Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 08-05-2022 Uruchomiony przez Klaudia (administrator) LAPTOP-B8074OFB (Acer Nitro AN515-52) (09-05-2022 15:19:44) Uruchomiony z C:\Users\Klaudia\Downloads Załadowane profile: Klaudia Platform: Microsoft Windows 10 Home Wersja 21H1 19043.1645 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\NitroSense Service\PSAdminAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\NitroSense Service\PSAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation -> ) C:\Program Files\PCHealthCheck\PCHealthCheck.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_a245e9200b121ed7\Display.NvContainer\NVDisplay.Container.exe <2> (svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b5d4c82c67b39358\igfxext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe <2> ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-01-30] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2017-10-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705824 2022-02-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-2160839001-561708795-917029223-1001\...\Run: [utweb] => C:\Users\Klaudia\AppData\Roaming\uTorrent Web\utweb.exe [5845536 2021-03-23] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-2160839001-561708795-917029223-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Klaudia\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-05-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2160839001-561708795-917029223-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2160839001-561708795-917029223-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Klaudia\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Brak pliku) HKU\S-1-5-21-2160839001-561708795-917029223-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Klaudia\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Brak pliku) HKU\S-1-5-21-2160839001-561708795-917029223-1001\...\RunOnce: [Uninstall 22.055.0313.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Klaudia\AppData\Local\Microsoft\OneDrive\22.055.0313.0001" (Brak pliku) HKU\S-1-5-21-2160839001-561708795-917029223-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-13] (Adobe Inc. -> Adobe) HKU\S-1-5-21-2160839001-561708795-917029223-1001\...\RunOnce: [Uninstall 22.065.0412.0004] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Klaudia\AppData\Local\Microsoft\OneDrive\22.065.0412.0004" (Brak pliku) HKU\S-1-5-21-2160839001-561708795-917029223-1001\...\MountPoints2: {e8192169-c1fc-11eb-924e-9828a6101ebf} - "E:\autorun.exe" HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series: C:\Windows\system32\CNMLMDF.DLL [485376 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.54\Installer\chrmstp.exe [2022-05-07] (Google LLC -> Google LLC) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {12FFC8FA-08B8-4569-A9F0-3FD4F75681DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-10] (Google Inc -> Google Inc.) Task: {13FC46D5-9666-4CCC-9CB8-8C26619617E3} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-10-31] (Acer Incorporated -> ) Task: {1AD96460-3F6D-4A58-B18F-505A14645777} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {37A19547-EBC0-40C7-AAFC-50CE976F97A1} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {41BF17F5-DD47-4C56-B409-6DF998FC5B08} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {4279DDDC-D341-45A2-BF3B-071551E3C34C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Task: {5BF8BF79-B966-4A08-BE2E-F1B640A23451} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-10] (Google Inc -> Google Inc.) Task: {63EEDAB9-43D2-4BC5-A248-17D841946240} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Task: {6652BB51-62BB-4F45-B6C3-53C731794F19} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [979416 2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Task: {75EADAC3-5D0F-47E5-8AC3-8743DFFE2EB9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {7B06B18C-1547-48E0-BD96-5F43999A3021} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {8687A01B-D2D3-48E3-9946-EFA49BB1AD2F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {8CD2AAF6-2BCD-433A-B01E-B05060A0522D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Task: {8EBA861E-A53E-40CC-A3AC-B234A385B2F5} - System32\Tasks\qAMt => C:\Users\Klaudia\AppData\Local\Temp\WFGr.vbs -> slgCjCQNFP xGOnRYhGAU "C:\Users\Klaudia\AppData\Local\Temp\zdoTSwpi.bat" <==== UWAGA Task: {944E8806-BACF-4F17-9314-B8D7E663FB89} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {964A4A61-1922-472E-A7B7-BF84F2E97956} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2332984 2022-03-09] (AVG Technologies USA, LLC -> AVG Technologies) Task: {A68D9DB2-E2B3-44B7-B943-45312F99A2C3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {ABBB5CBA-9518-4600-847B-2B1D199806FC} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2771104 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {ADD5D815-9109-4BF4-B6E0-30D012B0655E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Task: {AFF4286F-0B87-413E-9EAE-5A145A185DD8} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-09-14] (Acer Incorporated -> TODO: ) Task: {B8FA9C45-7265-4937-8C2A-F7A403E86EF1} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-14] (Acer Incorporated -> Acer Incorporated) Task: {BF079E37-9F71-403D-BC8F-E65F579F87A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Task: {C42D4203-705B-48E8-85BB-183987BBCF7C} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [696640 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {D4B18418-B85E-4973-AF6C-D9A7D128EB09} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-10-31] (Acer Incorporated -> ) Task: {D753F8FD-9F43-4220-A11F-DAF4209C0FBD} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-15] (Acer Incorporated -> ) Task: {DDBF8B32-89DF-4DA4-B944-2A156972DACD} - System32\Tasks\uVet => C:\Users\Klaudia\AppData\Local\Temp\gQXaR.vbs slgCjCQNFP xGOnRYhGAU "{1F3A041D-B6FB-470C-AE55-F26832B0D8CD}" (Brak pliku) <==== UWAGA Task: {E231225A-F23A-457B-A645-FBBFCAA05444} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-10-31] (Acer Incorporated -> ) Task: {E7F73AA3-14F8-4E29-8864-60DB963BA7CE} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {F5175DD6-BF6F-43A1-993D-07DA5F2607F8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-13] (Adobe Inc. -> Adobe) Task: {FDEE35BB-E2E7-4647-9970-23EA5579C1DB} - System32\Tasks\NitroSense => C:\Program Files (x86)\Acer\NitroSense Service\PSLauncher.exe [580400 2018-01-31] (Acer Incorporated -> Acer Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{ce1ff629-21ae-48a5-824f-21d597e9c30a}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Edge: ======= DownloadDir: C:\Users\Klaudia\Downloads Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge Profile: C:\Users\Klaudia\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-09] FireFox: ======== FF DefaultProfile: k32fmh1b.default FF ProfilePath: C:\Users\Klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\ukyniyno.default-release [2022-05-09] FF ProfilePath: C:\Users\Klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\k32fmh1b.default [2022-05-09] FF Notifications: Mozilla\Firefox\Profiles\k32fmh1b.default -> hxxps://vsp2.ratenwilbet.info; hxxps://teams.microsoft.com FF Extension: (Firefox DevTools ADB Extension) - C:\Users\Klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\k32fmh1b.default\Extensions\adb@mozilla.org.xpi [2019-09-02] [UpdateUrl:hxxps://ftp.mozilla.org/pub/labs/devtools/adb-extension/win32/update.json] FF Extension: (uBlock Origin) - C:\Users\Klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\k32fmh1b.default\Extensions\uBlock0@raymondhill.net.xpi [2022-04-08] FF Extension: (Polski Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pl@firefox.mozilla.org [2022-05-03] [Przestarzałe] FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2022-05-03] [Przestarzałe] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default [2022-05-09] CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=190 CHR Extension: (Prezentacje) - C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-10] CHR Extension: (Dokumenty) - C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-10] CHR Extension: (Dysk Google) - C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01] CHR Extension: (YouTube) - C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-10] CHR Extension: (uBlock Origin) - C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-05-03] CHR Extension: (Share on Rabbit) - C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplabnbcafdgpcjmibgkekpaejlfhnkl [2019-03-10] CHR Extension: (Dokumenty Google offline) - C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-22] CHR Extension: (Netflix Party is now Teleparty) - C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2022-05-03] CHR Extension: (Gmail) - C:\Users\Klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [893008 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [314264 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1191152 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [610752 2022-02-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11758536 2022-05-01] (Microsoft Corporation -> Microsoft Corporation) S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2559704 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3477728 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts) S3 PSSvc; C:\Program Files (x86)\Acer\NitroSense Service\PSSvc.exe [716592 2018-01-31] (Acer Incorporated -> Acer Incorporated) S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466592 2022-01-03] (Acer Incorporated -> Acer Incorporated) S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [505504 2022-01-03] (Acer Incorporated -> Acer Incorporated) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-09-14] (Acer Incorporated -> acer) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a245e9200b121ed7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a245e9200b121ed7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [75432 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [188008 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [175104 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-20] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 CLFCL5.19; C:\WINDOWS\system32\DRIVERS\CLFCL5.19\000.fcl [46824 2019-08-05] (CyberLink Corp. -> CyberLink Corp.) S3 MpKsl6bba5dc2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EB66E41E-4BEE-4943-B71F-D29852C7C246}\MpKslDrv.sys [135440 2022-02-11] (Microsoft Windows -> Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [438520 2022-02-11] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-11] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-05-09 15:19 - 2022-05-09 15:20 - 000027259 _____ C:\Users\Klaudia\Downloads\FRST.txt 2022-05-09 15:17 - 2022-05-09 15:20 - 000000000 ____D C:\FRST 2022-05-09 15:17 - 2022-05-09 15:17 - 002366976 _____ (Farbar) C:\Users\Klaudia\Downloads\FRST64.exe 2022-05-09 15:17 - 2022-05-09 15:17 - 000000000 ____D C:\Users\Klaudia\Downloads\FRST-OlderVersion 2022-05-09 15:09 - 2022-05-09 15:11 - 000000000 ____D C:\AdwCleaner 2022-05-09 15:09 - 2022-05-09 15:09 - 008551608 _____ (Malwarebytes) C:\Users\Klaudia\Downloads\AdwCleaner.exe 2022-05-03 20:09 - 2022-05-05 13:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-05-03 18:54 - 2022-05-03 18:54 - 000000000 ____D C:\Users\Klaudia\Documents\My Spore Creations 2022-05-03 18:54 - 2022-05-03 18:54 - 000000000 ____D C:\Users\Klaudia\AppData\Roaming\SPORE 2022-05-03 18:53 - 2022-05-03 18:53 - 000000000 ____D C:\Users\Public\Desktop\Spore Complete Collection 2022-05-03 15:22 - 2022-05-08 22:21 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-04-29 02:40 - 2022-04-29 02:40 - 000000000 ____D C:\Program Files\PCHealthCheck 2022-04-15 15:02 - 2022-04-15 15:02 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-04-15 15:02 - 2022-04-15 15:02 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-04-15 15:02 - 2022-04-15 15:02 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-04-15 15:01 - 2022-04-15 15:01 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-04-15 14:17 - 2022-04-15 14:17 - 000000000 ___HD C:\$WinREAgent ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-05-09 15:18 - 2018-12-26 17:15 - 000000000 ____D C:\Program Files\CCleaner 2022-05-09 15:13 - 2022-02-11 17:28 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-05-09 15:12 - 2018-10-25 18:07 - 000000000 ____D C:\Users\Klaudia\AppData\LocalLow\Mozilla 2022-05-09 15:12 - 2018-05-18 14:00 - 000000000 ____D C:\ProgramData\NVIDIA 2022-05-09 15:11 - 2020-03-16 23:32 - 000000000 ____D C:\Users\Klaudia\AppData\Roaming\discord 2022-05-09 15:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-05-09 15:02 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-05-09 15:00 - 2020-03-13 21:08 - 000002378 _____ C:\Users\Klaudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2022-05-09 14:58 - 2020-03-16 23:32 - 000000000 ____D C:\Users\Klaudia\AppData\Local\Discord 2022-05-09 14:58 - 2019-03-10 23:42 - 000000000 ____D C:\Program Files (x86)\Google 2022-05-09 14:18 - 2020-11-04 15:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-05-09 14:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-05-08 23:49 - 2018-11-16 18:22 - 000000000 ____D C:\Users\Klaudia\AppData\Local\D3DSCache 2022-05-08 22:22 - 2020-11-04 15:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-05-08 22:22 - 2018-05-18 14:27 - 000001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-05-08 00:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-05-08 00:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-05-07 22:54 - 2020-08-16 14:35 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-05-07 22:54 - 2020-08-16 14:35 - 000002290 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-05-07 22:54 - 2019-03-10 23:43 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-05-07 22:54 - 2019-03-10 23:43 - 000002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-05-05 13:53 - 2018-05-18 14:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-05-05 12:06 - 2021-12-12 21:37 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2160839001-561708795-917029223-1001 2022-05-05 12:06 - 2020-11-04 15:40 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2160839001-561708795-917029223-1001 2022-05-05 12:06 - 2020-11-04 15:17 - 000002433 _____ C:\Users\Klaudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-05-03 18:54 - 2019-05-27 23:06 - 000000000 ____D C:\ProgramData\Electronic Arts 2022-05-02 23:13 - 2018-10-23 18:42 - 000000000 ____D C:\Users\Klaudia\AppData\Local\Packages 2022-05-01 23:38 - 2018-11-05 19:15 - 000000000 ____D C:\Users\Klaudia\Desktop\dokumenty 2022-05-01 22:06 - 2019-05-27 18:35 - 000000000 ____D C:\ProgramData\Origin 2022-05-01 21:57 - 2019-03-30 15:27 - 000000000 ____D C:\Program Files\Microsoft Office 2022-04-29 02:41 - 2019-05-27 18:35 - 000000000 ____D C:\Users\Klaudia\AppData\Roaming\Origin 2022-04-29 02:40 - 2021-11-18 19:06 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-04-24 17:19 - 2021-01-27 00:25 - 000000869 _____ C:\Users\Public\Desktop\The Sims 4.lnk 2022-04-24 15:27 - 2019-05-27 18:35 - 000000000 ____D C:\Users\Klaudia\AppData\Local\Origin 2022-04-22 00:42 - 2020-11-04 15:40 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-04-22 00:42 - 2020-11-04 15:40 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-04-22 00:39 - 2020-11-04 15:40 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-04-17 17:43 - 2020-11-04 15:38 - 001769800 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-04-17 17:43 - 2019-12-07 17:08 - 000785594 _____ C:\WINDOWS\system32\perfh015.dat 2022-04-17 17:43 - 2019-12-07 17:08 - 000152454 _____ C:\WINDOWS\system32\perfc015.dat 2022-04-17 17:39 - 2018-10-23 18:42 - 000000000 __SHD C:\Users\Klaudia\IntelGraphicsProfiles 2022-04-17 17:38 - 2020-11-04 15:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-04-17 17:38 - 2020-11-04 15:14 - 000436552 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-04-17 17:38 - 2020-11-04 15:14 - 000008192 ___SH C:\DumpStack.log.tmp 2022-04-17 17:38 - 2019-12-07 11:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2022-04-17 17:37 - 2020-11-04 15:17 - 000000000 ____D C:\Users\Klaudia 2022-04-17 17:37 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-04-17 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-04-17 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-04-17 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-04-17 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-04-17 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-04-17 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-04-17 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-04-17 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-04-17 15:49 - 2020-05-12 18:06 - 000000000 ____D C:\Users\Klaudia\AppData\Local\Ubisoft Game Launcher 2022-04-15 15:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-04-15 14:13 - 2018-10-23 18:49 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-04-15 13:57 - 2018-10-23 18:49 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-04-11 12:58 - 2020-11-30 18:54 - 000003416 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b2af74b07c19 2022-04-11 12:58 - 2020-11-04 15:40 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-03-12 00:42 - 2020-03-12 00:42 - 000893608 _____ (AutoIt Team) C:\Users\Klaudia\AppData\Roaming\dwm.com 2020-03-10 01:29 - 2020-03-10 01:29 - 000189440 _____ () C:\Users\Klaudia\AppData\Roaming\FSojt.com 2020-03-10 01:30 - 2020-03-10 01:30 - 002132480 _____ () C:\Users\Klaudia\AppData\Roaming\Vfhs.com ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================