Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 02-03-2025 Uruchomiony przez Beata (administrator) BEATA-KOMPUTER (Hewlett-Packard HP 655 Notebook PC) (05-03-2025 13:55:27) Uruchomiony z F:\Do.Siostry.Beaty\FRST64.exe Załadowane profile: Beata Platforma: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (C:\Windows\SysWOW64\srvany.exe ->) () [Brak podpisu cyfrowego] C:\Windows\KMService.exe (explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) () [Brak podpisu cyfrowego] C:\Windows\SysWOW64\srvany.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (APN LLC -> APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (Huawei Technologies Co.,Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe (services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (taskeng.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-04-06] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [455976 2025-02-13] (Avast Software s.r.o. -> Gen Digital Inc.) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT CORPORATION -> IVT Corporation) HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe******************************************************************************* (Brak pliku) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-01-23] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-3627182684-2662262530-400240162-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-3627182684-2662262530-400240162-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Beata\AppData\Local\Microsoft\Teams\Update.exe [2594000 2025-01-27] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3627182684-2662262530-400240162-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-3627182684-2662262530-400240162-1000\...\MountPoints2: {3e5f6d0c-6675-11ee-a7e4-f4b7e22f7ef6} - F:\autorun.exe HKU\S-1-5-21-3627182684-2662262530-400240162-1000\...\MountPoints2: {54d7dd92-7c42-11e7-8622-f4b7e22f7ef6} - F:\AutoRun.exe HKU\S-1-5-21-3627182684-2662262530-400240162-1000\...\MountPoints2: {e0208eb9-562e-11e3-ad8a-f4b7e22f7ef6} - G:\SETUP.EXE HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-01] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 3830 series): C:\Windows\system32\HPDiscoPME611.dll [840328 2017-04-17] (Hewlett Packard -> HP Inc.) HKLM\...\Print\Monitors\HP E611 Status Monitor: C:\Windows\system32\hpinkstsE611LM.dll [393352 2017-04-10] (Hewlett Packard -> HP Inc.) HKLM\...\Print\Monitors\PJL Language Monitor: C:\Windows\system32\PJLMON.DLL [22016 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2024-06-28] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0C52D630-0397-4C8F-A70F-6B4691E360DC} - System32\Tasks\{88449530-414A-42BE-98B1-F3B33717DBA3} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\swsetup\SP56547\Setup.exe -d C:\swsetup\SP56547 Task: {973C76A5-1AA9-485D-84FD-CFFC3265B34A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.) Task: {028401CC-6CFD-4FFC-BCEA-1A6849E77CBE} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8432936 2025-01-24] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {D52B84B5-B938-4E84-B8C5-FDD2833B5A60} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5278504 2025-02-13] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {14C16ECD-B3F3-40F6-98A0-E0F4BB33FDBF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-11-20] (Avast Software s.r.o. -> Gen Digital Inc.) Task: {9C29ED75-F4FB-4B01-A763-1BD41B8CBC1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6690520 2016-06-01] (Piriform Ltd -> Piriform Ltd) Task: {CB574B08-6624-4CE7-A785-C9D6BA13B200} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3627182684-2662262530-400240162-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {44650904-D7E5-4DD2-9A8D-AF6478859B2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2024-06-28] (Google Inc -> Google Inc.) Task: {A2CBA6AB-A14B-46B7-9B90-743DA89CBCA2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2024-06-28] (Google Inc -> Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.3.1 Tcpip\..\Interfaces\{0F37E6B0-A0E7-484F-B656-8B8091A63927}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{31DEEAE3-AE9C-4F4F-8E13-B3A6CCABD549}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{6B0FBC78-4659-433F-9115-16CE6B6FE390}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{75B05B32-FED0-4AEC-A42A-2E3AB178F331}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{75B05B32-FED0-4AEC-A42A-2E3AB178F331}: [DhcpDomain] home Tcpip\..\Interfaces\{868636DB-5E9A-4606-B2A6-22B0667401BA}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{E38CF769-42EE-48AA-A187-C53E2FCA6429}: [DhcpNameServer] 192.168.3.1 Tcpip\..\Interfaces\{E38CF769-42EE-48AA-A187-C53E2FCA6429}\14E64627F696461405: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{E38CF769-42EE-48AA-A187-C53E2FCA6429}\1647D6F63766562716: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{E38CF769-42EE-48AA-A187-C53E2FCA6429}\1647D6F63766562716: [DhcpDomain] edimax.com Tcpip\..\Interfaces\{E38CF769-42EE-48AA-A187-C53E2FCA6429}\7545A5023596F63747279713: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{E38CF769-42EE-48AA-A187-C53E2FCA6429}\7545A5023596F63747279723: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{E38CF769-42EE-48AA-A187-C53E2FCA6429}\7545A5023596F63747279753: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{E38CF769-42EE-48AA-A187-C53E2FCA6429}\7545A5023596F63747279783: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Beata\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-05] FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2025-02-21] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Profile 2 CHR Profile: C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-10-06] CHR Extension: (Prezentacje) - C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2023-08-02]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Dokumenty) - C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2023-08-02]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Dysk Google) - C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2023-08-02]hxxps://clients2.google.com/service/update2/crx CHR Extension: (YouTube) - C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2023-08-02]hxxp://clients2.google.com/service/update2/crx CHR Extension: (Arkusze) - C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2023-08-02]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Dokumenty Google offline) - C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-02]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-02]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Gmail) - C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2023-08-02]hxxps://clients2.google.com/service/update2/crx CHR Profile: C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-03-05] CHR Notifications: Profile 2 -> hxxps://dolinamodlitwy.pl; hxxps://pl.aleteia.org; hxxps://www.youtube.com CHR Extension: (Dokumenty Google offline) - C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-17]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Beata\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-02]hxxps://clients2.google.com/service/update2/crx CHR Profile: C:\Users\Beata\AppData\Local\Google\Chrome\User Data\System Profile [2025-01-15] CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2018-07-02] CHR HKU\S-1-5-21-3627182684-2662262530-400240162-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2018-07-02] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.) R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [194632 2018-05-15] (APN LLC -> APN LLC.) S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7498024 2025-02-13] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [805672 2025-02-13] (Avast Software s.r.o. -> Gen Digital Inc.) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1257256 2025-02-13] (Avast Software s.r.o. -> Gen Digital Inc.) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-06-28] (Avast Software s.r.o. -> AVAST Software) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT CORPORATION -> IVT Corporation) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT CORPORATION -> IVT Corporation) S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2024-06-28] (Google Inc -> Google Inc.) S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2024-06-28] (Google Inc -> Google Inc.) R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-11-26] () [Brak podpisu cyfrowego] R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2015-09-23] (Huawei Technologies Co.,Ltd. -> ) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [60416 2009-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe" [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [20536 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [235064 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [384080 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [295992 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [84536 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [28728 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276536 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [553016 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [23472 2024-06-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [98360 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [69712 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [956472 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [1425976 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [206904 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [383032 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Technology Corporation -> Ralink Corporation.) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (Ralink Technology Corporation -> IVT Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Technology Corporation -> Ralink Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Technology Corporation -> Ralink Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-26] (Disc Soft Ltd -> Disc Soft Ltd) S3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [692832 2012-10-02] (Ralink Technology Corporation -> Ralink Technology, Corp.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Technology Corporation -> Ralink Corporation.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2025-03-05 13:54 - 2025-03-05 13:56 - 000000000 ____D C:\FRST 2025-02-28 16:04 - 2025-02-28 16:05 - 000000000 ____D C:\Program Files\Honeyview 2025-02-28 16:04 - 2025-02-28 16:04 - 000000896 _____ C:\Users\Public\Desktop\Honeyview.lnk 2025-02-28 16:04 - 2025-02-28 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Honeyview 2025-02-28 16:02 - 2025-02-28 16:03 - 008101720 _____ C:\Users\Beata\Downloads\HONEYVIEW-SETUP.EXE 2025-02-27 16:26 - 2025-02-27 16:26 - 000000000 ____D C:\Users\Beata\AppData\Local\GHISLER 2025-02-27 09:50 - 2025-02-27 09:50 - 000000000 ____D C:\Users\Beata\AppData\Roaming\GHISLER 2025-02-22 19:36 - 2025-02-22 19:36 - 000368423 _____ C:\Users\Beata\Desktop\walentynkowe zdjęcie.pptx 2025-02-22 18:13 - 2025-02-22 18:13 - 000329374 _____ C:\Users\Beata\Downloads\Oswoic_znaczy_stworzyc_wiezy.pdf 2025-02-14 10:39 - 2025-02-13 09:49 - 000316200 _____ (Gen Digital Inc.) C:\Windows\system32\aswBoot.exe 2025-02-05 14:05 - 2025-02-05 14:05 - 000073241 _____ C:\Users\Beata\Documents\Prezentacja1.pptx ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2025-03-05 13:56 - 2009-07-14 18:55 - 000740446 _____ C:\Windows\system32\perfh015.dat 2025-03-05 13:56 - 2009-07-14 18:55 - 000155988 _____ C:\Windows\system32\perfc015.dat 2025-03-05 13:56 - 2009-07-14 06:13 - 001669606 _____ C:\Windows\system32\PerfStringBackup.INI 2025-03-05 13:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2025-03-05 13:49 - 2009-07-14 05:45 - 000033248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2025-03-05 13:49 - 2009-07-14 05:45 - 000033248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2025-03-05 13:48 - 2013-11-26 02:05 - 000000000 ____D C:\Program Files (x86)\Google 2025-03-05 13:45 - 2023-10-04 15:37 - 000000000 ____D C:\Users\Beata\AppData\Roaming\Microsoft\Teams 2025-03-05 13:39 - 2012-09-26 09:53 - 000000967 _____ C:\Windows\SysWOW64\bscs.ini 2025-03-05 13:38 - 2013-11-26 02:37 - 000003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI 2025-03-05 13:36 - 2024-06-28 07:19 - 000000000 ____D C:\ProgramData\Avast Software 2025-03-05 13:36 - 2013-11-26 02:37 - 000000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI 2025-03-05 13:35 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2025-03-04 11:41 - 2024-07-12 20:42 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-03-04 11:41 - 2024-07-12 20:42 - 000003282 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2025-03-04 11:41 - 2024-06-28 07:35 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2025-03-04 11:41 - 2024-06-28 07:20 - 000003778 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2025-03-04 11:41 - 2024-06-28 07:20 - 000003650 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2025-03-04 11:41 - 2016-08-12 20:45 - 000002802 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2025-03-04 11:41 - 2015-01-01 20:28 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2025-03-04 11:41 - 2014-01-07 14:49 - 000003106 _____ C:\Windows\system32\Tasks\{88449530-414A-42BE-98B1-F3B33717DBA3} 2025-03-04 10:07 - 2016-08-12 21:19 - 000000000 ____D C:\Users\Beata\AppData\Roaming\Microsoft\Word 2025-02-28 16:06 - 2025-01-04 20:46 - 000000000 ____D C:\Users\Beata\Desktop\scenariusze i materiały na praktyki 2025-02-27 10:18 - 2023-10-13 18:07 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk 2025-02-27 09:59 - 2016-08-12 20:45 - 000000000 ____D C:\Program Files\CCleaner 2025-02-25 09:42 - 2024-11-27 18:53 - 000000000 ____D C:\Users\Beata\Desktop\BETLEJEMKA 2025-02-22 19:37 - 2024-05-08 20:00 - 000000000 ____D C:\Users\Beata\Desktop\bieące zadania do wykonania 2025-02-22 14:59 - 2015-08-23 12:31 - 000000626 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI 2025-02-15 09:45 - 2009-07-14 06:08 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2025-02-13 18:05 - 2024-10-10 18:18 - 000055064 _____ (Gen Digital Inc.) C:\Windows\system32\icarus_rvrt.exe 2025-02-13 09:49 - 2024-06-28 07:34 - 001425976 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSP.sys 2025-02-13 09:49 - 2024-06-28 07:34 - 000553016 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswNetHub.sys 2025-02-13 09:49 - 2024-06-28 07:34 - 000383032 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswVmm.sys 2025-02-13 09:49 - 2024-06-28 07:34 - 000295992 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsh.sys 2025-02-13 09:49 - 2024-06-28 07:34 - 000276536 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswMonFlt.sys 2025-02-13 09:49 - 2024-06-28 07:34 - 000098360 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRdr2.sys 2025-02-13 09:49 - 2024-06-28 07:34 - 000084536 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbuniv.sys 2025-02-13 09:49 - 2024-06-28 07:34 - 000069712 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRvrt.sys 2025-02-13 09:49 - 2024-06-28 07:34 - 000028728 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswKbd.sys 2025-02-13 09:48 - 2024-06-28 07:34 - 000956472 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSnx.sys 2025-02-13 09:48 - 2024-06-28 07:34 - 000384080 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsdriver.sys 2025-02-13 09:48 - 2024-06-28 07:34 - 000235064 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArPot.sys 2025-02-13 09:48 - 2024-06-28 07:34 - 000020536 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArDisk.sys 2025-02-05 14:05 - 2016-08-11 18:09 - 000000000 ____D C:\Users\Beata\AppData\Roaming\Microsoft\PowerPoint ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-12-27 11:25 ==================== Koniec FRST.txt ========================