Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 11-01-2023 Uruchomiony przez Frezarka2 (administrator) HAAS-ANDRZEJ (Micro-Star International Co., Ltd. MS-7C08) (16-01-2023 10:11:16) Uruchomiony z C:\Users\Frezarka2\Desktop\FRST-OlderVersion Załadowane profile: Frezarka2 Platform: Microsoft Windows 10 Pro Wersja 21H2 19044.2486 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe (C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain.exe (C:\Program Files\RealVNC\VNC Server\vncserver.exe ->) (RealVNC Ltd -> RealVNC) C:\Program Files\RealVNC\VNC Server\vncagent.exe (C:\Program Files\RealVNC\VNC Server\vncserver.exe ->) (RealVNC Ltd -> RealVNC) C:\Program Files\RealVNC\VNC Server\vncserverui.exe (C:\Program Files\Siemens\PLMLicenseServer\lmgrd.exe ->) (Siemens PLM Software Inc.) [Brak podpisu cyfrowego] C:\Program Files\Siemens\PLMLicenseServer\ugslmd.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11> (explorer.exe ->) (RealVNC Ltd -> RealVNC) C:\Program Files\RealVNC\VNC Viewer\vncviewer.exe (explorer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Mozilla Corporation -> Mozilla Corporation) C:\Users\Frezarka2\AppData\Local\Mozilla Firefox\firefox.exe <15> (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe <2> (RCS LT, UAB -> RCS LT) C:\Program Files (x86)\Combo Cleaner\ComboCleaner.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Siemens\PLMLicenseServer\lmgrd.exe <2> (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_240d4b51487ab62a\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_240d4b51487ab62a\NVWMI\nvWmi64.exe <2> (services.exe ->) (RCS LT, UAB -> RCS LT) C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe (services.exe ->) (RCS LT, UAB -> RCS LT) C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe <2> (services.exe ->) (RealVNC Ltd -> RealVNC) C:\Program Files\RealVNC\VNC Server\vncserver.exe (services.exe ->) (SafeNet Canada, Inc. -> SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (services.exe ->) (SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (services.exe ->) (SafeNet, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194488 2022-11-10] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA HKLM\...\Print\Monitors\MONVNC: C:\WINDOWS\system32\VNCpm.dll [37704 2022-02-23] (RealVNC Ltd -> RealVNC Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\109.1.47.171\Installer\chrmstp.exe [2023-01-13] (Brave Software, Inc. -> Brave Software, Inc.) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {5A86C4E7-4C9D-462A-888E-D84BCDDAAD0E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-11] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {5CA50CCB-CEB2-4129-B9EC-FD5527512A8F} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1554120 2022-05-24] (Nvidia Corporation -> NVIDIA Corporation) Task: {5CFF16AB-101C-4C27-9556-0E932488F452} - System32\Tasks\CCleanerCrashReporting => D:\! HAAS Andrzej\ccclener\x64\CCleanerBugReport.exe -> --product 90 --send dumps|report --path "D:\! HAAS Andrzej\ccclener\LOG" --programpath "D:\! HAAS Andrzej\ccclener" --configpath "D:\! HAAS Andrzej\ccclener\Setup" --guid "990d76e1-3887-4aad-85a5-7d6479933bb8" --version "6.07.10191" --silent Task: {C19AFE30-0FF1-4782-A147-167FCC18DF3F} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {C6D964FD-11B1-4B09-BFDF-0970B4AFDFB3} - System32\Tasks\EPSON Perfection V19 Update => C:\Program Files (x86)\epson\escndv\update\e_dtsksd.exe [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {DCA05720-9833-4242-AAB7-9E5388C980CD} - System32\Tasks\CCleanerSkipUAC - Frezarka2 => D:\! HAAS Andrzej\ccclener\CCleaner.exe $(Arg0) (Brak pliku) Task: {E07754E6-A024-46BF-BCC3-DB6987A47D86} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-11] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {F9162B7D-5234-44DF-9377-6B73ECCA47D0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 3011691EB6091E1C => C:\Users\Frezarka2\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task "3011691EB6091E1C" (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => D:\! HAAS Andrzej\ccclener\x64\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\EPSON Perfection V19 Update.job => C:\Program Files (x86)\epson\escndv\update\e_dtsksd.exe7/EXE_S:EPSON Perfection V19,ES010C.DAT /F:UpdateHAAS-ANDRZEJ\Frezarka2ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 89.206.32.32 193.110.228.2 Tcpip\..\Interfaces\{bc0dfae7-5961-4532-8784-a42af6c3ea8f}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{c1577503-bbea-4279-993a-f9f7316b8d09}: [DhcpNameServer] 89.206.32.32 193.110.228.2 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\Frezarka2\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-16] FireFox: ======== FF DefaultProfile: 711xh05d.default FF ProfilePath: C:\Users\Frezarka2\AppData\Roaming\Mozilla\Firefox\Profiles\711xh05d.default [2020-02-11] FF ProfilePath: C:\Users\Frezarka2\AppData\Roaming\Mozilla\Firefox\Profiles\ef427klv.default-release [2023-01-16] FF Homepage: Mozilla\Firefox\Profiles\ef427klv.default-release -> hxxps://www.google.pl/?gws_rd=ssl FF Plugin-x32: @itstructures.com/ffactivex -> C:\Program Files\Firefox ActiveX Plugin\npffax.dll [2011-12-28] () [Brak podpisu cyfrowego] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Brave: ======= BRA Profile: C:\Users\Frezarka2\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-01-13] BRA StartupUrls: Default -> "hxxp://google.pl/" BRA Extension: (Brave Local Data Files Updater) - C:\Users\Frezarka2\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-09-08] BRA Extension: (Brave NTP background images) - C:\Users\Frezarka2\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-06-21] BRA Extension: (Wallet Data Files Updater) - C:\Users\Frezarka2\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-06-21] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Frezarka2\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-09-08] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Frezarka2\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-04-14] BRA Extension: (Brave NTP sponsored images) - C:\Users\Frezarka2\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodhafecfemgejckecbnmpobnhmoaoag [2022-09-08] BRA Extension: (Brave SpeedReader Updater) - C:\Users\Frezarka2\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-09-08] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Frezarka2\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-09-08] StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-11] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-11] (Brave Software, Inc. -> BraveSoftware Inc.) R3 ComboCleaner.Guard; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe [143488 2021-11-05] (RCS LT, UAB -> RCS LT) R3 ComboCleaner.WinService; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe [151168 2021-11-05] (RCS LT, UAB -> RCS LT) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549656 2022-11-10] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549656 2022-11-10] (ESET, spol. s r.o. -> ESET) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (SEIKO EPSON Corporation -> Seiko Epson Corporation) R2 NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_240d4b51487ab62a\NVWMI\nvWmi64.exe [4485184 2022-05-24] (Nvidia Corporation -> NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [405136 2016-12-16] (SafeNet Canada, Inc. -> SafeNet, Inc.) R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1261200 2016-12-14] (SafeNet Canada, Inc. -> SafeNet, Inc) R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc.) R2 Siemens PLM License Server; C:\Program Files\Siemens\PLMLicenseServer\lmgrd.exe [1135952 2019-10-11] (Flexera Software LLC -> Flexera) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15162168 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [7507208 2022-02-23] (RealVNC Ltd -> RealVNC) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 BraveElevationService; "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\109.1.47.171\elevation_service.exe" [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_240d4b51487ab62a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_240d4b51487ab62a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198400 2022-11-10] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [119896 2022-11-10] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-11-09] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [237672 2022-11-10] (ESET, spol. s r.o. -> ESET) S2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55400 2022-11-10] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81696 2022-11-10] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [122504 2022-11-10] (ESET, spol. s r.o. -> ESET) R3 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC) S3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [70624 2017-08-16] (SafeNet Canada, Inc. -> SafeNet, Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation) S3 MpKsl45f0df8e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FFE488A6-EB1B-4E5F-8804-CD389575239E}\MpKslDrv.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-01-16 10:10 - 2023-01-16 10:11 - 000000000 ____D C:\Users\Frezarka2\Desktop\FRST-OlderVersion 2023-01-16 10:10 - 2023-01-16 10:11 - 000000000 ____D C:\FRST 2023-01-16 09:48 - 2023-01-16 10:10 - 002376704 _____ (Farbar) C:\Users\Frezarka2\Desktop\FRST64.exe 2023-01-16 08:21 - 2023-01-16 08:21 - 000002016 _____ C:\Users\Public\Desktop\Ochrona bankowości internetowej ESET.lnk 2023-01-16 08:19 - 2023-01-16 08:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2023-01-16 08:19 - 2023-01-16 08:19 - 000000000 ____D C:\ProgramData\ESET 2023-01-16 08:19 - 2023-01-16 08:19 - 000000000 ____D C:\Program Files\ESET 2023-01-16 08:12 - 2023-01-16 08:12 - 008971520 _____ (ESET) C:\Users\Frezarka2\Downloads\eset_smart_security_premium_live_installer.exe 2023-01-13 22:17 - 2023-01-13 22:18 - 000000000 ____D C:\ProgramData\RogueKiller 2023-01-13 22:02 - 2023-01-16 05:51 - 000000776 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-01-13 22:02 - 2023-01-13 22:02 - 000003488 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-01-13 22:02 - 2023-01-13 22:02 - 000002916 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Frezarka2 2023-01-13 11:33 - 2023-01-13 11:33 - 000000000 ____D C:\Users\Frezarka2\Desktop\2021 2023-01-13 11:29 - 2022-02-18 06:44 - 1178958067 _____ C:\Users\Frezarka2\Desktop\2021.zip 2023-01-13 09:50 - 2023-01-13 09:52 - 000000000 ____D C:\Program Files (x86)\Combo Cleaner 2023-01-13 09:50 - 2023-01-13 09:50 - 000001959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Combo Cleaner.lnk 2023-01-13 09:50 - 2023-01-13 09:50 - 000000000 ____D C:\Users\Frezarka2\AppData\Local\RCS_LT 2023-01-13 09:48 - 2023-01-13 09:48 - 003594016 _____ (RCS LT) C:\Users\Frezarka2\Desktop\CCSetup(2).exe 2023-01-13 09:33 - 2023-01-13 09:33 - 025930816 _____ (TeamViewer) C:\Users\Frezarka2\Desktop\TeamViewerQS.exe 2023-01-12 07:47 - 2023-01-12 07:47 - 000006583 _____ C:\Users\Frezarka2\AppData\Local\recently-used.xbel 2023-01-12 06:46 - 2023-01-12 06:46 - 000310924 _____ C:\Users\Frezarka2\Desktop\8087.dxf 2023-01-12 06:45 - 2023-01-12 06:45 - 000053286 _____ C:\Users\Frezarka2\Desktop\8087.CDR 2023-01-10 21:13 - 2023-01-10 21:13 - 000000000 ___HD C:\$WinREAgent 2023-01-10 06:13 - 2023-01-10 06:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2023-01-09 06:53 - 2023-01-16 06:31 - 000000000 ____D C:\Users\Frezarka2\AppData\Local\Mozilla Firefox 2023-01-05 12:47 - 2023-01-05 12:47 - 000008759 _____ C:\Users\Frezarka2\Desktop\BLISTER.dxf 2023-01-03 12:59 - 2023-01-03 13:05 - 000196608 _____ C:\Users\Frezarka2\Desktop\Część9.par 2023-01-03 12:59 - 2023-01-03 12:59 - 000009738 _____ C:\Users\Frezarka2\Desktop\222.dxf 2023-01-03 12:58 - 2023-01-03 12:58 - 000032334 _____ C:\Users\Frezarka2\Desktop\222.CDR 2023-01-03 12:48 - 2023-01-03 12:56 - 000239616 _____ C:\Users\Frezarka2\Desktop\Część6.par 2023-01-03 12:47 - 2023-01-03 12:47 - 000017320 _____ C:\Users\Frezarka2\Desktop\111.dxf 2023-01-03 12:45 - 2023-01-03 12:45 - 000033664 _____ C:\Users\Frezarka2\Desktop\Kopia_zapasowa_111.CDR 2023-01-03 12:35 - 2023-01-03 12:46 - 000032886 _____ C:\Users\Frezarka2\Desktop\111.CDR 2022-12-28 06:23 - 2022-12-28 06:23 - 000097840 _____ C:\Users\Frezarka2\Desktop\esds.dxf 2022-12-28 06:22 - 2022-12-28 06:22 - 000039004 _____ C:\Users\Frezarka2\Desktop\esds.CDR 2022-12-27 09:07 - 2022-12-27 09:07 - 000000085 _____ C:\Users\Frezarka2\Desktop\pistolet bosch.txt 2022-12-23 07:25 - 2022-12-23 07:25 - 005754697 _____ C:\Users\Frezarka2\Desktop\tray up stozki.par - [SKETCH1.nc 2022-12-20 12:41 - 2022-12-20 12:41 - 000016258 _____ C:\Users\Frezarka2\Desktop\desia.CDR 2022-12-20 12:32 - 2022-12-20 12:32 - 000006400 _____ C:\Users\Frezarka2\Desktop\kisek2.CMX 2022-12-20 12:29 - 2022-12-20 12:29 - 000510256 _____ C:\Users\Frezarka2\Desktop\kisek.CMX 2022-12-20 12:27 - 2022-12-20 12:27 - 000006400 _____ C:\Users\Frezarka2\Desktop\sss.CMX 2022-12-20 12:26 - 2022-12-20 12:27 - 000006400 _____ C:\Users\Frezarka2\Desktop\1.CMX 2022-12-20 08:53 - 2022-12-20 08:53 - 014026512 _____ C:\Users\Frezarka2\Desktop\coverwyk.nc 2022-12-20 06:41 - 2022-12-20 13:37 - 007337596 _____ C:\Users\Frezarka2\Desktop\cover1.nc 2022-12-19 13:35 - 2022-12-19 13:35 - 000000112 ___SH C:\bootTel.dat 2022-12-19 13:35 - 2022-12-19 13:35 - 000000000 __SHD C:\found.000 ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2023-01-16 10:09 - 2021-02-01 15:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-01-16 10:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-01-16 08:19 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-01-16 08:19 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-01-16 08:07 - 2020-04-03 05:37 - 000000000 ____D C:\Users\Frezarka2\AppData\Local\RealVNC 2023-01-16 06:32 - 2022-02-14 10:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-01-16 06:31 - 2020-02-11 06:07 - 000000000 ____D C:\Users\Frezarka2\AppData\LocalLow\Mozilla 2023-01-16 05:58 - 2021-02-01 15:49 - 001767984 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-01-16 05:58 - 2019-12-07 16:09 - 000784340 _____ C:\WINDOWS\system32\perfh015.dat 2023-01-16 05:58 - 2019-12-07 16:09 - 000152236 _____ C:\WINDOWS\system32\perfc015.dat 2023-01-16 05:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-01-16 05:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-01-16 05:55 - 2020-06-10 05:23 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-01-16 05:55 - 2020-06-10 05:23 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-01-16 05:52 - 2021-02-11 11:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2023-01-16 05:52 - 2021-02-01 15:43 - 000000000 ____D C:\Users\Frezarka2 2023-01-16 05:51 - 2022-03-18 11:03 - 000000000 ____D C:\ProgramData\RealVNC-Service 2023-01-16 05:51 - 2021-02-01 15:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-01-16 05:51 - 2021-02-01 15:42 - 000008192 ___SH C:\DumpStack.log.tmp 2023-01-16 05:51 - 2020-02-17 06:07 - 000000000 ____D C:\ProgramData\NVIDIA 2023-01-13 22:04 - 2021-01-26 20:33 - 000000000 ___DC C:\WINDOWS\Panther 2023-01-13 22:04 - 2020-02-18 09:54 - 000000000 ____D C:\Users\Frezarka2\AppData\Local\CrashDumps 2023-01-13 09:50 - 2022-11-28 20:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2023-01-13 09:34 - 2021-02-11 11:18 - 000000000 ____D C:\Users\Frezarka2\AppData\Local\TeamViewer 2023-01-13 03:00 - 2020-02-11 06:52 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2023-01-12 23:44 - 2021-02-01 15:42 - 001327368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-01-12 23:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-01-12 23:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-01-12 23:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-01-12 23:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-01-12 23:44 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-01-12 06:45 - 2020-05-22 05:11 - 000000000 ____D C:\Users\Frezarka2\.dbus-keyrings 2023-01-11 19:34 - 2021-12-13 06:59 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-717052217-809890025-1269532247-1001 2023-01-11 19:34 - 2021-02-01 15:47 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-717052217-809890025-1269532247-1001 2023-01-11 19:34 - 2021-02-01 15:43 - 000002477 _____ C:\Users\Frezarka2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-01-10 21:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-01-10 21:16 - 2021-02-01 15:43 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-01-10 21:13 - 2020-02-11 09:56 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-01-10 21:11 - 2020-02-11 09:56 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-01-10 06:13 - 2020-02-11 06:07 - 000001285 _____ C:\Users\Frezarka2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-01-09 08:49 - 2022-11-28 16:54 - 000000000 ____D C:\AXP_IP_CAMERA 2023-01-09 06:19 - 2021-02-01 15:47 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-01-09 06:19 - 2021-02-01 15:47 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-12-19 10:47 - 2021-10-13 08:25 - 000000000 ____D C:\Users\Frezarka2\AppData\Local\ElevatedDiagnostics 2022-12-19 05:54 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-12-19 05:54 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System ==================== Pliki w katalogu głównym wybranych folderów ======== 2022-11-24 06:33 - 2022-11-24 06:50 - 000000444 _____ () C:\Users\Frezarka2\AppData\Roaming\CSharpAnalytics-MeasurementSession-Camlytics 2022-11-24 06:33 - 2022-11-24 06:50 - 000000444 _____ () C:\Users\Frezarka2\AppData\Roaming\CSharpAnalytics-MeasurementSession-Camlytics.Watchdog 2023-01-12 07:47 - 2023-01-12 07:47 - 000006583 _____ () C:\Users\Frezarka2\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================