Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15-01-2022 Uruchomiony przez Kamil (administrator) LENOVOG500S (LENOVO 20245) (21-01-2022 15:59:05) Uruchomiony z F:\ Załadowane profile: Kamil Platform: Microsoft Windows 8.1 (Update) (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Users\Kamil\AppData\Roaming\Nova Star\NovaLCT\Bin\MarsServerProvider\MarsServerProvider.exe () [Brak podpisu cyfrowego] C:\Users\Kamil\AppData\Roaming\Nova Star\NovaLCT\Bin\MonitorDaemon\MonitorDaemon.exe (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <7> (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Ivaylo Beltchev -> IvoSoft) [Brak podpisu cyfrowego] C:\Program Files\Classic Shell\ClassicStartMenu.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14228.20226\OfficeClickToRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NovaStar) [Brak podpisu cyfrowego] C:\Users\Kamil\AppData\Roaming\Nova Star\NovaLCT\Bin\MonitorManager\NovaMonitorManager.exe (Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [Brak podpisu cyfrowego] HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [900704 2013-03-15] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [Brak podpisu cyfrowego] HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2019-03-04] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2019-03-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) HKLM\...\Run: [NovaMonitorManager] => C:\Users\Kamil\AppData\Roaming\Nova Star\NovaLCT\Bin\MonitorManager\NovaMonitorManager.exe [57856 2019-09-29] (NovaStar) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153808 2018-12-19] (Panda Security S.L. -> Panda Security, S.L.) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [82183912 2019-07-11] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, <==== UWAGA HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-3773730119-867695352-343840697-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3884720 2017-10-04] (ALLPlayer Group -> ALLPlayer.org) HKU\S-1-5-21-3773730119-867695352-343840697-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540200 2019-02-21] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3773730119-867695352-343840697-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Kamil\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-09-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2021-08-12] (Google LLC -> Google LLC) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-11-01] (NVIDIA CORPORATION -> NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156256 2013-11-01] (NVIDIA CORPORATION -> NVIDIA Corporation) Startup: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2019-09-04] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0D259318-CEE9-47C5-9A54-01E870BE3B53} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23252888 2021-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {0FD48332-FEA0-4C3B-8924-5969A560E1A5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [1457152 2018-06-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {16CB8403-F309-426C-A31F-4CCEA2C55B33} - System32\Tasks\GoogleUpdateTaskMachineCore{D6B9C918-EAA8-4FF4-A34A-5E9EB4E06407} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-12] (Google LLC -> Google LLC) Task: {1EBF51AE-C6BC-4FDD-853D-08ECE05748A0} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) Task: {2B4234EF-9EC6-41BB-8152-DB14C7CE8075} - Brak ścieżki do pliku Task: {39376DE5-7E93-49B1-955A-598DD0C69C1F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23252888 2021-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {6AFA9E27-7A94-4995-A891-E55373615BC4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-08-12] (Microsoft Corporation -> Microsoft Corporation) Task: {701F5063-212B-4ED7-8156-72F31F4F5D4D} - Brak ścieżki do pliku Task: {9EA5D8BF-D518-43FE-8955-5DB2F4CB09ED} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-08-12] (Microsoft Corporation -> Microsoft Corporation) Task: {CDEC30A9-959F-4C20-90AC-A80291728869} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1150872 2021-08-12] (Microsoft Corporation -> Microsoft Corporation) Task: {E0D4E494-F3A5-4F2B-80C5-769C995E1D15} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy Task: {EB641AB9-406D-49BF-9646-561712F01AB5} - System32\Tasks\GoogleUpdateTaskMachineUA{9C7476DB-8834-4725-BBFB-830ED827C2E0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-12] (Google LLC -> Google LLC) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 195.88.28.30 195.88.28.99 Tcpip\..\Interfaces\{380ECB48-B864-4391-85E7-881349D4E7C3}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{84F19F78-354A-4692-9F3A-584C83A49EF8}: [DhcpNameServer] 195.88.28.30 195.88.28.99 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA FireFox: ======== FF DefaultProfile: 35hx2igv.default FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\35hx2igv.default [2021-05-19] FF Homepage: Mozilla\Firefox\Profiles\35hx2igv.default -> www.google.pl FF Session Restore: Mozilla\Firefox\Profiles\35hx2igv.default -> [funkcja włączona] FF Extension: (AdBlock) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\35hx2igv.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-02-16] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2018-06-07] (Adobe Systems Incorporated -> ) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2018-06-07] (Adobe Systems Incorporated -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-11-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-11-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-08-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-08-12] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default [2022-01-21] CHR Extension: (Prezentacje) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-21] CHR Extension: (Dokumenty) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-21] CHR Extension: (Dysk Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-21] CHR Extension: (YouTube) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-21] CHR Extension: (Arkusze) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-21] CHR Extension: (Dokumenty Google offline) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-21] CHR Extension: (Gmail) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-21] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142136 2021-07-30] (Microsoft Corporation -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2021-08-12] (Malwarebytes Inc -> Malwarebytes) R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109536 2018-12-18] (Panda Security S.L. -> Panda Security, S.L.) R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security S.L -> Panda Security, S.L.) R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-12-19] (Panda Security S.L. -> Panda Security, S.L.) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 ss_conn_launcher_service; C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [160176 2021-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52832 2016-03-23] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220568 2021-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [194480 2021-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [69040 2021-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-08-12] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [156792 2021-08-12] (Malwarebytes Inc -> Malwarebytes) R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [111456 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSDNS; C:\Windows\System32\DRIVERS\NNSDns.sys [104728 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [124840 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [130472 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [95472 2018-07-16] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [143880 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [94976 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [345248 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [287032 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [286544 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [129448 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [197720 2019-01-13] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [159832 2019-01-13] (Panda Security S.L. -> Panda Security, S.L.) R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [214104 2018-12-13] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146520 2019-01-13] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [158808 2019-01-13] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [128600 2018-12-19] (Panda Security S.L. -> Panda Security, S.L.) R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (Wszystkie) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-01-21 15:58 - 2022-01-21 15:59 - 000000000 ____D C:\FRST 2022-01-21 15:55 - 2022-01-21 15:55 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\IGDump ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-01-21 15:56 - 2019-09-04 22:47 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3773730119-867695352-343840697-1001 2022-01-21 15:55 - 2018-06-07 09:35 - 000000000 ____D C:\Users\Kamil\AppData\Local\ClassicShell 2022-01-21 15:53 - 2021-04-03 17:50 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-21 15:53 - 2021-04-03 17:50 - 000003282 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-01-21 15:52 - 2018-06-07 09:50 - 000000000 ____D C:\Program Files (x86)\Google ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2019-09-04 14:20 ==================== Koniec FRST.txt ========================