Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 29-10-2024 Uruchomiony przez pysiol (administrator) PYSIOL-KOMPUTER (Sony Corporation VGN-NS21Z_S) (01-11-2024 20:15:08) Uruchomiony z C:\Users\pysiol\Downloads\FRST64.exe Załadowane profile: pysiol Platforma: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () <==== UWAGA [zerobajtowy? (Błąd=3)] C:\Program Files\Mozilla Firefox\updated\firefox.exe <28> (atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe ->) (Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe <4> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe <7> (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe (explorer.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (services.exe ->) (Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe Brak dostępu do procesu -> csrss.exe Brak dostępu do procesu -> csrss.exe Brak dostępu do procesu -> dllhost.exe Brak dostępu do procesu -> dllhost.exe Brak dostępu do procesu -> taskhost.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2240288 2019-02-04] (voidtools -> voidtools) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2008-01-01] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2008-01-01] (Google LLC -> Google, Inc.) HKU\S-1-5-21-804025988-211181761-413787009-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2008-01-01] (Google LLC -> Google, Inc.) HKU\S-1-5-21-804025988-211181761-413787009-1000\...\MountPoints2: {27bc6b00-eca5-11e1-89ce-001dbaaf1495} - F:\autorun.EXE HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2008-01-01] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Windows\system32\bzpdf.dll [218624 2013-02-25] (Bullzip) [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2008-01-01] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {8A0006DD-E7C3-48D7-A11F-6A305F89E03B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.) Task: {072BB159-A673-4D55-B84A-C1A5CEA30A64} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-13] (Adobe Inc. -> Adobe) Task: {B36607BE-CBAD-4380-A434-0A30939B4F74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-13] (Adobe Inc. -> Adobe) Task: {D3EA5758-9075-43B2-A5CC-3C8ED34229B0} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [647168 2012-07-16] () [Brak podpisu cyfrowego] Task: {D78F0346-E089-47F9-80C6-BE9DB7A4BA5C} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [647168 2012-07-16] () [Brak podpisu cyfrowego] Task: {13298B14-5A65-41A2-848B-2B63253B3BA4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [3113312 2012-08-22] (Piriform Ltd -> Piriform Ltd) Task: {1534D2F0-684C-4DF9-967C-4F86F75A6DDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-24] (Google Inc -> Google Inc.) Task: {247960AE-2313-4311-A068-1309A33A06D2} - System32\Tasks\GoogleUpdateTaskMachineCore1d15e9dd8579043 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-24] (Google Inc -> Google Inc.) Task: {665D830F-F71F-47F2-9AF1-5BD7E8C3DDBF} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ab7f4e9eb527 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-24] (Google Inc -> Google Inc.) Task: {93A2FCE4-BD43-4EA1-81B4-CE22CBEE68BC} - System32\Tasks\GoogleUpdateTaskMachineCore1d1eb5823270fee => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-24] (Google Inc -> Google Inc.) Task: {94915A4C-2CCC-495C-8C82-2018689A7D42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-24] (Google Inc -> Google Inc.) Task: {679283B8-5DF6-46E5-B46D-64FD489541A0} - System32\Tasks\GoogleUpdateTaskMachineUA1d15e9dd88bc067 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-24] (Google Inc -> Google Inc.) Task: {EBBE3412-4076-4D07-A90C-A0125F6A42F9} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab7f4ecacedc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-24] (Google Inc -> Google Inc.) Task: {157EEC6C-54BA-4338-A8F1-BC9187D18328} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [684608 2024-11-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (dane wartości zawierają 6 znaków więcej). (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d15e9dd8579043.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab7f4e9eb527.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15e9dd88bc067.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 178.235.153.33 178.235.153.32 Tcpip\..\Interfaces\{17396F7C-6526-4E4C-A2FE-80C7EB217865}: [DhcpNameServer] 89.228.4.126 31.11.173.2 Tcpip\..\Interfaces\{6A08112C-2F5E-4894-A1B2-EFA8FCC78E0F}: [DhcpNameServer] 178.235.153.33 178.235.153.32 Tcpip\..\Interfaces\{6A08112C-2F5E-4894-A1B2-EFA8FCC78E0F}\05340574: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{6A08112C-2F5E-4894-A1B2-EFA8FCC78E0F}\14E64627F6964614050727A756D6F6: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{6A08112C-2F5E-4894-A1B2-EFA8FCC78E0F}\655636472716D275966496D2442483734343F5548545: [DhcpNameServer] 89.228.4.126 31.11.173.2 Tcpip\..\Interfaces\{6A08112C-2F5E-4894-A1B2-EFA8FCC78E0F}\655636472716D275966496D2442483734343F5548545: [DhcpDomain] TL-WA854RE Tcpip\..\Interfaces\{6A08112C-2F5E-4894-A1B2-EFA8FCC78E0F}\762716E647: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6A08112C-2F5E-4894-A1B2-EFA8FCC78E0F}\762716E64723: [DhcpNameServer] 89.228.4.126 31.11.173.2 Tcpip\..\Interfaces\{6A08112C-2F5E-4894-A1B2-EFA8FCC78E0F}\845514755494D224533353D293731343: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{BA7290BD-F4E1-47EF-B7DB-BB68B3FAB700}: [DhcpNameServer] 192.168.42.129 HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,10.0.0.1,-1] FireFox: ======== FF DefaultProfile: 62n1d2sh.default FF ProfilePath: C:\Users\pysiol\AppData\Roaming\TomTom\HOME\Profiles\vcv1zphh.default [2012-11-06] FF Extension: (Brak nazwy) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nie znaleziono] FF ProfilePath: C:\Users\pysiol\AppData\Roaming\Mozilla\Firefox\Profiles\lq18snfm.default-esr [2024-11-01] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\pysiol\AppData\Roaming\Mozilla\Firefox\Profiles\lq18snfm.default-esr\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-11-01] FF ProfilePath: C:\Users\pysiol\AppData\Roaming\Mozilla\Firefox\Profiles\62n1d2sh.default [2024-02-25] FF DownloadDir: C:\Users\pysiol\Downloads FF Session Restore: Mozilla\Firefox\Profiles\62n1d2sh.default -> [funkcja włączona] FF Notifications: Mozilla\Firefox\Profiles\62n1d2sh.default -> hxxps://photos.google.com FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\pysiol\AppData\Roaming\Mozilla\Firefox\Profiles\62n1d2sh.default\Extensions\youtubedownloader@youtubedownloadvideo1clickgroup.com.xpi [2023-06-13] FF Extension: (YouTube High Definition) - C:\Users\pysiol\AppData\Roaming\Mozilla\Firefox\Profiles\62n1d2sh.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2023-05-09] FF Extension: (Video DownloadHelper) - C:\Users\pysiol\AppData\Roaming\Mozilla\Firefox\Profiles\62n1d2sh.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-02-25] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\pysiol\AppData\Roaming\Mozilla\Firefox\Profiles\62n1d2sh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-02-08] FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] [Przestarzałe] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> ) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\pysiol\AppData\Local\Google\Chrome\User Data\Default [2024-10-31] CHR DownloadDir: D:\Pobieranie CHR Notifications: Default -> hxxps://web.telegram.org; hxxps://www.bankmillennium.pl; hxxps://www.bzwbk.pl; hxxps://www.empikfoto.pl; hxxps://www.ingbank.pl CHR Session Restore: Default -> [funkcja włączona] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\pysiol\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-04-14] CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\pysiol\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-10-31] CHR Extension: (Dokumenty Google offline) - C:\Users\pysiol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-13] CHR Extension: (Magic Enhancer For YouTube™) - C:\Users\pysiol\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2020-02-05] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\pysiol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12] CHR Profile: C:\Users\pysiol\AppData\Local\Google\Chrome\User Data\System Profile [2021-04-22] CHR HKU\S-1-5-21-804025988-211181761-413787009-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Brave: ======= StartMenuInternet: Brave - ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.) S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-13] (Adobe Inc. -> Adobe) S4 DroidExplorerService; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [254976 2013-08-25] (Ryan Conrad) [Brak podpisu cyfrowego] S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-24] (Google Inc -> Google Inc.) S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-24] (Google Inc -> Google Inc.) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG -> Nero AG) S3 ss_conn_launcher_service; C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Brak podpisu cyfrowego] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109776 2020-07-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S2 .EsetTrialReset; C:\Windows\system32\regedt32.exe /s C:\Windows\esettrialreset.reg ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-12-18] (ChengDu AoMei Tech Co., Ltd -> ) [Brak podpisu cyfrowego] R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6037504 2009-08-18] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) S1 DMICall; C:\Windows\SysWOW64\DRIVERS\DMICall.sys [10216 2008-11-24] (Sony Corporation -> Sony Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET, spol. s r.o. -> ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET, spol. s r.o. -> ESET) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET, spol. s r.o. -> ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET, spol. s r.o. -> ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET, spol. s r.o. -> ESET) R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) S3 mpfilt; C:\Windows\SysWOW64\drivers\mpfilt.sys [10588 2010-05-17] () [Brak podpisu cyfrowego] S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) R2 rimsptsk; C:\Windows\System32\DRIVERS\rimspx64.sys [55296 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC) S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.) R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [12032 2010-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation) S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc. -> SafeNet, Inc.) S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-08-22] (Duplex Secure Ltd -> Duplex Secure Ltd.) R3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) R3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) R3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2015-01-28] (Microsoft Windows Hardware Compatibility Publisher -> RealVNC Ltd.) S0 audas0; system32\DRIVERS\audas0.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-11-01 12:15 - 2024-11-01 12:18 - 000041127 _____ C:\Users\pysiol\Downloads\Addition.txt 2024-11-01 12:14 - 2024-11-01 20:15 - 000021609 _____ C:\Users\pysiol\Downloads\FRST.txt 2024-11-01 12:14 - 2024-11-01 20:15 - 000000000 ____D C:\FRST 2024-11-01 12:14 - 2024-11-01 12:14 - 002397696 _____ (Farbar) C:\Users\pysiol\Downloads\FRST64.exe 2024-11-01 11:01 - 2024-11-01 12:01 - 000000000 ____D C:\Program Files\Mozilla Firefox ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2024-11-01 12:47 - 2015-12-24 01:07 - 000000000 ____D C:\Program Files (x86)\Google 2024-11-01 12:08 - 2016-08-11 20:03 - 000000000 ____D C:\Users\pysiol\AppData\Roaming\Everything 2024-11-01 12:02 - 2022-02-20 22:38 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-11-01 12:01 - 2012-09-08 11:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-11-01 11:12 - 2017-12-17 15:10 - 000000000 ____D C:\Users\pysiol\AppData\Local\CrashDumps 2024-11-01 11:08 - 2009-07-14 05:45 - 000023760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2024-11-01 11:08 - 2009-07-14 05:45 - 000023760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2024-11-01 10:54 - 2019-07-25 18:29 - 000002740 _____ C:\Windows\system32\Tasks\AutoKMSDaily 2024-11-01 10:54 - 2019-07-25 18:29 - 000000202 _____ C:\Windows\Tasks\AutoKMSDaily.job 2024-11-01 10:54 - 2012-07-16 11:45 - 000000202 _____ C:\Windows\Tasks\AutoKMS.job 2024-11-01 10:54 - 2012-07-16 11:44 - 000078848 _____ C:\Windows\KMSEmulator.exe 2024-11-01 10:53 - 2013-11-01 13:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2024-11-01 10:53 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-10-31 10:27 - 2019-11-29 17:15 - 000000000 ____D C:\Users\pysiol\AppData\Local\Everything 2024-10-31 10:24 - 2015-05-12 20:41 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2024-10-31 10:23 - 2012-08-13 21:28 - 000000000 ____D C:\Users\pysiol\AppData\Roaming\Microsoft\Word 2024-10-23 12:11 - 2013-08-03 08:32 - 000000000 ____D C:\Windows\system32\MRT 2024-10-23 12:11 - 2012-07-16 16:02 - 201324920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-10-23 10:41 - 2024-09-05 09:16 - 000000000 ____D C:\Users\pysiol\Desktop\do CV Kamila 2024-10-23 10:11 - 2022-10-17 11:25 - 000002025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2013-10-26 20:35 - 2013-10-26 20:35 - 000068124 _____ () C:\Program Files (x86)\hminstalllog.txt 2012-09-07 21:06 - 2012-09-07 22:36 - 000099384 _____ () C:\Users\pysiol\AppData\Roaming\inst.exe 2012-09-07 21:06 - 2012-09-07 22:36 - 000007859 _____ () C:\Users\pysiol\AppData\Roaming\pcouffin.cat 2012-09-07 21:06 - 2012-09-07 22:36 - 000001167 _____ () C:\Users\pysiol\AppData\Roaming\pcouffin.inf 2012-09-07 21:06 - 2012-09-07 22:36 - 000000055 _____ () C:\Users\pysiol\AppData\Roaming\pcouffin.log 2012-09-07 21:06 - 2012-09-07 22:36 - 000082816 _____ (VSO Software) C:\Users\pysiol\AppData\Roaming\pcouffin.sys 2018-07-25 09:17 - 2018-07-25 09:17 - 000000107 ___SH () C:\Users\pysiol\AppData\Roaming\winuptstart.bat 2015-05-23 00:41 - 2015-05-23 00:41 - 000000001 _____ () C:\Users\pysiol\AppData\Local\llftool.4.40.agreement 2017-10-31 21:35 - 2017-10-31 22:19 - 000000600 _____ () C:\Users\pysiol\AppData\Local\PUTTY.RND 2014-02-18 17:29 - 2014-02-18 17:29 - 000002436 _____ () C:\Users\pysiol\AppData\Local\recently-used.xbel 2016-09-05 22:44 - 2020-04-07 19:42 - 000007601 _____ () C:\Users\pysiol\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2024-10-23 11:14 ==================== Koniec FRST.txt ========================