Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19-07-2021 01 Uruchomiony przez urbac (administrator) LAPTOP-UMT8FLOM (Acer Swift SF314-56G) (20-07-2021 20:24:31) Uruchomiony z C:\Users\urbac\Desktop Załadowane profile: urbac Platform: Windows 10 Home Wersja 20H2 19042.1052 (X64) Język: Polski (Polska) Domyślna przeglądarka: Edge Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QALockHandler.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAWiFiPowerSwitch.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\User Experience Improvement Program Service\Plugin\AppMonitor\AppMonitorPlugIn.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe (Hewlett-Packard Company -> HP) [Brak podpisu cyfrowego] C:\Windows\System32\HPSIsvc.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\GfxDownloadWrapper.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_a7428663aca90897\igfxext.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a683689904821314\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a683689904821314\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e335ebb186115025\RstMwService.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.2\plugins_nms.exe <4> (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 21.3\avp.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\urbac\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Windows\System32\WUDFHost.exe <3> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <4> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\urbac\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076000 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-3065365231-3356662390-3214524874-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\urbac\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-3065365231-3356662390-3214524874-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\urbac\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-3065365231-3356662390-3214524874-1001\...\RunOnce: [Uninstall 21.119.0613.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\urbac\AppData\Local\Microsoft\OneDrive\21.119.0613.0001" HKLM\...\Windows x64\Print Processors\HPCP1020PP: C:\Windows\System32\spool\prtprocs\x64\HPCP1020PP.DLL [65024 2012-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) HKLM\...\Print\Monitors\HP CP1020 LM: C:\Windows\system32\HPCP1020LM.DLL [129024 2012-11-28] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {03CBAC04-C949-43E5-9DA6-78FFAADBFA3A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2AA0B4F0-B881-4A48-B2D1-BF1D37E86E11} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [17688 2019-11-16] (Acer Incorporated -> ) Task: {2D451900-5529-4A2D-86DE-70C858A75036} - System32\Tasks\Quick Access Wi-Fi Power Switch => C:\Program Files\Acer\Quick Access Service\QAWiFiPowerSwitch.exe [211496 2020-09-10] (Acer Incorporated -> Acer Incorporated) Task: {3A1DB97F-0313-4850-85C0-D55B62E033A4} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated) Task: {42F38825-FDF5-4F83-B21F-04FD8FC86F47} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5067BA30-9617-4966-B6BA-6EBE99C10A44} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [1003888 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {520DD9EE-00A1-4676-84F6-6151C4956262} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {5F976D0E-4AE7-41DC-A842-A3BDD18D3790} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-18] (Google LLC -> Google LLC) Task: {631DBD91-D582-461C-819F-148D0BCA7EC7} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41792 2018-12-12] (Acer Incorporated -> ) Task: {68587670-F630-4F10-8BA2-5EE509B8925C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-18] (Google LLC -> Google LLC) Task: {6D87C4C2-E495-41D6-B624-6A93A7C8138F} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7B5F2F39-DC99-4F07-86C5-9FA91E7D4A1D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [562544 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9C8043CE-3A38-4D66-BF53-4A339394C154} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9EEA74A8-A490-4950-A530-1AB3BBF502CE} - System32\Tasks\e-pity2020_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [37168 2021-03-04] (e-file sp. z o.o. sp. k. -> e-file sp. z o.o. sp. k.) Task: {AE10080D-5715-4B68-AC69-D21CEA8B664A} - System32\Tasks\App Explorer => C:\Users\urbac\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7968424 2020-12-03] (SweetLabs Inc. -> SweetLabs, Inc) <==== UWAGA Task: {AF437292-43BB-48FB-8EBA-2A31B457D1F6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3560304 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B47F82B5-DC85-44FD-B145-D781E903AFFC} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4793152 2018-12-12] (Acer Incorporated -> ) Task: {B6527EF6-BDFB-4826-A6E8-B7778F71B470} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CDA49546-3FA1-47BE-8B60-D54E4DD5716B} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer) Task: {D2EE7F70-746B-422F-B5E1-E632C518D38B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D57A6EF5-0821-4D08-8E63-862981982A14} - System32\Tasks\e-pity2020_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [37168 2021-03-04] (e-file sp. z o.o. sp. k. -> e-file sp. z o.o. sp. k.) Task: {DC126BA9-7305-4090-9DAB-A67F04310D49} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [42808 2010-09-22] (Hewlett-Packard Company -> Hewlett Packard) Task: {DFE5F603-33A5-458D-85BD-42F75164BC4C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2935104 2018-12-12] (Acer Incorporated -> ) Task: {E71DA876-7A84-4662-97BD-1D828EEEBFC0} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268096 2018-12-18] (Acer Incorporated -> Acer Incorporated) Task: {EAC4F877-6E79-4526-8C6E-9CA01CBE2BC1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {EB98E981-8ADB-4F50-B961-7C22108C39CE} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2018-12-18] (Acer Incorporated -> Acer Incorporated) Task: {F30D6B84-0071-454C-8CD8-DF5B026E8AA5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated) Task: {FC3767EA-5307-4D11-BA38-EB21A39737D7} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization => C:\WINDOWS\system32\defrag.exe [210432 2021-04-13] (Microsoft Corp.) [Brak podpisu cyfrowego] Task: {FD6E01E6-BFED-4813-885C-AF3C85ED277D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784 2021-04-13] (Microsoft Corporation) [Brak podpisu cyfrowego] Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{1540adb1-553c-4f7f-bd1f-1379a9d9aa1c}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{531acd04-96c5-4892-8ab7-de58ebb22e16}: [DhcpNameServer] 172.19.128.24 Edge: ======= Edge Extension: (Brak nazwy) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono] Edge Extension: (Brak nazwy) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono] Edge Extension: (Brak nazwy) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono] Edge Extension: (Brak nazwy) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono] Edge DefaultProfile: Default Edge Profile: C:\Users\urbac\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-20] Edge HKU\S-1-5-21-3065365231-3356662390-3214524874-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]