Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 16-09-2024 Uruchomiony przez jan (administrator) IDEA-PC (LENOVO Lenovo G580) (15-10-2024 21:11:34) Uruchomiony z C:\Users\jan\Desktop\frst\FRST64.exe Załadowane profile: jan Platforma: Microsoft Windows 10 Home Wersja 22H2 19045.5011 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (explorer.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Atheros) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (services.exe ->) (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe (services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2408.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2021-05-25] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKU\S-1-5-21-3093378922-4037662909-1756856159-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation) HKU\S-1-5-21-3093378922-4037662909-1756856159-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jan\AppData\Local\Microsoft\Teams\Update.exe [2587416 2022-12-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3093378922-4037662909-1756856159-1001\...\Run: [MicrosoftEdgeAutoLaunch_A7EEFE4A4586C0CBC0D8086EB64CCE82] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3794984 2024-10-10] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3093378922-4037662909-1756856159-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jan\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Brak pliku) HKU\S-1-5-21-3093378922-4037662909-1756856159-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jan\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [82676776 2024-10-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3093378922-4037662909-1756856159-1001\...\RunOnce: [Uninstall 24.181.0908.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jan\AppData\Local\Microsoft\OneDrive\24.181.0908.0001" [0 2024-10-15] () <==== UWAGA [zerobajtowy plik/folder] HKU\S-1-5-21-3093378922-4037662909-1756856159-1001\...\MountPoints2: {f0f04dba-6602-11e5-be8b-20689d467560} - "F:\setup.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\129.0.6668.90\Installer\chrmstp.exe [2024-10-13] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Brak podpisu cyfrowego] HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-08-10] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Brak podpisu cyfrowego] ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1D402F14-B023-4074-B78B-977E41E5086D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {21E23E13-6154-4BD8-BB9C-DF19E71B72DA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {27C4FFAD-B7DD-4D74-BF8A-44B50598843A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {2C1CB9FC-3D29-4997-A422-84D8B2EAE4D5} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA Task: {5073965F-7C1A-412C-8C7D-39D118FEFD68} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {51608F0C-91A5-417F-BD1D-2DAC9054D652} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {595D9ADC-D128-42AC-B85F-77C4EE474815} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {68BA9E44-25C9-4DFE-9184-308D93D6CF0B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {9DFEBC4E-92F5-4344-9BBC-4520FCA03867} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {DD734466-6E66-4398-A06A-BB17D65CC7AA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {DDB5209F-3B82-47EC-8C53-6623E556593D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {DFF53005-6EC3-4DF3-BD25-87C1D3A0BE3E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA Task: {E2BE7E5D-1B09-43DC-81D3-B0B69FB37D15} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA Task: {F6E546B3-7CF7-43E0-B385-DE0DC022BF5A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {0CA3A063-FA56-4AC1-8FEB-24E60D0E6EF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.) Task: {87187939-8184-4C63-BA0A-85129F59A246} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [1366528 2018-04-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {9028706B-89DC-45AC-B536-E27BD14EDFA5} - System32\Tasks\e-pity2015a_kwiecien => C:\Program Files (x86)\e-file\e-pity2015\Assets\signxml.exe [1092400 2016-02-09] (e-file sp. z o.o. -> e-file sp. z o.o.) Task: {8CCDFEEF-047A-416E-A55F-10960A9DF28E} - System32\Tasks\e-pity2015a_styczen => C:\Program Files (x86)\e-file\e-pity2015\Assets\signxml.exe [1092400 2016-02-09] (e-file sp. z o.o. -> e-file sp. z o.o.) Task: {DD1ECB78-8422-453B-9705-E5653082CD52} - System32\Tasks\e-pity2017_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [1377248 2018-02-12] (e-file sp. z o.o. -> e-file sp. z o.o. sp. k.) Task: {489E21B4-F9D1-403E-B62F-BDEB9D9FBE5F} - System32\Tasks\e-pity2017_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [1377248 2018-02-12] (e-file sp. z o.o. -> e-file sp. z o.o. sp. k.) Task: {923E9D47-22CE-4948-9CDB-0560B75C196D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{7B325968-BF5B-4826-830D-E85026BEADB2} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC) Task: {E8EC3D87-713D-4C73-84DC-B8A0380FB853} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16672 2014-10-16] (LENOVO -> Lenovo) Task: {7DAA6B41-B47B-4631-AFF8-1DBA68C4C1C5} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => %programfiles%\lenovo\lenovo solution center\App\LSCService.exe -> %programfiles%\lenovo\lenovo solution center\Actions UpdateStatus Task: {9F5528E2-6652-4C04-97DB-16B77D6C247D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe -> %programfiles%\Lenovo\Lenovo Solution Center\/show Task: {0542DD15-FCEA-429D-ADE1-FF37BA533C0F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan (Brak pliku) Task: {BD019665-2C5F-4D05-AE9F-D6688F2570CD} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan (Brak pliku) Task: {563D262B-6393-4178-9BB6-66A4A9C12F09} - System32\Tasks\Lenovo\LSC\RebootCountTask => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount (Brak pliku) Task: {EB95AC56-0B17-4009-9C46-026BB434460B} - System32\Tasks\Lenovo\LSC\Time72Task => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate (Brak pliku) Task: {514D382C-ADA8-4B4E-A42F-15A07D15DFB9} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => C:\WINDOWS\system32\clipesu.exe [221680 2024-10-13] (Microsoft Windows -> Microsoft Corporation) Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D0EEE007-6645-47DB-B44F-C92494E8CD42} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\System32\rundll32.exe [89600 2024-08-09] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {BA317E3C-96BA-4D20-946D-B7DC73CEF911} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => %windir%\system32\EOSNotify.exe (Brak pliku) Task: {8C0F405E-2363-4C76-A7CB-566E80C8D6CF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {6C2CB761-0723-428D-84E4-AF300BC8D423} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4B2EB63F-A969-4EA9-BFEC-D7E85A4AE478} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {66A01287-1DAF-4938-9FB3-15C4E1B33C7E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7E49BB71-B2BA-40F7-BD9D-E680DDEC66E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (Brak pliku) Task: {66310F3E-759D-45BD-B305-93ED64534BB0} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [133 2012-03-08] () [Brak podpisu cyfrowego] <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.101.1 8.8.8.8 4.4.4.4 Tcpip\..\Interfaces\{8d13c238-1748-4f77-93f3-38b0115036b4}: [NameServer] 1.1.1.1,8.8.8.8 Tcpip\..\Interfaces\{8d13c238-1748-4f77-93f3-38b0115036b4}: [DhcpNameServer] 192.168.101.1 8.8.8.8 4.4.4.4 Tcpip\..\Interfaces\{8d13c238-1748-4f77-93f3-38b0115036b4}\4556E64616F5437314432383: [DhcpNameServer] 192.168.55.1 Tcpip\..\Interfaces\{8d13c238-1748-4f77-93f3-38b0115036b4}\960586F6E6560282A416B6572692: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{8d13c238-1748-4f77-93f3-38b0115036b4}\960586F6E6560282D4F6E696B61692: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{97fd0666-4f58-494a-b232-5892ef16bfa8}: [DhcpNameServer] 83.175.144.9 192.168.0.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\jan\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-15] Edge Extension: (Dokumenty Google offline) - C:\Users\jan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-11] Edge Extension: (Edge relevant text changes) - C:\Users\jan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-20] FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default [2024-10-15] CHR Notifications: Default -> hxxps://fly.pl; hxxps://inpost.pl; hxxps://leasing.alfaromeo.pl; hxxps://meet.google.com; hxxps://pl.aliexpress.com; hxxps://poczta.onet.pl; hxxps://pogoda.interia.pl; hxxps://vod.tvp.pl; hxxps://www-pity-format-pl.pushpushgo.com; hxxps://www.netflix.com; hxxps://www.picodi.com; hxxps://www.tui.pl; hxxps://www.wp.pl; hxxps://yes.pl CHR Extension: (alerabat.com | kupony i cashback) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacdinoicboceafielngnmjjplncljhj [2024-08-09] CHR Extension: (Dokumenty Google offline) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-15] CHR Extension: (DobreKody.pl) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lohpenaniabjegjlnclgapgejgcpodil [2023-02-19] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01] CHR Profile: C:\Users\jan\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-15] CHR Profile: C:\Users\jan\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-15] CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] Opera: ======= OPR Profile: C:\Users\jan\AppData\Roaming\Opera Software\Opera Stable [2021-06-15] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\jan\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-15] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [Brak podpisu cyfrowego] S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ZDDriver.sys [122496 2010-01-20] (Microsoft Windows Hardware Compatibility Publisher -> ZD Secret Incorporated) S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2020-11-06] (Microsoft Corporation) [Brak podpisu cyfrowego] R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602392 2024-10-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-10-13] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-10-15 21:10 - 2024-10-15 21:10 - 000000000 ____D C:\Users\jan\Desktop\frst 2024-10-15 20:40 - 2024-10-15 20:55 - 000054575 _____ C:\Users\jan\Downloads\Addition.txt 2024-10-15 20:29 - 2024-10-15 20:55 - 000031611 _____ C:\Users\jan\Downloads\FRST.txt 2024-10-15 20:28 - 2024-10-15 21:13 - 000000000 ____D C:\FRST 2024-10-15 20:23 - 2024-10-15 20:23 - 002397696 _____ (Farbar) C:\Users\jan\Downloads\FRST64 (1).exe 2024-10-13 18:07 - 2024-10-13 18:07 - 000000000 ___HD C:\$WinREAgent ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-10-15 21:13 - 2021-05-25 19:22 - 000004206 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{431A9660-F928-47E0-867D-78D0FD979614} 2024-10-15 20:46 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2024-10-15 19:55 - 2020-09-27 07:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-10-15 19:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-10-15 19:41 - 2023-11-21 20:32 - 000002470 _____ C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-10-15 19:41 - 2023-06-06 17:34 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3093378922-4037662909-1756856159-1001 2024-10-15 19:41 - 2021-12-16 20:30 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3093378922-4037662909-1756856159-1001 2024-10-15 19:30 - 2024-08-09 22:19 - 000065536 _____ C:\WINDOWS\system32\Ikeext.etl 2024-10-15 19:30 - 2020-09-27 09:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-10-15 19:30 - 2020-09-27 07:52 - 000008192 ___SH C:\DumpStack.log.tmp 2024-10-15 19:29 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2024-10-15 19:28 - 2021-05-25 18:59 - 000958094 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-10-15 19:28 - 2019-12-07 17:08 - 003510772 _____ C:\WINDOWS\system32\perfh015.dat 2024-10-15 19:28 - 2019-12-07 17:08 - 000962860 _____ C:\WINDOWS\system32\perfc015.dat 2024-10-15 13:58 - 2021-05-25 18:43 - 000000000 ____D C:\Users\jan 2024-10-14 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-10-14 02:48 - 2020-09-27 07:52 - 000446648 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-10-14 02:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-10-14 02:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-10-14 02:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-10-14 02:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-10-14 02:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-10-14 02:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2024-10-14 02:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-10-14 02:43 - 2019-12-07 17:09 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2024-10-14 02:43 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-10-14 02:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-10-14 02:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-10-14 02:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-10-14 02:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-10-14 02:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-10-14 02:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\schemas 2024-10-14 02:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2024-10-14 02:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-10-13 23:56 - 2020-09-27 09:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-10-13 22:37 - 2021-12-21 23:45 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-10-13 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\tracing 2024-10-13 22:17 - 2022-09-19 18:48 - 000000000 ____D C:\Users\jan\AppData\Roaming\com.adobe.dunamis 2024-10-13 22:17 - 2015-02-11 19:22 - 000000000 ____D C:\Users\jan\AppData\Local\Adobe 2024-10-13 22:17 - 2015-02-08 19:13 - 000000000 ____D C:\Users\jan\AppData\Roaming\Adobe 2024-10-13 20:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-10-13 20:23 - 2021-06-15 22:17 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-10-13 20:22 - 2022-10-12 21:17 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-10-13 20:22 - 2022-10-12 21:17 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2024-10-13 20:03 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-10-13 19:24 - 2020-09-27 09:54 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-10-13 16:58 - 2020-09-27 09:55 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-10-13 16:58 - 2020-09-27 09:55 - 000002297 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-10-13 16:51 - 2015-02-12 11:25 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-10-13 16:23 - 2015-02-12 11:25 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-10-13 16:01 - 2020-09-27 09:54 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-10-13 16:01 - 2020-09-27 09:54 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-10-13 15:58 - 2020-09-27 09:56 - 000000000 ____D C:\ProgramData\Packages 2024-10-13 15:58 - 2015-02-08 19:13 - 000000000 ____D C:\Users\jan\AppData\Local\Packages 2024-10-13 15:47 - 2021-03-15 22:10 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-10-13 15:47 - 2021-03-15 22:10 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-10-25 22:57 - 2021-10-25 22:57 - 000000017 _____ () C:\Users\jan\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================