Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-09-2021 Uruchomiony przez Jola (administrator) LAPTOP-JOLANTA (Acer Aspire E5-575G) (19-09-2021 09:44:15) Uruchomiony z C:\Users\Jola\Desktop Załadowane profile: Jola Platform: Windows 10 Home Wersja 20H2 19042.1237 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JajuwaServer.exe (Acer Incorporated -> ) C:\OEM\Preload\FubTracking\FubTracking.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\http\1628765859\nif2_ols_ca.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1631523263\fshoster64.exe <2> (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1631523263\fsorsp64.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1631523263\fsulprothoster.exe (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe <3> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKU\S-1-5-21-1146579958-381356915-3942461415-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1146579958-381356915-3942461415-1001\...\Run: [MicrosoftEdgeAutoLaunch_FBA4775C8ABA2C363AE16D2D70C15F01] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKLM\...\Windows x64\Print Processors\ssm1MPC: C:\Windows\System32\spool\prtprocs\x64\ssm1mpc.dll [43520 2015-03-18] (Windows (R) Codename Longhorn DDK provider) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\ssm1M Langmon: C:\Windows\system32\ssm1mlm.dll [22528 2015-03-18] () [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\uxs01 Langmon: C:\Windows\system32\uxs01l.dll [29184 2014-04-16] () [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-15] (Google LLC -> Google LLC) Startup: C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JajuwaServer.exe [2020-03-08] () [Brak podpisu cyfrowego] ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {119CB73D-93E9-4C52-9D69-30F067AD8B96} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {13A3B760-1D9C-4ABC-8803-9D2F7CCBC45E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964728 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1971FA20-FAD9-4B04-9100-8340E31C2470} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe (Odmowa dostępu) <==== UWAGA Task: {2D6FBF08-3F7C-4CEF-A5B3-C5276D7DAE7F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [658040 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {47256642-C914-4F48-8168-36293532DC0E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {5A8C5CDE-3D27-4211-A3B4-D4A8D5FBB8DA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe Task: {5F0DC8EE-2F97-4BD2-9830-A8193EA09D39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-05] (Google Inc -> Google Inc.) Task: {61CF7D0C-0D59-4EC7-917C-692EDB2604AE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [658040 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {689CFA80-5D04-47DF-986D-F4C2A19BC4A5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519288 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {700DDCD6-4341-44C6-8624-7C5303F6514E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {813CA1E4-2EA7-42B9-8F95-0FAB30EFC28A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {85D7A8B8-0A35-47A7-9F5F-2856C773F8AD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {8711A06F-50AA-46D0-8C6B-25F83F278646} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {8C81C990-CD9E-4729-B266-7BC069635C68} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864824 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8CC85794-4CF8-473C-99E4-E23D77133670} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe Task: {A9F75BC6-D1FA-44B6-B9DB-3817F9D04747} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AAAA78A8-20F6-4C46-A9F8-16F87AF90E56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-05] (Google Inc -> Google Inc.) Task: {B340AA16-3034-44E0-A8FF-CC3E85DCEF93} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {BA15375D-1271-4348-8E60-E3031E47F062} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fs_hotfix.exe [338264 2021-05-19] (F-Secure Corporation -> F-Secure Corporation) Task: {C43D723E-C086-4F68-B22A-D721D9A241C3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521336 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C5E71F32-710A-4A1B-B700-6DF142DB4AF6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {D332DF5A-B69C-48B6-8603-C012466DFD91} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{4859c34c-f23a-4b3c-b966-5e560c74ad6d}: [DhcpNameServer] 62.179.1.62 62.179.1.63 Tcpip\..\Interfaces\{81379808-56cb-48fd-9564-15fa69583ffe}: [DhcpNameServer] 62.179.1.62 62.179.1.63 Edge: ======= DownloadDir: C:\Users\Jola\Downloads Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\Jola\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-19] Edge StartupUrls: Default -> "hxxp://google.pl/" Edge Extension: (Browsing Protection by F-Secure) - C:\Users\Jola\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpikpibllpjmpnchjajlibnmmomnnhnm [2021-08-26] Edge HKLM\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm] Edge HKLM-x32\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm] FireFox: ======== FF DefaultProfile: jtp4alp2.default FF ProfilePath: C:\Users\Jola\AppData\Roaming\Mozilla\Firefox\Profiles\jtp4alp2.default [2021-08-25] FF Extension: (Amazon Assistant for Firefox) - C:\Users\Jola\AppData\Roaming\Mozilla\Firefox\Profiles\jtp4alp2.default\Extensions\abb-acer@amazon.com [2020-08-28] [Przestarzałe] FF Extension: (Polski Language Pack) - C:\Users\Jola\AppData\Roaming\Mozilla\Firefox\Profiles\jtp4alp2.default\Extensions\langpack-pl@firefox.mozilla.org [2020-08-28] [Przestarzałe] FF Extension: (Mozilla Partner Defaults) - C:\Users\Jola\AppData\Roaming\Mozilla\Firefox\Profiles\jtp4alp2.default\Extensions\partnerdefaults@mozilla.com [2020-08-28] [Przestarzałe] FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2016-05-05] [Przestarzałe] FF Extension: (Polski Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pl@firefox.mozilla.org [2016-05-05] [Przestarzałe] FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-05-05] [Przestarzałe] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> ) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default [2021-09-19] CHR DownloadDir: C:\Users\Jola\Desktop CHR Notifications: Default -> hxxps://born2be.pl; hxxps://komfort.pl; hxxps://talizman.pl; hxxps://www.odkrywamyzakryte.com; hxxps://www.wp.pl CHR StartupUrls: Default -> "hxxps://www.google.pl/" CHR DefaultSearchURL: Default -> hxxp://a.wpimg.pl/a/i/stg/550/favicon.ico CHR Extension: (Prezentacje) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15] CHR Extension: (Dokumenty) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15] CHR Extension: (Dysk Google) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (YouTube) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-05] CHR Extension: (Poczta) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpidnlocdigmigganjfkmhjkpgigjecm [2017-03-05] CHR Extension: (Facebook) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2017-03-05] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-02] CHR Extension: (LIBRUS Synergia) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\enpnngfdkfdnfpagggmifgacmahpnnom [2017-03-05] CHR Extension: (Cat Taiki Theme) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\epjigjbihgjmelngicfmimbpbfebldcp [2017-03-05] CHR Extension: (Arkusze) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15] CHR Extension: (Dokumenty Google offline) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24] CHR Extension: (Allegro) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgdhjjnhpikfdmmhbgmgcnmadfoioafc [2017-03-05] CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2021-07-22] CHR Extension: (Groupon) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkppdjhjafoajbkhnbmopbadhfgcmmch [2021-05-09] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (Terapiamed Kraków - przychodnia zdrow...) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofgekjmabjkfbfbenafmlmkjjllicoj [2018-11-29] CHR Extension: (Gmail) - C:\Users\Jola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 fshoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe [238936 2021-05-19] (F-Secure Corporation -> F-Secure Corporation) R2 fsnethoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\fshoster32.exe [238936 2021-05-19] (F-Secure Corporation -> F-Secure Corporation) R2 fsulhoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1631523263\fshoster64.exe [605008 2021-09-13] (F-Secure Corporation -> F-Secure Corporation) R2 fsulnethoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1631523263\fshoster64.exe [605008 2021-09-13] (F-Secure Corporation -> F-Secure Corporation) R2 fsulorsp; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1631523263\fsorsp64.exe [99480 2021-09-13] (F-Secure Corporation -> F-Secure Corporation) R2 fsulprothoster; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1631523263\fsulprothoster.exe [605008 2021-09-13] (F-Secure Corporation -> F-Secure Corporation) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Brak podpisu cyfrowego] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Brak podpisu cyfrowego] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13271336 2021-09-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-07-24] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-07-24] (Disc Soft Ltd -> Disc Soft Ltd) R3 F-Secure Gatekeeper; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1631523263\fsulgk.sys [352712 2021-09-13] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation) R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [58752 2021-08-19] (F-Secure Corporation -> F-Secure Corporation) S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15816 2021-06-02] (Microsoft Windows Early Launch Anti-malware Publisher -> F-Secure Corporation) R2 fsnif2; C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\nif2\1631265528\nif2s64.sys [192384 2021-09-11] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-20] (Acer Incorporated -> Acer Incorporated) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-20] (Acer Incorporated -> Acer Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 MpKslf4085fd1; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FFAE5C10-CF60-4937-B176-84330B3AB625}\MpKslDrv.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-09-19 09:44 - 2021-09-19 09:46 - 000024330 _____ C:\Users\Jola\Desktop\FRST.txt 2021-09-19 09:40 - 2021-09-19 09:40 - 002304000 _____ (Farbar) C:\Users\Jola\Desktop\FRST64.exe 2021-09-17 09:22 - 2021-09-17 09:22 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-09-17 09:22 - 2021-09-17 09:22 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-09-17 09:21 - 2021-09-17 09:21 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-09-17 09:21 - 2021-09-17 09:21 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-09-17 09:21 - 2021-09-17 09:21 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2021-09-17 09:21 - 2021-09-17 09:21 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-09-17 09:20 - 2021-09-17 09:20 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2021-09-17 09:20 - 2021-09-17 09:20 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-09-17 09:20 - 2021-09-17 09:20 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-09-17 09:20 - 2021-09-17 09:20 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-09-17 09:20 - 2021-09-17 09:20 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-09-17 09:20 - 2021-09-17 09:20 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2021-09-17 09:19 - 2021-09-17 09:19 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-09-17 09:19 - 2021-09-17 09:19 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-09-17 09:18 - 2021-09-17 09:18 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2021-09-17 09:18 - 2021-09-17 09:18 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-09-17 09:18 - 2021-09-17 09:18 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-09-17 09:18 - 2021-09-17 09:18 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-09-17 09:17 - 2021-09-17 09:17 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-09-17 09:17 - 2021-09-17 09:17 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-09-17 08:12 - 2021-09-17 08:12 - 000000000 ___HD C:\$WinREAgent 2021-09-09 21:36 - 2021-09-09 21:36 - 000212222 _____ C:\Users\Jola\Desktop\Wzor-wniosku-organizacji--zwiazkowej-o-zwolnienie-z-obowiazku-swiadczenia-pracy----godziny-zwiazkowe.pdf 2021-09-05 10:47 - 2021-09-05 10:48 - 000000000 ____D C:\Users\Jola\AppData\Roaming\WhatsApp 2021-09-05 10:47 - 2021-09-05 10:47 - 000002198 _____ C:\Users\Jola\Desktop\WhatsApp.lnk 2021-09-05 10:47 - 2021-09-05 10:47 - 000000000 ____D C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2021-09-05 10:47 - 2021-09-05 10:47 - 000000000 ____D C:\Users\Jola\AppData\Local\WhatsApp 2021-09-05 10:47 - 2021-09-05 10:47 - 000000000 ____D C:\Users\Jola\AppData\Local\SquirrelTemp 2021-08-25 11:51 - 2021-08-25 11:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-09-19 09:45 - 2019-09-08 18:35 - 000000000 ____D C:\FRST 2021-09-19 09:31 - 2017-07-19 15:48 - 000000000 ____D C:\Program Files\CCleaner 2021-09-19 09:31 - 2017-03-05 14:30 - 000000000 ____D C:\Program Files (x86)\Google 2021-09-19 09:31 - 2016-12-09 20:39 - 000000000 ____D C:\ProgramData\NVIDIA 2021-09-19 09:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-09-19 09:28 - 2017-03-05 14:17 - 000000000 __SHD C:\Users\Jola\IntelGraphicsProfiles 2021-09-18 22:15 - 2020-11-08 18:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-09-18 11:40 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-09-18 11:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-09-18 11:24 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-09-18 11:20 - 2020-11-08 19:11 - 001769800 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-09-18 11:20 - 2019-12-07 17:08 - 000785594 _____ C:\WINDOWS\system32\perfh015.dat 2021-09-18 11:20 - 2019-12-07 17:08 - 000152454 _____ C:\WINDOWS\system32\perfc015.dat 2021-09-18 11:19 - 2017-03-05 14:27 - 000000000 ____D C:\Users\Jola\AppData\Local\CrashDumps 2021-09-18 11:13 - 2019-11-11 13:00 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-09-18 11:12 - 2020-11-08 19:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-09-18 11:12 - 2020-11-08 18:48 - 000008192 ___SH C:\DumpStack.log.tmp 2021-09-17 10:25 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-09-17 10:21 - 2020-11-08 18:48 - 000444728 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-09-17 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-09-17 10:17 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-09-17 09:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-09-17 08:17 - 2020-06-03 18:25 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-09-17 08:17 - 2020-06-03 18:25 - 000002290 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-09-17 08:06 - 2017-03-05 19:41 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-09-17 08:01 - 2017-03-05 19:41 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-09-17 07:56 - 2017-04-29 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2021-09-15 10:04 - 2017-03-05 14:31 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-09-14 22:48 - 2020-11-08 19:21 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-09-14 22:45 - 2017-03-05 14:33 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-09-12 13:09 - 2020-11-08 19:21 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1146579958-381356915-3942461415-1001 2021-09-12 13:09 - 2020-11-08 17:48 - 000002424 _____ C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-09-09 21:42 - 2018-12-08 17:45 - 000000000 ____D C:\Users\Jola\AppData\Local\D3DSCache 2021-09-09 21:05 - 2017-12-23 19:47 - 000000000 ____D C:\Users\Jola\AppData\Local\Packages 2021-09-02 12:28 - 2019-03-12 10:28 - 000000000 ____D C:\Users\Jola\Desktop\CIT 2021-08-28 15:55 - 2020-10-02 09:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================