b843f301-2eef-4549-9c89-b0668ea518ca}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{c6706797-16ae-4728-8312-086246297680}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF DefaultProfile: 59znk3c8.default-1447363192095-1541259184618 FF ProfilePath: C:\Users\media\AppData\Roaming\Mozilla\Firefox\Profiles\mfcsiseg.default-release [2020-11-20] FF ProfilePath: C:\Users\media\AppData\Roaming\Mozilla\Firefox\Profiles\59znk3c8.default-1447363192095-1541259184618 [2020-11-21] FF Extension: (AdBlocker Ultimate) - C:\Users\media\AppData\Roaming\Mozilla\Firefox\Profiles\59znk3c8.default-1447363192095-1541259184618\Extensions\adblockultimate@adblockultimate.net.xpi [2020-11-03] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\media\AppData\Roaming\Mozilla\Firefox\Profiles\59znk3c8.default-1447363192095-1541259184618\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2020-09-02] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google Inc -> Google) FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH -> pdfforge GmbH) FF Plugin HKU\S-1-5-21-3550354000-425692153-1505289350-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\media\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-22] (Unity Technologies SF -> Unity Technologies ApS) Chrome: ======= CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY Software House -> ABBYY (BIT Software)) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.) R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [Brak podpisu cyfrowego] R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2010-09-16] (Macrovision Europe Ltd.) [Brak podpisu cyfrowego] R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2010-09-16] (Macrovision Europe Ltd.) [Brak podpisu cyfrowego] S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [Brak podpisu cyfrowego] S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH -> pdfforge GmbH) S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [258048 2010-06-18] (IDT, Inc.) [Brak podpisu cyfrowego] S3 TCE CAD Service; C:\Program Files (x86)\Intel iPOS v6\cadservice.exe [25600 2010-10-25] () [Brak podpisu cyfrowego] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BTMUSB; C:\WINDOWS\System32\Drivers\btmusb.sys [3232768 2010-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Motorola, Inc.) R3 clwvd; C:\WINDOWS\system32\DRIVERS\clwvd.sys [32880 2010-06-24] (CyberLink -> Windows (R) Win 7 DDK provider) S3 DrvAgent64; C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [22200 2016-02-05] (eSupport.com, Inc. -> Phoenix Technologies) S3 MpKsl34cf1c79; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{362DB765-EAC0-4EAB-9F62-E1A2A4DCA686}\MpKslDrv.sys [47336 2020-11-18] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-11-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429288 2020-11-09] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-09] (Microsoft Windows -> Microsoft Corporation) S3 HWiNFO32; \??\C:\Users\media\AppData\Local\Temp\HWiNFO64A.SYS [X] <==== UWAGA S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-11-21 17:37 - 2020-11-21 17:47 - 000000000 ____D C:\FRST 2020-11-21 16:02 - 2020-11-21 16:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-11-21 16:01 - 2020-11-21 16:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-11-21 15:55 - 2020-11-21 15:55 - 000000000 ____D C:\Users\media\AppData\Local\{29ADBC8E-DF01-4049-90C0-2B243E6AFFFC} 2020-11-20 11:21 - 2020-11-20 11:21 - 000000000 ____D C:\Users\media\AppData\Local\{1F5FFD0A-B6A4-456B-ADC9-B81D9197AC1A} 2020-11-19 15:29 - 2020-11-20 11:14 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleFormedia.job 2020-11-19 15:29 - 2020-11-19 15:29 - 000003242 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleFormedia 2020-11-18 11:14 - 2020-11-18 11:14 - 000000000 ____D C:\Users\media\AppData\Local\{7ED59B9D-3608-467D-87C1-241E2EECD95C} 2020-11-16 18:49 - 2020-11-16 18:49 - 000000000 ____D C:\Users\media\AppData\Local\{96B394E2-007B-405F-8302-47A9D39B6B75} 2020-11-15 16:15 - 2020-11-15 16:15 - 000000000 ____D C:\Users\media\AppData\Local\{5D132240-0F4C-410D-873A-D564969599C2} 2020-11-14 13:34 - 2020-11-14 13:34 - 000000000 ____D C:\Users\media\AppData\Local\{6C33EFB5-24F2-477B-8C50-FE7B501CFF8F} 2020-11-10 20:11 - 2020-11-10 20:11 - 000000000 ____D C:\Users\media\AppData\Local\{E687E310-8B1D-49C9-9C18-A97D9662331C} 2020-11-08 21:44 - 2020-11-08 21:44 - 000000000 ____D C:\Users\media\AppData\Local\{D84EA92C-B35B-467B-B808-D9239B0A1BEC} 2020-11-06 11:16 - 2020-11-06 11:16 - 000000000 ____D C:\Users\media\AppData\Local\{79B72CDE-DB8A-4D5D-8395-C997CF5C3725} 2020-11-05 15:28 - 2020-11-05 15:28 - 000000000 ____D C:\Users\media\AppData\Local\{81AAAF7C-1E4E-44D6-96B9-107A38E007F2} 2020-11-05 15:25 - 2020-11-05 15:25 - 000000798 _____ C:\Users\media\Dokumenty — skrót.lnk 2020-11-03 13:30 - 2020-11-03 13:30 - 000000000 ____D C:\Users\media\AppData\Local\{63AE5851-B266-43BE-BF7C-086F775F0438} 2020-10-27 11:48 - 2020-10-27 11:48 - 000000000 ____D C:\Users\media\AppData\Local\{F58E1FF2-BE8F-4940-92C3-39D71CB033CC} 2020-10-24 18:34 - 2020-10-24 18:34 - 000000000 ____D C:\Users\media\AppData\Local\{6FF56753-1A81-4FC1-B4B4-ECAD8E4C5BBA} ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-11-21 17:46 - 2015-10-16 09:49 - 000000000 ___RD C:\Users\media\Downloads-old 2020-11-21 17:19 - 2012-04-25 11:05 - 000000000 ____D C:\ProgramData\Mozilla 2020-11-21 17:18 - 2016-11-22 18:47 - 000000000 ____D C:\Users\media\AppData\LocalLow\Mozilla 2020-11-21 16:02 - 2019-03-02 19:25 - 000001277 _____ C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-11-21 16:02 - 2012-04-25 11:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-11-21 16:02 - 2011-03-24 18:02 - 000001312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-11-21 16:00 - 2014-03-23 18:14 - 000000000 ____D C:\Users\media\AppData\Local\CrashDumps 2020-11-20 14:32 - 2017-12-18 22:03 - 000000000 ____D C:\Users\media 2020-11-20 11:21 - 2018-09-07 20:13 - 006098204 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-11-20 11:21 - 2017-09-30 15:29 - 002971504 _____ C:\WINDOWS\system32\perfh015.dat 2020-11-20 11:21 - 2017-09-30 15:29 - 000813518 _____ C:\WINDOWS\system32\perfc015.dat 2020-11-20 11:14 - 2017-12-18 22:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-11-19 18:49 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2020-11-19 18:45 - 2011-04-03 21:36 - 000000000 ____D C:\Users\media\AppData\Roaming\vlc 2020-11-19 15:45 - 2017-12-18 21:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-11-19 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-11-16 17:58 - 2011-04-21 18:00 - 000000000 ____D C:\Users\media\Documents\B-Dokumenty 2020-11-16 17:54 - 2018-06-17 19:40 - 000000000 ____D C:\Users\media\Documents\Joanna 2020-11-16 17:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2020-11-16 17:32 - 2019-09-19 18:28 - 000000000 ____D C:\Users\media\Video 2020-11-16 16:16 - 2011-02-27 13:20 - 000000000 ____D C:\Users\media\AppData\Roaming\SoftGrid Client 2020-11-15 16:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-11-15 16:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-11-11 11:56 - 2017-12-18 22:17 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-11-10 20:11 - 2018-07-11 09:08 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2020-11-10 20:11 - 2018-07-11 09:08 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2020-11-10 20:10 - 2018-07-10 20:53 - 004641848 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2020-11-09 09:57 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF 2020-11-09 09:52 - 2018-09-17 16:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-11-09 09:51 - 2011-05-17 11:56 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-10-24 18:34 - 2020-05-27 15:38 - 000000000 ___RD C:\Users\media\OneDrive 2020-10-24 18:34 - 2017-12-18 22:17 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3550354000-425692153-1505289350-1000 2020-10-24 18:34 - 2015-08-02 15:42 - 000002445 _____ C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2011-03-31 18:39 - 2011-05-02 07:49 - 000001854 _____ () C:\Users\media\AppData\Roaming\GhostObjGAFix.xml 2011-03-16 19:29 - 2016-08-20 20:32 - 000030720 _____ () C:\Users\media\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-02-10 16:48 - 2019-02-10 16:48 - 000000355 _____ () C:\Users\media\AppData\Local\Kosz — skrót.lnk 2011-04-13 08:09 - 2018-09-11 20:29 - 000003132 _____ () C:\Users\media\AppData\Local\mbt-actwiz.log 2017-07-18 13:06 - 2017-07-18 13:06 - 000000218 _____ () C:\Users\media\AppData\Local\recently-used.xbel 2015-08-03 12:12 - 2015-08-03 12:12 - 000000017 _____ () C:\Users\media\AppData\Local\resmon.resmoncfg 2015-03-04 13:00 - 2015-03-04 13:03 - 000877747 _____ () C:\Users\media\AppData\Local\Tempmusic.ogg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-11-10 20:36 ==================== Koniec FRST.txt ========================