Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 16-10-2022 Uruchomiony przez pszen (administrator) DESKTOP-PKO5OE2 (ASUSTeK COMPUTER INC. X556UQK) (23-10-2022 10:28:04) Uruchomiony z C:\Users\pszen\Downloads Załadowane profile: pszen Platform: Microsoft Windows 10 Home Wersja 21H1 19043.2130 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Brak podpisu cyfrowego] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2> (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCopyAccelerator.exe (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxEM.exe (explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <29> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (SearchIndexer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (services.exe ->) (Avaya Inc. -> Avaya Inc.) C:\Windows\SysWOW64\QosServM.exe (services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco HostScan\bin\ciscod.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (services.exe ->) (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2> (services.exe ->) (TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-05-02] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1713432 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.) HKU\S-1-5-21-4099042752-900424334-1160265230-1000\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-11] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-11] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\Run: [GG] => C:\Users\pszen\AppData\Local\GG\Application\gghub.exe [4078144 2022-03-09] (GG Network S.A. -> GG Network S.A.) HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\Run: [utweb] => C:\Users\pszen\AppData\Roaming\uTorrent Web\utweb.exe [6282784 2022-03-26] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\Run: [ut] => C:\Users\pszen\AppData\Roaming\uTorrent\uTorrent.exe [2103968 2022-06-02] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31297304 2022-09-20] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\Run: [MicrosoftEdgeAutoLaunch_1BE92F778BA5D780E6461ABE58FBFEA9] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-20] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-12] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\PLAP Providers: [{C15C0AAF-C309-FE12-BB17-814630A2009F}] -> C:\WINDOWS\SysWOW64\vpnplap64.dll [2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.) HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {251713B7-730E-490A-A971-A26BA86A5F84} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2BF0CAA5-301A-4E10-88FC-B919377625FF} - System32\Tasks\Optimize Thumbnail Cache => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe [61104 2020-09-26] (Flexera Software LLC -> InstallShield®) [Brak podpisu cyfrowego] <==== UWAGA Task: {4FA7151A-D599-4B9C-9CFC-B7C9A69EFB13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {635A185A-88AD-4B41-9344-B07C284A75E9} - \Microsoft\Windows\WindowsUpdate\sih -> Brak pliku <==== UWAGA Task: {69DCBE7C-0B27-4D74-9AD7-EB1E555F3984} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Brak pliku <==== UWAGA Task: {87737984-77A3-4139-BA6F-820EBE933008} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8933CC2F-94A1-48F6-AEFA-1072D1BCE695} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Brak pliku <==== UWAGA Task: {94F13E2F-23E2-4281-9D87-2CF7B90F6974} - \Microsoft\XblGameSave\XblGameSaveTaskLogon -> Brak pliku <==== UWAGA Task: {9E53997A-113F-4DBB-8EA3-96558D447A57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4CDA936-BEFF-4BE9-8DC7-861854E97575} - System32\Tasks\KMSpico Automatic Update Scheduler => C:\Program Files\KMSpico\KMSUPD.exe [89272 2021-02-11] (KMSpico ByELDI LTD -> @ByELDI) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{21f09f47-f9ce-4af9-a69f-1675db9f0fa5}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{e771d720-68dd-43b2-ad46-ecf933d7218d}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge Profile: C:\Users\pszen\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-23] FireFox: ======== FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-09-28] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\pszen\AppData\Local\Google\Chrome\User Data\Default [2022-10-23] CHR Notifications: Default -> hxxps://portal.abczdrowie.pl; hxxps://www.napiprojekt.pl CHR HomePage: Default -> hxxp://www.google.com CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\pszen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-09-05] CHR Extension: (Pobieracz wideo dla Vimeo) - C:\Users\pszen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgmcdpfpkoildicgacgldinemhgmcbgp [2022-06-24] CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\pszen\AppData\Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2022-10-03] CHR Extension: (MetaMask) - C:\Users\pszen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-10-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\pszen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-29] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) R2 ciscod.exe; C:\Program Files (x86)\Cisco\Cisco HostScan\bin\ciscod.exe [885528 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-13] (Microsoft Corporation -> Microsoft Corporation) S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> ) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncHelper.exe [3383704 2022-10-11] (Microsoft Corporation -> Microsoft Corporation) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [228344 2022-09-20] (HP Inc. -> HP Inc.) R2 iClarityQoSService; C:\WINDOWS\SysWOW64\\QosServM.exe [1666896 2020-02-13] (Avaya Inc. -> Avaya Inc.) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Brak podpisu cyfrowego] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Brak podpisu cyfrowego] S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\OneDriveUpdaterService.exe [3804040 2022-10-11] (Microsoft Corporation -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe" [X] S4 McProxy; "C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [300456 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.) R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [22656 2016-02-23] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS) R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [152064 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-13] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-11-02] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-11-02] (Disc Soft Ltd -> Disc Soft Ltd) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 monectdevices; C:\WINDOWS\System32\drivers\monectdevices.sys [15768 2013-12-03] (Kasherlab Technology Inc. -> ) R3 MpKslf76bbb4b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54D67D70-2C70-46E3-A92C-BB3BC14DCF34}\MpKslDrv.sys [228632 2022-10-23] (Microsoft Windows -> Microsoft Corporation) S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-03-17] (Nvidia Corporation -> Windows (R) Win 7 DDK provider) S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2021-09-17] (Cisco Systems, Inc. -> Cisco Systems, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-13] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-10-23 10:26 - 2022-10-23 10:26 - 002373632 _____ (Farbar) C:\Users\pszen\Downloads\FRST64.exe 2022-10-23 10:12 - 2022-10-23 10:12 - 000003642 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{6DFFFE4D-6A1B-4707-AAA8-3E1688F2B77F} 2022-10-23 10:12 - 2022-10-23 10:12 - 000003518 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{F8CA8592-2E9B-44C3-BF71-9B63F8D37D7B} 2022-10-23 10:02 - 2022-10-23 10:02 - 000003802 _____ C:\WINDOWS\system32\Tasks\Optimize Thumbnail Cache 2022-10-23 10:02 - 2022-10-23 10:02 - 000003354 _____ C:\WINDOWS\system32\Tasks\KMSpico Automatic Update Scheduler 2022-10-23 10:02 - 2022-10-23 10:02 - 000000000 ____D C:\Program Files\KMSpico 2022-10-16 18:38 - 2022-10-16 18:38 - 000524288 _____ C:\Users\pszen\Downloads\U_03_07_0297214_0751022RW.pdf 2022-10-14 14:21 - 2022-10-14 14:21 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2022-10-12 08:07 - 2022-10-12 08:07 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-10-12 08:07 - 2022-10-12 08:07 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-10-12 08:07 - 2022-10-12 08:07 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-10-12 08:07 - 2022-10-12 08:07 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-10-12 08:06 - 2022-10-12 08:06 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-10-12 08:06 - 2022-10-12 08:06 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-10-12 08:06 - 2022-10-12 08:06 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-10-12 08:00 - 2022-10-12 08:00 - 000000000 ___HD C:\$WinREAgent 2022-10-06 10:49 - 2022-10-23 10:09 - 000000458 _____ C:\Users\pszen\Desktop\leady play.txt 2022-10-02 11:22 - 2022-10-02 11:22 - 000001965 _____ C:\Users\Public\Desktop\Garmin Express.lnk 2022-10-02 11:22 - 2022-10-02 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2022-09-27 10:04 - 2022-10-03 08:03 - 000000919 _____ C:\Users\pszen\Desktop\umowa.txt ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-10-23 10:28 - 2021-11-20 14:14 - 000020929 _____ C:\Users\pszen\Downloads\FRST.txt 2022-10-23 10:28 - 2017-12-19 23:23 - 000000000 ____D C:\FRST 2022-10-23 10:26 - 2022-03-29 16:47 - 000000000 ____D C:\WINDOWS\INF 2022-10-23 10:23 - 2022-03-29 17:34 - 000000000 ____D C:\Program Files (x86)\Google 2022-10-23 10:16 - 2022-03-29 16:50 - 000786892 _____ C:\WINDOWS\system32\perfh015.dat 2022-10-23 10:16 - 2022-03-29 16:50 - 000152736 _____ C:\WINDOWS\system32\perfc015.dat 2022-10-23 10:16 - 2022-03-29 16:26 - 001767980 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-10-23 10:14 - 2022-03-29 17:27 - 000000000 ____D C:\Users\pszen\AppData\Local\Packages 2022-10-23 10:10 - 2022-03-29 16:48 - 000000000 ____D C:\WINDOWS\ServiceState 2022-10-23 10:10 - 2022-03-29 16:48 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-23 10:10 - 2022-03-29 16:04 - 000000000 ____D C:\ProgramData\NVIDIA 2022-10-23 10:10 - 2022-03-29 16:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-10-23 10:10 - 2020-07-29 21:01 - 000008192 ___SH C:\DumpStack.log.tmp 2022-10-23 10:10 - 2017-10-28 16:33 - 000000000 __SHD C:\Users\pszen\IntelGraphicsProfiles 2022-10-23 10:09 - 2022-03-29 16:43 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-10-23 10:08 - 2022-03-29 16:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2022-10-23 10:08 - 2021-10-09 18:34 - 000002328 ____H C:\Users\pszen\Documents\Default.rdp 2022-10-23 08:56 - 2022-03-29 16:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-10-23 08:47 - 2022-03-29 16:48 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-23 08:47 - 2022-03-29 16:48 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-10-23 08:47 - 2020-06-13 10:14 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-10-23 08:45 - 2022-03-29 18:25 - 000000200 _____ C:\Users\pszen\AppData\Roaming\sp_data.sys 2022-10-15 17:47 - 2022-09-14 18:21 - 000000000 ____D C:\Users\pszen\AppData\Local\Notepad 2022-10-15 17:46 - 2022-04-07 17:59 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-10-15 17:46 - 2022-03-29 16:01 - 000441936 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-10-15 17:45 - 2022-03-29 16:48 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-10-15 17:45 - 2022-03-29 16:48 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-10-15 17:45 - 2022-03-29 16:48 - 000000000 ____D C:\WINDOWS\SystemResources 2022-10-15 17:45 - 2022-03-29 16:48 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-10-15 17:45 - 2022-03-29 16:48 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-10-15 17:45 - 2022-03-29 16:48 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-10-15 17:45 - 2022-03-29 16:48 - 000000000 ____D C:\WINDOWS\Provisioning 2022-10-15 17:45 - 2022-03-29 16:48 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-10-15 17:45 - 2022-03-29 16:48 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-10-13 16:11 - 2022-03-29 17:36 - 000000000 ____D C:\Users\pszen\AppData\Local\D3DSCache 2022-10-13 08:21 - 2016-11-14 04:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-10-13 07:59 - 2022-03-29 16:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-10-12 18:32 - 2022-03-29 17:34 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-10-12 08:10 - 2022-03-29 16:44 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-10-12 08:09 - 2022-03-29 16:48 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2022-10-12 08:09 - 2022-03-29 16:48 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2022-10-12 08:06 - 2022-03-29 16:05 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-10-12 08:00 - 2022-03-30 17:57 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-10-12 07:58 - 2022-03-30 17:57 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-10-11 10:10 - 2022-04-05 16:36 - 000002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-10-10 15:33 - 2021-12-05 12:04 - 000000000 ____D C:\Users\pszen\Desktop\ppp 2022-10-02 11:23 - 2022-07-28 20:50 - 000000000 ____D C:\ProgramData\Garmin 2022-10-02 11:22 - 2022-07-28 20:50 - 000000000 ____D C:\Program Files (x86)\Garmin 2022-10-02 11:22 - 2017-03-30 16:22 - 000000000 ____D C:\ProgramData\Package Cache ==================== Pliki w katalogu głównym wybranych folderów ======== 2022-03-29 18:25 - 2022-10-23 08:45 - 000000200 _____ () C:\Users\pszen\AppData\Roaming\sp_data.sys ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================