Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 04-12-2022 Uruchomiony przez Dawid (administrator) LAPTOP-T9UT23AM (Acer Aspire F5-573G) (09-12-2022 23:59:54) Uruchomiony z C:\Users\dawid\Desktop Załadowane profile: Dawid Platform: Microsoft Windows 10 Home Wersja 22H2 19045.2251 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe (C:\Program Files (x86)\KMPlayer\KMPlayer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15> (C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe (C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe (DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxEM.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe (explorer.exe ->) (PANDORATV Co.,Ltd -> PandoraTV) C:\Program Files (x86)\KMPlayer\KMPlayer.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxCUIService.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe (svchost.exe ->) (Acer Incorporated -> ) C:\OEM\Preload\FubTool\FubTool.exe (svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxext.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ograniczenia <==== UWAGA HKU\S-1-5-21-3597902193-37950043-4154797834-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-3597902193-37950043-4154797834-1001\...\MountPoints2: {d61cd9b4-90bf-11e7-ba3e-5800e39d30d0} - "E:\setup.exe" HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\Windows\system32\hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\Windows\system32\HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\Windows\system32\hpinkstsE111LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.99\Installer\chrmstp.exe [2022-12-09] (Google LLC -> Google LLC) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {00E7DFC3-176E-408F-B3A9-9A5C6504B218} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {06B887C8-B25F-4618-8E51-0CDF754C6081} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {07356FD3-5BB6-4EC4-92E7-012600880F9D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [562544 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {15EC059B-2573-4DEE-8200-C3DB786A2894} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1950D5D4-61D4-4ADF-A5E9-BFF24BA74745} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) Task: {20B88657-BFAE-428E-B6F8-E76265FA604F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-25] (Acer Incorporated -> ) Task: {338C3171-8CB1-4C9C-9982-570E98F7ABCA} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> ) Task: {345C89EF-3E11-451C-9C3A-51851477FA45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3FBF3D9A-2E3F-47EC-96A3-251C3335892B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-02] (Google Inc -> Google Inc.) Task: {4326CC80-BA3A-4C1F-AE03-DE360EF94695} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {55F450AB-9D4D-4A92-AB60-7E63CB620490} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-25] (Acer Incorporated -> Acer Incorporated) Task: {5ADC35F0-A2C4-495F-89D4-6A1F6FAAFBB6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5FBC06C8-0674-48CA-A73F-B56463710C71} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {72D27C2E-4F31-4738-8E5B-57C659E602D8} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {795F9850-87C9-425F-B7FD-A732AF475B0C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2018-05-28] (Acer Incorporated -> ) Task: {7FB23A8F-23FD-477A-A28C-2752721D03BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-02] (Google Inc -> Google Inc.) Task: {922690E3-8737-42C6-A0B9-FAD1958EC0BD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9CD32E39-792F-4641-B9A9-902CDC8AE5BD} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [421792 2016-07-29] (Acer Incorporated -> Acer Incorporated) Task: {A4F38DAE-056B-4A76-8547-73CC615C896B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {AD5020B9-F62F-46AD-917A-62466B534AC2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B0FB8403-585E-4D41-BFF4-8545276D9A27} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CDFFC6F9-F459-41CF-A6B4-9E32CBB50F43} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2019-01-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D73CB218-3206-4BFB-838E-05E9C107F48B} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {E39A0BD5-686D-4150-A44E-5586F9C3CF8C} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated) Task: {E7CE31AC-E513-4239-B705-C2D14616AB5C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: ) Task: {F84BFF1A-288E-4D07-8DB7-1E7D82862A25} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2766240 2016-07-29] (Acer Incorporated -> Acer Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 31.11.173.2 89.228.4.126 Tcpip\..\Interfaces\{4c73efa0-0121-4a3a-8478-a6671285fb57}: [DhcpNameServer] 31.11.173.2 89.228.4.126 Tcpip\..\Interfaces\{cfd10b3f-102e-4848-96d8-10f4a6d072f2}: [DhcpNameServer] 31.11.173.2 89.228.4.126 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge Profile: C:\Users\dawid\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-12] Edge DownloadDir: Default -> C:\Users\dawid\Downloads Edge HomePage: Default -> hxxp://www.onet.pl/ FireFox: ======== FF DefaultProfile: voom8979.default FF ProfilePath: C:\Users\dawid\AppData\Roaming\Mozilla\Firefox\Profiles\voom8979.default [2019-04-17] FF Extension: (Mozilla Partner Defaults) - C:\Users\dawid\AppData\Roaming\Mozilla\Firefox\Profiles\voom8979.default\Extensions\partnerdefaults@mozilla.com [2018-02-13] [Przestarzałe] FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2019-01-20] [Przestarzałe] FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2019-01-20] [Przestarzałe] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-22] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-22] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\dawid\AppData\Local\Google\Chrome\User Data\Default [2022-12-10] CHR DownloadDir: C:\Users\dawid\Desktop CHR Notifications: Default -> hxxps://ccc.eu; hxxps://ottwow.com; hxxps://sprzedajemy.pl; hxxps://www.pkobp.pl; hxxps://www.youtube.com CHR HomePage: Default -> hxxp://polsatnews.pl/ CHR StartupUrls: Default -> "hxxp://polsatnews.pl/" CHR Extension: (Dokumenty Google offline) - C:\Users\dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-04] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-04] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\dawid\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-24] CHR Profile: C:\Users\dawid\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-24] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego] R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Brak podpisu cyfrowego] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Brak podpisu cyfrowego] R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-07-29] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-07-29] (Acer Incorporated -> Acer Incorporated) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-03] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-09-03] (Disc Soft Ltd -> Disc Soft Ltd) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 MpKsl5ac986bc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{40568310-4EA8-400D-AB68-03661B147CAF}\MpKslDrv.sys [214280 2022-12-09] (Microsoft Windows -> Microsoft Corporation) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated) S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12528 2022-10-24] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Brak podpisu cyfrowego] S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-12-09 23:59 - 2022-12-10 00:01 - 000022216 _____ C:\Users\dawid\Desktop\FRST.txt 2022-12-09 23:57 - 2022-12-09 23:57 - 002375680 _____ (Farbar) C:\Users\dawid\Desktop\FRST64.exe 2022-12-07 20:14 - 2022-12-07 20:14 - 000062000 _____ C:\Users\dawid\Desktop\the.grand.tour.s05e01.1080p.web.h264-ggez[eztv.re].txt 2022-12-07 19:49 - 2022-12-07 20:12 - 3143183301 _____ C:\Users\dawid\Desktop\the.grand.tour.s05e01.1080p.web.h264-ggez[eztv.re].mkv 2022-11-23 21:37 - 2022-11-23 21:37 - 000000027 _____ C:\Users\dawid\Desktop\AniaCV - adres Biedronki.txt 2022-11-22 07:55 - 2022-11-22 07:55 - 000002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2022-11-22 07:54 - 2022-11-22 07:54 - 000000000 ____D C:\Program Files\Google 2022-11-19 13:21 - 2022-11-19 13:21 - 000000000 ___HD C:\$WinREAgent 2022-11-11 20:24 - 2022-11-12 00:50 - 000000000 ____D C:\Program Files\RUXIM 2022-11-11 19:45 - 2022-11-11 19:45 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-11-11 19:45 - 2022-11-11 19:45 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll 2022-11-11 19:45 - 2022-11-11 19:45 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-11-11 19:43 - 2022-11-11 19:43 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-11-11 19:29 - 2022-11-11 19:29 - 000239662 _____ C:\Users\dawid\Desktop\Ubezpieczenie Niko.pdf 2022-11-11 19:28 - 2022-11-11 19:28 - 000239662 _____ C:\Users\dawid\Desktop\podglad_09787ca9fffff90a2e23699afadb3754.pdf.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-12-10 00:00 - 2019-12-09 20:47 - 000000000 ____D C:\FRST 2022-12-09 23:53 - 2017-09-02 18:01 - 000000000 ____D C:\Program Files (x86)\Google 2022-12-09 23:43 - 2019-09-25 17:13 - 000001080 _____ C:\Users\dawid\Desktop\KMPlayer.lnk 2022-12-09 23:43 - 2019-09-25 17:12 - 000000000 ____D C:\Program Files (x86)\KMPlayer 2022-12-09 23:20 - 2020-06-09 09:43 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-12-09 23:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-12-09 23:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-12-09 23:17 - 2018-02-20 18:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-12-09 23:17 - 2017-09-02 18:01 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-12-09 23:12 - 2020-11-11 02:25 - 000004222 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{325F6C7F-F7AD-4D92-9358-D6A2E54414F2} 2022-12-09 23:08 - 2017-09-02 15:13 - 000000000 __SHD C:\Users\dawid\IntelGraphicsProfiles 2022-12-08 20:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-12-08 20:29 - 2017-01-12 12:38 - 000000000 ____D C:\ProgramData\NVIDIA 2022-12-08 19:45 - 2020-11-11 01:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-12-07 20:28 - 2017-09-03 17:29 - 000000000 ____D C:\Users\dawid\AppData\Roaming\uTorrent 2022-12-07 20:15 - 2018-11-13 20:14 - 000001036 _____ C:\Users\dawid\Desktop\Seriale.txt 2022-12-07 20:14 - 2017-09-03 18:55 - 000000000 ____D C:\Users\dawid\Desktop\Programy 2022-12-07 20:13 - 2019-06-08 22:50 - 000000000 ____D C:\Users\dawid\AppData\Local\BitTorrentHelper 2022-11-30 00:47 - 2021-12-12 20:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3597902193-37950043-4154797834-1001 2022-11-30 00:47 - 2020-11-11 02:25 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3597902193-37950043-4154797834-1001 2022-11-30 00:47 - 2020-11-11 01:57 - 000002427 _____ C:\Users\dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-11-29 00:22 - 2018-06-15 14:38 - 000000000 ____D C:\Users\dawid\AppData\Local\D3DSCache 2022-11-26 17:58 - 2020-11-11 01:57 - 000000000 ____D C:\Users\dawid 2022-11-26 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-11-26 17:36 - 2020-11-11 02:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-11-26 17:36 - 2020-11-11 01:46 - 000008192 ___SH C:\DumpStack.log.tmp 2022-11-23 21:34 - 2021-03-15 20:04 - 000000000 ____D C:\Users\dawid\Desktop\Ola 2022-11-23 21:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-11-23 13:09 - 2020-10-01 16:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-11-21 17:10 - 2017-09-02 18:01 - 000002342 _____ C:\Users\dawid\Desktop\Google Chrome.lnk 2022-11-21 11:55 - 2020-11-11 02:11 - 001769800 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-11-21 11:55 - 2019-12-07 16:08 - 000785594 _____ C:\WINDOWS\system32\perfh015.dat 2022-11-21 11:55 - 2019-12-07 16:08 - 000152454 _____ C:\WINDOWS\system32\perfc015.dat 2022-11-20 19:02 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-11-20 18:13 - 2022-09-10 06:24 - 000000000 ____D C:\Users\dawid\AppData\Roaming\com.adobe.dunamis 2022-11-20 00:36 - 2020-11-11 02:25 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-11-20 00:35 - 2022-10-15 15:48 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2022-11-20 00:35 - 2022-10-15 15:48 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2022-11-19 13:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-11-11 20:24 - 2018-11-17 18:04 - 000000000 ____D C:\Program Files\rempl 2022-11-11 20:00 - 2020-11-11 01:46 - 000444648 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-11-11 19:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-11-11 19:57 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-11-11 19:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-11-11 19:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-11-11 19:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-11-11 19:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-11-11 19:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-11-11 19:43 - 2020-11-11 01:51 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-11-11 18:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-11-11 16:55 - 2017-09-03 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-11-11 01:40 - 2020-11-11 02:25 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-11-11 01:40 - 2020-11-11 02:25 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-11-11 01:39 - 2017-09-03 12:34 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Pliki w katalogu głównym wybranych folderów ======== 2018-10-30 17:15 - 2019-02-10 21:39 - 000000015 _____ () C:\Users\dawid\AppData\Local\X-Plane_drm_11.prf 2018-10-30 17:12 - 2019-02-10 21:36 - 000000052 _____ () C:\Users\dawid\AppData\Local\x-plane_install_11.txt ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================