Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 14-12-2020 Uruchomiony przez fakin (administrator) LAPEK (ASUSTeK COMPUTER INC. X550LD) (04-01-2021 15:46:49) Uruchomiony z C:\Users\fakin\Downloads Załadowane profile: fakin Platform: Windows 10 Home Wersja 1809 17763.1577 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files\qBittorrent\qbittorrent.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804360 2016-03-22] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-15] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKU\S-1-5-21-193475535-3007268416-1838977321-1001\...\Run: [qBittorrent] => C:\Program Files\qBittorrent\qbittorrent.exe [25778688 2020-11-24] () [Brak podpisu cyfrowego] HKU\S-1-5-21-193475535-3007268416-1838977321-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50010064 2020-11-03] (Google LLC -> ) HKU\S-1-5-21-193475535-3007268416-1838977321-1001\...\Run: [xwidget] => C:\Program Files (x86)\XWidget\XWidgetStarter.exe [100352 2015-04-21] () [Brak podpisu cyfrowego] HKU\S-1-5-21-193475535-3007268416-1838977321-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-193475535-3007268416-1838977321-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491248 2020-12-07] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-193475535-3007268416-1838977321-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-193475535-3007268416-1838977321-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (dane wartości zawierają 78 znaków więcej). HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [637952 2018-09-15] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-02] (Google LLC -> Google LLC) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {173F6EDA-D4E3-4785-B6D0-560125E951BF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {1B222326-FBD0-48A2-91C0-869BC97E15D0} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-04-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {1FB4DC4C-F433-4213-BC6E-B21896D0962C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {1FE7E0B2-2F4D-4891-BD16-104696CA2B95} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-05] (Dropbox, Inc -> Dropbox, Inc.) Task: {2ACF57F3-9255-46CC-9411-5CE9C2274D71} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.) Task: {2B101A88-6B04-40BB-8643-296BABB7958C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4A3D3099-675E-4002-A95A-94D5805D582F} - System32\Tasks\Driver Booster Scheduler => D:\Torenty\Portable.Driver.Booster.Pro.v5.1.0.488\App\DriverBooster\Scheduler.exe Task: {4F8B9DFC-9D65-4A92-92A5-1EC9AADFE304} - System32\Tasks\Driver Booster SkipUAC (fakin) => D:\Torenty\Apps\Portable.Driver.Booster.Pro.v5.1.0.488\App\DriverBooster\DriverBooster.exe [5876512 2017-11-16] (IObit Information Technology -> IObit) Task: {6A5CD171-79C3-404B-8168-6584661ABC58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {739C3E3A-45E0-478E-95EF-726C22B878FD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {7EFB768B-EDB1-491A-B655-4521DE8FE0AB} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-04-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {8A885B8F-573A-4CCB-960C-9AEE1E28ECDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.) Task: {958275F6-1577-439E-A5FB-0D760F62B677} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A97D6E7B-7748-498D-940C-0642C5D6C680} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4EB6847-AA30-40B4-B59E-9895CFF27C59} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-05] (Dropbox, Inc -> Dropbox, Inc.) Task: {BB003921-E285-487A-845D-F6EF2F82509B} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18392 2017-12-12] (ASUSTeK Computer Inc. -> AsusTek) Task: {CCC39235-003B-4416-8454-344A19516025} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-04-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {E07D9F98-CE90-424B-A782-F2E3ED82C603} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 89.101.160.5 89.101.160.4 Tcpip\..\Interfaces\{4cd9ec0b-1634-4581-82de-8fba86e46def}: [DhcpNameServer] 89.101.160.5 89.101.160.4 Tcpip\..\Interfaces\{6679febe-ee01-4892-9de3-c0961d6cd467}: [DhcpNameServer] 89.101.160.5 89.101.160.4 Tcpip\..\Interfaces\{a54b7d79-bd1d-493a-8e06-19f2c75ab92b}: [DhcpNameServer] 89.101.160.5 89.101.160.4 FireFox: ======== FF DefaultProfile: 6sw6z3hj.default FF ProfilePath: C:\Users\fakin\AppData\Roaming\Mozilla\Firefox\Profiles\6sw6z3hj.default [2021-01-03] FF Extension: (uBlock Origin) - C:\Users\fakin\AppData\Roaming\Mozilla\Firefox\Profiles\6sw6z3hj.default\Extensions\uBlock0@raymondhill.net.xpi [2019-04-20] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-12-02] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Profile 3 CHR Profile: C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default [2020-11-05] CHR HomePage: Default -> hxxps://www.google.ie/?gws_rd=cr&dcr=0&ei=cwVbWsLwIsHMgAbNkY-oDA CHR StartupUrls: Default -> "hxxps://www.google.pl/" CHR Extension: (Prezentacje) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-04] CHR Extension: (Dokumenty) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-04] CHR Extension: (Dysk Google) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-04] CHR Extension: (YouTube) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-04] CHR Extension: (uBlock Origin) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-01-25] CHR Extension: (uVPN - Darmowy i nielimitowany VPN dla wszystkich) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog [2019-09-07] CHR Extension: (Dark Theme v3) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\djlgdeklopcjagknhlchbdjekgpgenad [2018-11-24] CHR Extension: (Adobe Acrobat) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-30] CHR Extension: (Arkusze) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-04] CHR Extension: (Pulpit zdalny Chrome) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-26] CHR Extension: (Dokumenty Google offline) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-25] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-01-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-04] CHR Extension: (Chrome Media Router) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22] CHR Profile: C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-11-05] CHR Profile: C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-11-05] CHR Extension: (Prezentacje) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-04] CHR Extension: (Dokumenty) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-04] CHR Extension: (Dysk Google) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-04] CHR Extension: (YouTube) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-04] CHR Extension: (uBlock Origin) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-08-30] CHR Extension: (Adobe Acrobat) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-04] CHR Extension: (Proper Menubar for Google Chrome) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\egclcjdpndeoioimlbbbmdhcaopnedkp [2020-01-26] CHR Extension: (Arkusze) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-04] CHR Extension: (Dokumenty Google offline) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-30] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-01-04] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-04] CHR Extension: (Gmail) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-04] CHR Extension: (Chrome Media Router) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-08-30] CHR Profile: C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-01-04] CHR Notifications: Profile 3 -> hxxps://ocsnext.ebay.ie CHR HomePage: Profile 3 -> hxxps://www.google.ie/?gws_rd=cr&dcr=0&ei=cwVbWsLwIsHMgAbNkY-oDA CHR StartupUrls: Profile 3 -> "hxxps://www.google.pl/" CHR Extension: (Prezentacje) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-13] CHR Extension: (Dokumenty) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-13] CHR Extension: (Dysk Google) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25] CHR Extension: (YouTube) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-13] CHR Extension: (uBlock Origin) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-12-03] CHR Extension: (Dark Theme v3) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\djlgdeklopcjagknhlchbdjekgpgenad [2020-01-13] CHR Extension: (Adobe Acrobat) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-24] CHR Extension: (Video Downloader professional) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-11-05] CHR Extension: (Arkusze) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-13] CHR Extension: (Pulpit zdalny Chrome) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2020-01-13] CHR Extension: (Dokumenty Google offline) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-13] CHR Extension: (Gmail) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\fakin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-28] CHR Profile: C:\Users\fakin\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-05] CHR HKU\S-1-5-21-193475535-3007268416-1838977321-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-05] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-05] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-15] (Dropbox, Inc -> Dropbox, Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [110544 2017-12-12] (ASUSTeK Computer Inc. -> ASUS Corporation) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-11-24] (ESET, spol. s r.o. -> ESET) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-05] (Martin Malik - REALiX -> REALiX(tm)) S3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [17408 2018-09-15] (Microsoft Windows -> Microsoft Corporation) S3 NPF; C:\WINDOWS\System32\drivers\NPF.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [212552 2018-04-27] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-05] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-05] (Microsoft Windows -> Microsoft Corporation) U4 npcap_wifi; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-01-04 15:46 - 2021-01-04 15:47 - 000025691 _____ C:\Users\fakin\Downloads\FRST.txt 2021-01-04 15:44 - 2021-01-04 15:47 - 000000000 ____D C:\FRST 2021-01-04 15:43 - 2021-01-04 15:43 - 002286592 _____ (Farbar) C:\Users\fakin\Downloads\FRST64.exe 2020-12-16 02:17 - 2020-12-16 02:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2020-12-15 21:09 - 2020-12-15 21:09 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2020-12-15 21:09 - 2020-12-15 21:09 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2020-12-15 21:09 - 2020-12-15 21:09 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2020-12-15 21:09 - 2020-12-15 21:09 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2020-12-14 10:12 - 2020-12-14 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2020-12-14 10:12 - 2020-12-14 10:12 - 000000000 ____D C:\Program Files\qBittorrent ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-01-04 15:38 - 2018-01-04 15:24 - 000000000 ____D C:\Users\fakin\AppData\Roaming\qBittorrent 2021-01-04 15:37 - 2018-12-30 10:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-01-04 14:53 - 2018-01-05 03:05 - 000000000 ____D C:\Users\fakin\Downloads\Pliki Torrent 2021-01-04 12:17 - 2018-01-26 05:11 - 000000000 ___RD C:\Users\fakin\Dysk Google 2021-01-04 12:16 - 2019-04-14 03:57 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2021-01-04 12:16 - 2018-01-04 14:37 - 000000000 __SHD C:\Users\fakin\IntelGraphicsProfiles 2021-01-04 12:16 - 2018-01-04 14:36 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-01-04 09:11 - 2018-01-04 14:52 - 000000000 ____D C:\ProgramData\NVIDIA 2021-01-04 06:31 - 2020-01-04 09:28 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-01-04 06:04 - 2018-09-15 07:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-03 13:26 - 2018-02-04 07:11 - 000000000 ____D C:\Users\fakin\AppData\LocalLow\Mozilla 2021-01-03 13:25 - 2020-07-03 13:05 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-01-03 13:25 - 2018-09-23 19:03 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-01-03 13:25 - 2018-09-23 19:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-01-03 03:57 - 2020-07-02 15:56 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-01-02 13:10 - 2018-12-30 10:24 - 001678738 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-01-02 13:10 - 2018-09-15 16:43 - 000750610 _____ C:\WINDOWS\system32\perfh015.dat 2021-01-02 13:10 - 2018-09-15 16:43 - 000145206 _____ C:\WINDOWS\system32\perfc015.dat 2021-01-02 13:10 - 2018-09-15 07:31 - 000000000 ____D C:\WINDOWS\INF 2021-01-02 13:03 - 2019-12-22 11:42 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-01-02 13:03 - 2018-12-30 10:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-01-02 13:03 - 2018-09-15 06:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-12-24 18:19 - 2018-09-15 07:33 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-19 07:03 - 2018-09-15 07:33 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-17 02:56 - 2018-12-30 10:22 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-193475535-3007268416-1838977321-1001 2020-12-17 02:56 - 2018-12-30 10:17 - 000002442 _____ C:\Users\fakin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-12-17 02:56 - 2018-01-04 14:30 - 000000000 ___RD C:\Users\fakin\OneDrive 2020-12-16 02:17 - 2018-02-05 00:38 - 000000000 ____D C:\Program Files (x86)\Dropbox 2020-12-09 18:01 - 2018-02-06 03:58 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-12-09 14:33 - 2020-01-04 09:43 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2020-12-09 14:33 - 2020-01-04 09:43 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2020-12-06 04:33 - 2019-04-21 01:20 - 000000000 ____D C:\Users\fakin\AppData\Roaming\foobar2000 2020-12-05 05:49 - 2018-03-02 23:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-01-04 09:27 - 2020-01-04 09:27 - 000000410 _____ () C:\Users\fakin\AppData\Local\oobelibMkey.log 2020-07-02 15:25 - 2020-07-02 15:25 - 000000984 _____ () C:\Users\fakin\AppData\Local\recently-used.xbel 2018-01-04 15:03 - 2020-10-19 02:07 - 000007599 _____ () C:\Users\fakin\AppData\Local\Resmon.ResmonCfg 2020-06-25 14:49 - 2020-06-25 14:50 - 000000000 _____ () C:\Users\fakin\AppData\Local\{0078018F-F96B-4FF7-8CBD-10DFB2C9A9F9} 2020-06-25 14:48 - 2020-06-25 14:50 - 000000000 _____ () C:\Users\fakin\AppData\Local\{0E5ABB5B-6B28-4335-8DB7-BDA5D501F636} 2020-06-25 14:50 - 2020-06-25 14:50 - 000000000 _____ () C:\Users\fakin\AppData\Local\{FD258AD9-5FEC-4484-A53C-84B822B2A0A4} ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================