Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 16-10-2021 Uruchomiony przez user (administrator) USER-KOMPUTER (LENOVO 4236W1N) (19-10-2021 17:52:50) Uruchomiony z C:\Users\user\Desktop Załadowane profile: user Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Google LLC -> ) [Brak podpisu cyfrowego] C:\Program Files\Google\Drive File Stream\51.0.16.0\crashpad_handler.exe <2> (Google LLC -> ) [Brak podpisu cyfrowego] C:\Program Files\Google\Drive\googledrivesync.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Google LLC -> Google, Inc.) [Brak podpisu cyfrowego] C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe <7> (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avpui.exe (LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\user\AppData\Local\Microsoft\Teams\current\Teams.exe <8> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited) HKLM\...\Run: [Autodesk Sync] => [X] HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [331344 2015-07-22] (Hewlett-Packard -> HP Development Company, L.P.) HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2021-05-05] (ABBYY PRODUCTION LLC -> ABBYY Production LLC.) [Brak podpisu cyfrowego] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.) [Brak podpisu cyfrowego] HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.) [Brak podpisu cyfrowego] HKU\S-1-5-21-4233955700-326730339-91991180-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49952240 2021-09-09] (Google LLC -> ) [Brak podpisu cyfrowego] HKU\S-1-5-21-4233955700-326730339-91991180-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.) [Brak podpisu cyfrowego] HKU\S-1-5-21-4233955700-326730339-91991180-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\user\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-4233955700-326730339-91991180-1000\...\Policies\Explorer: [] HKU\S-1-5-21-4233955700-326730339-91991180-1000\...\MountPoints2: D - D:\setup.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe [54124376 2021-10-14] (Google LLC -> Google, Inc.) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-08] (Google LLC -> Google LLC) [Brak podpisu cyfrowego] HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.) HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.) Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0F3961C3-4DD1-4482-835B-B7D46DFFBB91} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [8776024 2021-03-09] (Lespeed Technology Co., Ltd -> WiseCleaner.com) Task: {18779612-DCD3-45AE-A033-578593AA49AB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24613248 2021-10-10] (Microsoft Corporation -> Microsoft Corporation) Task: {32C7EB84-CD41-4401-832A-6C44E236B744} - System32\Tasks\Opera scheduled Autoupdate 1591210219 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software) Task: {4DBE61FF-6CBA-4D51-AB30-95EFEEFDD4CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2021-10-17] (Microsoft Corporation -> Microsoft Corporation) Task: {5639678F-84F1-478E-A92B-91CACF7EE8CF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2021-10-17] (Microsoft Corporation -> Microsoft Corporation) Task: {5C57A956-C546-4DD5-B0C1-5D4EC8FD8884} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-16] (Google Inc -> Google LLC) Task: {63FBB56C-0D6F-4471-8DA8-135FC6734F37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371888 2021-07-26] (Microsoft Corporation -> Microsoft Corporation) Task: {7AB666CD-18B0-4D85-BBC2-C4372DC3BA7F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24613248 2021-10-10] (Microsoft Corporation -> Microsoft Corporation) Task: {8CCB317B-9909-4ABB-ABAA-D3E1465DC79B} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-07-13] (Lenovo -> ) Task: {8E87C5B8-E52D-48B5-99B3-313DF39F85E1} - System32\Tasks\{15480141-7921-4F10-91F8-330C0407C985} => C:\Windows\system32\pcalua.exe -a D:\USB.EXE -d D:\ Task: {9183034A-C0D8-4798-9557-3A3C43AE0699} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371888 2021-07-26] (Microsoft Corporation -> Microsoft Corporation) Task: {96BCD881-D00B-4277-A47F-8787396B90E5} - \KMSAutoNet -> Brak pliku <==== UWAGA Task: {96DE0BFC-19BB-42F7-8B64-6D07195A1B35} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {9FEC4A99-B9A5-4088-B3E4-4C6F2028F3FC} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [91400 2015-12-05] (Hewlett-Packard -> HP Development Company, L.P.) Task: {A18B5305-BF55-4DB0-9305-338A36CA9FE1} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758792 2021-07-13] (Lenovo -> ) Task: {BBBFF4E5-9B4D-4069-8CCB-EE26854702DB} - System32\Tasks\Opera scheduled assistant Autoupdate 1591210220 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\user\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {C6FACDC9-96BA-481F-86DC-34317846B3BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {D1938559-E604-44D1-8A4B-3FA735A177A2} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [971968 2015-02-02] (@ByELDI -> @ByELDI) [Brak podpisu cyfrowego] Task: {F56356A7-FF24-48FB-9392-B61D275842F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-16] (Google Inc -> Google LLC) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{ECEE1B91-7CF0-4386-8B79-6FB013EF1006}: [DhcpNameServer] 192.168.8.1 FireFox: ======== FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\FFExt\light_plugin_firefox\addon.xpi => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2019-04-20] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\FFExt\light_plugin_firefox\addon.xpi => nie znaleziono FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-06-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-06-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2021-10-19] CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Prezentacje) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-16] CHR Extension: (Kaspersky Protection) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-09-17] CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-16] CHR Extension: (Dysk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-07] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-16] CHR Extension: (Adobe Acrobat) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-04-07] CHR Extension: (Arkusze) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-16] CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-14] CHR Extension: (Program uruchamiający aplikacje dla plików z Dysku (od Google)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-04-07] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-12] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-17] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps//chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKU\S-1-5-21-4233955700-326730339-91991180-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps//chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12] Opera: ======= OPR Profile: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable [2021-10-19] OPR Notifications: Opera Stable -> hxxps//www.facebook.com OPR DefaultSuggestURL: Opera Stable -> hxxps//www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-09-30] OPR Extension: (Amazon Assistant Promotion) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-01] OPR Extension: (Amazon Assistant for Opera) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2021-07-26] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1164664 2019-03-06] (Autodesk, Inc. -> Autodesk Inc.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe [184768 2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2021-10-10] (Microsoft Corporation -> Microsoft Corporation) S4 COMSysApp; C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-14] (Microsoft Windows -> Microsoft Corporation) S4 COMSysApp; C:\Windows\SysWOW64\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation) S4 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.81\elevation_service.exe [1483096 2021-10-07] (Google LLC -> Google LLC) [Brak podpisu cyfrowego] S4 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Brak podpisu cyfrowego] S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S4 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [Brak podpisu cyfrowego] S4 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [Brak podpisu cyfrowego] S4 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [Brak podpisu cyfrowego] S4 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [Brak podpisu cyfrowego] S4 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [Brak podpisu cyfrowego] S4 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [Brak podpisu cyfrowego] S4 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [774736 2017-09-05] (Lenovo -> Lenovo.) S4 MacheenService; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [29472 2012-07-10] (Macheen Inc. -> Macheen) S4 myPWTNTService.exe; C:\Program Files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\myPWTNTService.exe [77824 2017-09-27] () [Brak podpisu cyfrowego] S4 WebUpdate4; C:\Windows\SysWOW64\WebUpdateSvc4.exe [278800 2010-08-18] (Data Perceptions -> Data Perceptions / PowerProgrammer) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S4 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB -> Ericsson AB) S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X] S3 klvssbridge64_18.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe" [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 5U877; C:\Windows\System32\DRIVERS\5U877.sys [166016 2011-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.) R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [195072 2011-10-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [195072 2011-10-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [59904 2015-01-26] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 googledrivefs3525; C:\Windows\System32\DRIVERS\googledrivefs3525.sys [382944 2021-09-09] (Google LLC -> Google, Inc.) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) R1 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klflt; C:\Windows\System32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657696 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1400600 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [246952 2021-09-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [284408 2021-09-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [106224 2021-09-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [216824 2021-09-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S4 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S2 Kmm4xNT; C:\Windows\SysWow64\Drivers\Kmm4xNT.sys [95484 2002-04-26] (DATOM Dariusz Cielebąk) [Brak podpisu cyfrowego] R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo) R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation -> MCCI Corporation) R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation -> MCCI Corporation) R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation -> MCCI Corporation) R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation -> MCCI Corporation) R2 risdxc; C:\Windows\System32\DRIVERS\risdxc64.sys [101888 2011-05-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC) S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2019-05-14] () [Brak podpisu cyfrowego] [Plik w użyciu] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-10-19 17:52 - 2021-10-19 17:53 - 000023988 _____ C:\Users\user\Desktop\FRST.txt 2021-10-19 17:32 - 2021-10-19 17:32 - 000001172 _____ C:\Users\Public\Desktop\Ad-Aware SE Personal.lnk 2021-10-19 17:32 - 2021-10-19 17:32 - 000000000 ____D C:\Users\user\AppData\Roaming\Lavasoft 2021-10-19 17:32 - 2021-10-19 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft Ad-Aware SE Personal 2021-10-19 17:32 - 2021-10-19 17:32 - 000000000 ____D C:\Program Files (x86)\Lavasoft 2021-10-19 17:23 - 2021-10-19 17:04 - 017663736 _____ C:\Users\user\Desktop\Adaware_Installer_UM.exe 2021-10-19 17:13 - 2021-10-19 17:13 - 000000000 ____D C:\ProgramData\adaware 2021-10-19 16:59 - 2021-10-19 16:57 - 002310656 _____ (Farbar) C:\Users\user\Desktop\frst nowy.exe 2021-10-19 15:44 - 2021-10-19 17:53 - 000000000 ____D C:\FRST 2021-10-19 15:24 - 2021-10-19 17:47 - 000000000 ____D C:\ProgramData\Avast Software 2021-10-19 14:54 - 2021-10-19 14:54 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2021-10-19 14:54 - 2021-10-19 14:54 - 000410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll 2021-10-19 14:54 - 2021-10-19 14:54 - 000113543 _____ C:\Windows\SysWOW64\slmgr.vbs 2021-10-19 14:54 - 2021-10-19 14:54 - 000002048 _____ C:\Windows\SysWOW64\winver.exe 2021-10-19 14:54 - 2021-10-19 14:54 - 000001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll 2021-10-19 12:53 - 2021-10-19 12:53 - 000000000 ____D C:\$WINDOWS.~BT 2021-10-19 12:03 - 2021-10-19 12:54 - 000002562 _____ C:\Windows\diagwrn.xml 2021-10-19 12:03 - 2021-10-19 12:54 - 000001908 _____ C:\Windows\diagerr.xml 2021-10-19 11:44 - 2021-10-19 11:44 - 000097280 ____N (Microsoft Corporation) C:\bootsect.exe 2021-10-19 11:33 - 2021-10-19 11:33 - 000153768 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT 2021-10-19 06:52 - 2021-10-19 06:53 - 000538416 _____ C:\Windows\system32\FNTCACHE.DAT 2021-10-18 14:08 - 2021-10-18 14:08 - 000222292 _____ C:\Users\user\Desktop\FS_21_150512 (2).pdf 2021-10-18 13:52 - 2021-10-18 13:52 - 000086813 _____ C:\Users\user\Desktop\264-sgp-2021-certyfikat-pdf 2021-10-18 11:36 - 2021-10-18 11:36 - 000222292 _____ C:\Users\user\Desktop\FS_21_150512 (1).pdf 2021-10-18 11:33 - 2021-10-18 11:33 - 000222292 _____ C:\Users\user\Desktop\FS_21_150512.pdf 2021-09-27 17:47 - 2021-10-17 10:45 - 000002015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-09-27 17:47 - 2021-10-17 10:45 - 000001854 _____ C:\Users\Default\Desktop\Google Slides.lnk 2021-09-27 17:47 - 2021-10-17 10:45 - 000001854 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2021-09-27 17:47 - 2021-10-17 10:45 - 000001842 _____ C:\Users\Default\Desktop\Google Docs.lnk 2021-09-27 17:47 - 2021-09-09 10:29 - 000382944 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3525.sys 2021-09-24 07:38 - 2021-09-24 07:38 - 000284408 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys 2021-09-24 07:37 - 2021-09-24 07:37 - 000246952 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys 2021-09-24 07:37 - 2021-09-24 07:37 - 000216824 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys 2021-09-24 07:37 - 2021-09-24 07:37 - 000106224 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys 2021-09-22 19:51 - 2021-09-24 08:29 - 000337699 _____ C:\Users\user\Desktop\Scan.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-10-19 17:51 - 2019-04-16 21:17 - 000000000 ____D C:\Program Files (x86)\Google 2021-10-19 17:47 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-10-19 17:47 - 2009-07-14 06:45 - 000037520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2021-10-19 17:47 - 2009-07-14 06:45 - 000037520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2021-10-19 17:42 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2021-10-19 15:14 - 2019-04-22 20:08 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2021-10-19 13:20 - 2020-06-24 15:15 - 000115200 ___SH C:\Users\user\Thumbs.db 2021-10-19 12:52 - 2020-05-05 22:24 - 001746432 ___SH C:\Users\user\Desktop\Thumbs.db 2021-10-19 12:41 - 2020-03-21 21:07 - 000000000 ____D C:\Ksiega 2021-10-19 06:50 - 2020-05-17 14:49 - 000000000 ____D C:\Users\user\AppData\Roaming\Wise Disk Cleaner 2021-10-19 06:49 - 2021-04-22 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCNVR 2021-10-18 10:54 - 2021-07-26 12:33 - 000000000 ____D C:\Users\user\Desktop\Skany 2021-10-18 10:25 - 2019-04-18 17:26 - 000000000 ___RD C:\Users\user\Dysk Google 2021-10-17 10:42 - 2019-05-14 21:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-10-17 10:41 - 2019-04-18 17:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-10-15 07:22 - 2021-08-12 20:13 - 000004312 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1591210220 2021-10-15 07:17 - 2019-04-16 21:17 - 000000000 ____D C:\Users\user\AppData\Local\Apps\2.0 2021-10-12 16:57 - 2020-08-03 16:26 - 000000000 ____D C:\Windows\TempInst 2021-10-12 16:57 - 2019-04-16 21:33 - 000031152 _____ C:\Windows\system32\Drivers\pmxdrv.sys 2021-10-08 08:18 - 2011-04-12 15:21 - 000743734 _____ C:\Windows\system32\perfh015.dat 2021-10-08 08:18 - 2011-04-12 15:21 - 000157184 _____ C:\Windows\system32\perfc015.dat 2021-10-08 08:18 - 2009-07-14 07:13 - 001678098 _____ C:\Windows\system32\PerfStringBackup.INI 2021-10-08 07:53 - 2019-04-16 21:17 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-10-05 20:24 - 2020-06-03 20:50 - 000004122 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1591210219 2021-10-03 13:21 - 2021-05-20 08:17 - 000000000 ____D C:\Users\user\Desktop\Nowy folder 2021-10-02 09:54 - 2019-04-16 21:17 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-10-02 09:54 - 2019-04-16 21:17 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-09-28 13:59 - 2019-04-16 21:17 - 000000000 ____D C:\Users\user\AppData\Local\Google 2021-09-27 17:47 - 2019-04-18 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-09-27 17:47 - 2019-04-18 17:24 - 000000000 ____D C:\Program Files\Google 2021-09-22 19:36 - 2009-07-14 07:08 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2021-09-22 12:16 - 2019-11-19 22:26 - 000000000 ____D C:\Users\user\Desktop\Fotowoltaika Oferty ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-05-04 20:40 - 2019-06-19 17:23 - 000007592 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\User32.dll [2019-04-17 00:15] - [2016-11-10 18:32] - 001008640 _____ (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E C:\Windows\SysWOW64\User32.dll [2021-10-19 14:54] - [2021-10-19 14:54] - 000833024 _____ (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356 LastRegBack: 2021-10-11 09:42 ==================== Koniec FRST.txt ========================