Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 02-08.2024 Uruchomiony przez Lenovo (administrator) DESKTOP-1G9PTFA (ASUSTeK COMPUTER INC. Vivo AIO 16 V161GA_A41GA) (08-08-2024 12:35:51) Uruchomiony z C:\Users\Lenovo\Downloads\FRST64.exe Załadowane profile: Lenovo Platforma: Microsoft Windows 11 Pro Wersja 23H2 22631.3880 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files (x86)\Kingsoft\WPS Office\12.2.0.17153\office6\wpscenter.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\12.2.0.17153\office6\promecefpluginhost.exe <2> (C:\Program Files (x86)\Kingsoft\WPS Office\12.2.0.17153\office6\wpscenter.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\12.2.0.17153\office6\wps.exe (C:\Program Files (x86)\Kingsoft\WPS Office\12.2.0.17153\office6\wpscloudsvr.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\12.2.0.17153\office6\wpscenter.exe <2> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\12.2.0.17153\office6\wpscloudsvr.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2019-12-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_ListenToDevice] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2019-12-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331232 2024-07-23] (Avira Operations GmbH -> Avira Operations GmbH) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKU\S-1-5-21-2460985897-3955756783-2422704168-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EF70F99B4529735F3564FFE246DB961] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3814968 2024-08-01] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2460985897-3955756783-2422704168-1001\...\Run: [GoogleUpdaterTaskUser128.0.6597.0] => C:\Users\Lenovo\AppData\Local\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC) HKU\S-1-5-21-2460985897-3955756783-2422704168-1001\...\Run: [UninstallT20] => ms-teamsupdate.exe -UninstallT20 (Brak pliku) HKLM\...\Windows x64\Print Processors\Canon MP230 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB5.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP230 series: C:\WINDOWS\system32\CNMLMB5.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\T-Connect App.lnk [2024-07-17] ShortcutTarget: T-Connect App.lnk -> C:\Program Files (x86)\T-Connect App\TConnect2.exe (Takeaway.com Group B.V. -> ) ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {841617A2-E548-4CA7-A02C-B2AEC1273DFF} - System32\Tasks\ASUS Hello => C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe [642448 2018-05-31] (ASUSTeK Computer Inc. -> ) Task: {350BDC22-AD54-4747-837B-8159847AFC23} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {57AF3085-2A57-4AA9-95A5-DC7C9A9D23D1} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {E8AA1721-5906-45E2-8104-1A3D9319D1F0} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\System32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false Task: {B0835130-BE89-4E1F-8199-7CCE9B8D3F4C} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry Task: {B0835130-BE89-4E1F-8199-7CCE9B8D3F4C} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog Task: {B0835130-BE89-4E1F-8199-7CCE9B8D3F4C} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector Task: {6F05709F-6232-4CF4-A3F6-9677A38557E4} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259944 2024-08-01] (Avira Operations GmbH -> Avira Operations GmbH) Task: {F49B9F72-AE68-4EAD-A5BE-710EBF264776} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1775464 2024-08-01] (Avira Operations GmbH -> Avira Operations GmbH) Task: {A934CA10-B280-4050-B068-2B8FE6884A9E} - System32\Tasks\Avira_Security_Update => C:\Windows\System32\net.exe [81920 2022-05-07] (Microsoft Windows -> Microsoft Corporation) Task: {948DA76A-41EB-44CA-8457-378B39DEFF45} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [36795696 2024-07-30] (Avira Operations GmbH -> Avira Operations GmbH) Task: {35C3D3CD-E872-4021-8350-AF386FACE988} - System32\Tasks\GoogleUser\GoogleUpdater\GoogleUpdaterTaskUser128.0.6597.0{5FFDF7D5-813A-4BE3-9AD9-E88F76C7ACAE} => C:\Users\Lenovo\AppData\Local\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Brak pliku) Task: {C97D80F0-1A42-49F0-8879-24D7AD316D5C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Brak pliku) Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe ForcedReboot (Brak pliku) Task: {35F57237-4EFC-460D-BA36-C7268C4DCFD7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (Brak pliku) Task: {3E84D387-2BD7-4405-9FF2-8B9B8AC8CCB3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Brak pliku) Task: {7D993353-1A89-4BAE-93EC-DCDB7F64FB9F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (Brak pliku) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Brak pliku) Task: {6084E133-C587-4632-92F3-C78D5F4EF62C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Task: {08D1619F-D98E-4124-877F-088983544286} - System32\Tasks\WpsExternal_Lenovo_20240714121553 => C:\Program Files (x86)\Kingsoft\WPS Office\12.2.0.17153\office6\wpscloudsvr.exe [1036176 2024-07-14] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external Task: {135083C8-BEF4-422E-84EE-DF46F6297574} - System32\Tasks\WpsUpdateTask_Lenovo => C:\Program Files (x86)\Kingsoft\WPS Office\12.2.0.17153\office6\wpsupdate.exe [1550224 2024-07-14] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== UWAGA (Ograniczenia - Zones) Tcpip\..\Interfaces\{622d5108-dbe1-49bf-a1af-d1bd712a711b}: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{64b37b9a-a170-40f4-9e0f-836d68f780d9}: [NameServer] 8.8.8.8,8.8.4.4 DnsPolicyConfig: [DNS_RESILIENCY_fe3cr.delivery.mp.microsoft.com] => GenericDNSServers=162.159.36.2 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-08] Edge Extension: (Avira Password Manager) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2024-06-05] Edge Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-29] Edge Extension: (Niesamowity ChatGPT Zrzut ekranu i rejestrator) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gpmljinohlbfgmeoaeceoajachkabijo [2023-09-21] Edge Extension: (Edge relevant text changes) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-09-12] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2024-08-08] CHR Notifications: Default -> hxxps://live-orders.takeaway.com CHR Extension: (Avira Password Manager) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2024-05-10] CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-04] CHR Extension: (Niesamowity zrzut ekranu i rejestrator ekranu) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2024-08-08] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-04-26] CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\System Profile [2023-04-26] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6738360 2024-04-26] (Avira Operations GmbH -> Avira Operations GmbH) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [398816 2024-04-23] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265936 2024-08-01] (Avira Operations GmbH -> Avira Operations GmbH) S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [296656 2024-08-01] (Avira Operations GmbH -> Avira Operations GmbH) S2 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [325456 2018-06-12] (ASUSTek Computer Inc. -> ) R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11790048 2024-08-02] (Avira Operations GmbH -> Avira Operations GmbH) S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11790048 2024-08-02] (Avira Operations GmbH -> Avira Operations GmbH) S2 GiftBox.Service; C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe [299320 2019-04-09] (ASUSTek Computer Inc. -> ASUSTeK Computer Inc.) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [957192 2020-09-11] (McAfee, LLC -> McAfee, LLC) S2 MySQL; C:\mysql\my.ini [9083 2019-09-17] () [Brak podpisu cyfrowego] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1036176 2024-07-14] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [176712 2024-03-13] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH) R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-05-25] (Avira Operations GmbH -> Avira Operations GmbH) S3 BrSerIf; C:\WINDOWS\system32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.) S3 BrUsbSer; C:\WINDOWS\system32\DRIVERS\BrUsbSer.sys [19584 2006-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.) S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-09-28] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-01-30] (Martin Malik - REALiX -> REALiX(tm)) R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [115528 2024-05-24] (Avira Operations GmbH -> Avira Operations GmbH) S3 netprotection_network_filter2; C:\WINDOWS\System32\drivers\netprotection_network_filter2.sys [115528 2024-05-24] (Avira Operations GmbH -> Avira Operations GmbH) R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek) R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [414520 2024-08-02] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [414520 2024-08-02] (Avira Operations GmbH -> Avira Operations GmbH) S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28768 2024-04-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-08-08 12:35 - 2024-08-08 12:36 - 000019838 _____ C:\Users\Lenovo\Downloads\FRST.txt 2024-08-08 12:35 - 2024-08-08 12:36 - 000000000 ____D C:\FRST 2024-08-08 12:28 - 2024-08-08 12:31 - 000000000 ____D C:\AdwCleaner 2024-08-08 12:28 - 2024-08-08 12:28 - 002397184 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe 2024-08-08 12:26 - 2024-08-08 12:28 - 008790880 _____ (Malwarebytes) C:\Users\Lenovo\Downloads\adwcleaner.exe 2024-08-07 09:51 - 2024-08-07 09:51 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance 2024-08-07 09:51 - 2024-08-07 09:51 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog 2024-08-07 09:51 - 2024-08-07 09:51 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray 2024-08-07 09:49 - 2024-08-07 09:49 - 000799716 _____ C:\WINDOWS\system32\perfh015.dat 2024-08-07 09:49 - 2024-08-07 09:49 - 000158750 _____ C:\WINDOWS\system32\perfc015.dat 2024-07-30 09:48 - 2024-07-30 09:48 - 000003790 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify 2024-07-26 15:13 - 2024-07-26 15:13 - 000042908 _____ C:\Users\Lenovo\Downloads\FAKTURA_4_07_2024.pdf 2024-07-14 12:16 - 2024-07-14 12:16 - 000003640 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_Lenovo 2024-07-14 12:15 - 2024-07-14 12:15 - 000004070 _____ C:\WINDOWS\system32\Tasks\WpsExternal_Lenovo_20240714121553 2024-07-11 09:27 - 2024-07-11 09:27 - 000025684 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-07-11 09:25 - 2024-07-11 09:25 - 000025684 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-07-11 09:13 - 2024-07-11 09:20 - 000000000 ___HD C:\$WinREAgent ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-08-08 12:35 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF 2024-08-08 12:34 - 2024-05-15 10:51 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Temp 2024-08-08 12:29 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-08-08 08:40 - 2019-10-18 13:19 - 000002538 _____ C:\Users\Lenovo\Desktop\Google Chrome.lnk 2024-08-08 08:40 - 2019-10-18 13:19 - 000002515 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-08-08 08:35 - 2019-09-21 02:46 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles 2024-08-07 16:54 - 2022-09-28 10:32 - 000000000 ____D C:\Users\Lenovo 2024-08-07 16:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-08-07 16:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-08-07 16:05 - 2019-09-21 00:36 - 000000000 ____D C:\ProgramData\Packages 2024-08-07 16:05 - 2019-09-11 18:18 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages 2024-08-07 15:36 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-08-07 12:12 - 2022-07-01 09:47 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps 2024-08-07 09:55 - 2022-09-28 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-08-07 09:51 - 2022-09-28 16:52 - 000003480 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update 2024-08-07 09:51 - 2021-04-16 07:48 - 000001080 _____ C:\Users\Public\Desktop\Avira.lnk 2024-08-07 09:51 - 2021-04-16 07:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2024-08-07 09:49 - 2022-09-28 16:48 - 001797768 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-08-07 09:42 - 2022-09-28 16:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-08-07 09:42 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-08-07 09:42 - 2020-09-29 17:55 - 000012288 ___SH C:\DumpStack.log.tmp 2024-08-07 09:42 - 2018-10-10 20:48 - 000000000 ___HD C:\Intel 2024-08-05 08:14 - 2022-09-28 16:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2460985897-3955756783-2422704168-1001 2024-08-05 08:14 - 2022-09-28 16:52 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2460985897-3955756783-2422704168-1001 2024-08-05 08:14 - 2020-09-29 12:11 - 000002432 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-08-05 08:04 - 2020-06-08 17:13 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-08-05 08:04 - 2020-06-08 17:13 - 000002288 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-08-02 08:50 - 2023-02-15 15:11 - 002284688 _____ C:\WINDOWS\system32\rtp.db 2024-08-02 08:49 - 2024-03-13 13:32 - 000414520 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp2.sys 2024-08-02 08:49 - 2024-03-13 13:32 - 000414520 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp1.sys 2024-07-29 09:26 - 2022-09-28 16:52 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-07-29 09:26 - 2022-09-28 16:52 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-07-21 12:07 - 2019-09-29 09:46 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache 2024-07-20 14:42 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2024-07-17 09:30 - 2022-09-28 09:05 - 000001122 _____ C:\Users\Public\Desktop\T-Connect App.lnk 2024-07-17 09:30 - 2021-03-13 12:33 - 000001134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Connect App.lnk 2024-07-17 09:30 - 2021-03-13 12:33 - 000000000 ____D C:\Program Files (x86)\T-Connect App 2024-07-11 17:09 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-07-11 16:49 - 2022-09-28 16:43 - 000304656 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-07-11 16:48 - 2023-10-16 08:07 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-07-11 16:48 - 2022-05-07 12:41 - 000000000 ____D C:\WINDOWS\InboxApps 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-07-11 16:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-07-11 09:44 - 2019-09-20 12:04 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-07-11 09:41 - 2019-09-20 12:04 - 194135240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-07-11 09:38 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-07-11 09:27 - 2022-09-28 16:46 - 003212800 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================