Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 06-06-2020 Uruchomiony przez oem (administrator) DESKTOP-JH5L9BN (Dell Inc. OptiPlex 3010) (15-06-2020 22:24:03) Uruchomiony z C:\Users\oem\Desktop Załadowane profile: oem Platform: Windows 10 Pro Wersja 1809 17763.316 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Opera Software AS -> Opera Software) C:\Users\oem\AppData\Local\Programs\Opera GX\68.0.3618.142\opera.exe <18> (Opera Software AS -> Opera Software) C:\Users\oem\AppData\Local\Programs\Opera GX\68.0.3618.142\opera_crashreporter.exe (philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [185648 2020-04-04] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [76600 2020-05-06] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) [Brak podpisu cyfrowego] HKU\S-1-5-21-1631062182-3745506741-2849799659-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-05-07] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-1631062182-3745506741-2849799659-1001\...\Run: [ALLUpdate] => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" HKU\S-1-5-21-1631062182-3745506741-2849799659-1001\...\Run: [eM Client] => "C:\Program Files (x86)\eM Client\MailClient.exe" /startup HKU\S-1-5-21-1631062182-3745506741-2849799659-1001\...\Run: [Opera Browser Assistant] => C:\Users\oem\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3004440 2020-06-10] (Opera Software AS -> Opera Software) HKU\S-1-5-21-1631062182-3745506741-2849799659-1001\...\MountPoints2: {1f59cdf0-9038-11ea-a4e8-c81f660052a7} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1631062182-3745506741-2849799659-1001\...\MountPoints2: {32566f32-9c30-11ea-a4f2-c81f660052a7} - "G:\LaunchU3.exe" -a HKU\S-1-5-21-1631062182-3745506741-2849799659-1001\...\MountPoints2: {70b23205-90fc-11ea-a4e9-c81f660052a7} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1631062182-3745506741-2849799659-1001\...\MountPoints2: {e5e20628-d424-11e9-a4ce-c81f660052a7} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1631062182-3745506741-2849799659-1001\...\MountPoints2: {edcfe255-1eb6-11ea-a4de-c81f660052a7} - "G:\HiSuiteDownLoader.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-09] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2019-08-01] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {02E12A0E-4A08-4F12-B2FC-C331E01BE030} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {27E93AEB-9B01-4B8A-8559-7CD37C9C6F0E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {2E801345-457C-44DF-AAFA-C17EFC21C7D7} - System32\Tasks\Opera scheduled Autoupdate 1551347315 => C:\Users\oem\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-05-19] (Opera Software AS -> Opera Software) Task: {33785CEB-8BC0-4C65-8F8B-BA78BEA55ADA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {355302D1-46A2-4AF2-A5E8-21196F89E063} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3841B6F0-29D9-4FFC-8D58-ADE419C37966} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-09] (Adobe Inc. -> Adobe) Task: {4BC72B96-A677-4037-9CB5-4DF0548F5CFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-11] (Google Inc -> Google Inc.) Task: {4CB064FC-C7D9-4B22-B339-A6C92CC6A5D0} - System32\Tasks\Opera scheduled assistant Autoupdate 1582784836 => C:\Users\oem\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-05-19] (Opera Software AS -> Opera Software) Task: {4DCF3B3C-DED0-4210-8C70-5D259905CC0A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5870C6C4-975D-426A-BA62-E9613D0FF7C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe) Task: {69470211-DA76-4E57-81F3-728F2E7F1867} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6BFFB983-FB28-49AC-82BB-533DE897B61E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8165CC47-225B-45E6-8F67-384630815A06} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A76112E8-1BB0-4EB1-B2D9-583071586502} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {AE42E706-3051-4E07-BAAD-6828B092D319} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B2D634F6-5D2D-40F2-A348-A428E6C974A5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B572080C-CCD3-4BA6-97BF-D518AE9B4FD2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BCE6FAF2-D44F-4916-B87D-DF3B1577880A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-11] (Google Inc -> Google Inc.) Task: {C92958B5-D6B5-4816-97C0-29DA26EDC36C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D031659C-1EA2-4CC9-ACDA-6F3C18C9A6C9} - System32\Tasks\Opera GX scheduled Autoupdate 1575904470 => C:\Users\oem\AppData\Local\Programs\Opera GX\launcher.exe [1459224 2020-05-27] (Opera Software AS -> Opera Software) Task: {D21F3F05-697B-449F-B82A-2BE8E318D36F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DCB2D210-9E6E-4BE2-998C-6BBA261B07B2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F9CD0DA7-9ED9-44AD-9A14-5FB58FD083C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 91.239.113.3 46.45.78.2 Tcpip\..\Interfaces\{31358c7a-e77d-4b6a-b981-03c482ea85db}: [DhcpNameServer] 91.239.113.3 46.45.78.2 Internet Explorer: ================== HKU\S-1-5-21-1631062182-3745506741-2849799659-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190 BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== DownloadDir: E:\Moje\apobrane Edge Notifications: HKU\S-1-5-21-1631062182-3745506741-2849799659-1001 -> hxxps://www.facebook.com FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2020-05-14] CHR DownloadDir: E:\Moje\apobrane CHR Extension: (Prezentacje) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-11] CHR Extension: (Dokumenty) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-11] CHR Extension: (Dysk Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-11] CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-11] CHR Extension: (Arkusze) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-11] CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-11] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-09] CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-26] CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-11] Opera: ======= OPR DownloadDir: E:\Moje\apobrane OPR Notifications: hxxps://forum.dobreprogramy.pl; hxxps://multikino.pl; hxxps://www.facebook.com OPR Session Restore: -> [funkcja włączona] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3025872 2019-11-29] (philandro Software GmbH -> ) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. -> ) [Brak podpisu cyfrowego] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [874472 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13084688 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [154336 2020-04-04] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188872 2020-03-18] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [115960 2020-03-18] (ESET, spol. s r.o. -> ESET) S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5ef913e2bcf39373\nvlddmkm.sys [23287696 2020-03-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation) S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X] S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-06-15 18:43 - 2020-06-15 18:43 - 000055415 _____ C:\Users\oem\AppData\Local\recently-used.xbel 2020-06-15 16:44 - 2020-06-15 22:24 - 000020918 _____ C:\Users\oem\Desktop\FRST.txt 2020-06-15 16:44 - 2020-06-15 22:24 - 000000000 ____D C:\FRST 2020-06-15 16:42 - 2020-06-15 16:40 - 002289152 _____ (Farbar) C:\Users\oem\Desktop\FRST64 (1).exe 2020-06-14 21:11 - 2020-06-14 21:17 - 000000000 ____D C:\Windows\SmartFix 2020-06-14 21:11 - 2020-06-14 21:11 - 000000000 ___DL C:\Windows\AntiSMS 2020-06-14 21:11 - 2020-06-14 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartFix 2020-06-14 21:09 - 2020-06-14 19:46 - 054636536 _____ (simplix) C:\Users\oem\Desktop\SmartFix.exe 2020-06-06 21:47 - 2020-06-06 21:47 - 000000000 ____D C:\Users\oem\AppData\Local\Viber 2020-06-06 17:15 - 2020-06-07 07:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2020-06-02 18:33 - 2020-06-02 18:33 - 008402608 _____ (Malwarebytes) C:\Users\oem\Desktop\adwcleaner_8.0.5.exe 2020-05-30 10:51 - 2020-06-09 16:35 - 000004654 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-05-30 10:51 - 2020-06-09 16:35 - 000004480 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2020-05-27 19:01 - 2020-05-27 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2020-05-17 19:21 - 2020-06-06 21:01 - 000000000 ____D C:\Users\oem\AppData\Local\WhatsApp ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-06-15 22:19 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-06-15 22:11 - 2019-11-04 18:17 - 000000000 ____D C:\Users\oem\AppData\LocalLow\Mozilla 2020-06-15 21:53 - 2019-02-28 22:22 - 000000000 ____D C:\Users\oem\AppData\Local\CrashDumps 2020-06-15 21:34 - 2019-02-11 14:12 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-06-15 19:00 - 2019-11-21 18:11 - 000000000 ____D C:\Users\oem\AppData\Local\babl-0.1 2020-06-15 18:19 - 2019-03-03 16:04 - 000000000 ____D C:\Users\oem\AppData\Local\gtk-2.0 2020-06-15 12:25 - 2019-02-11 15:23 - 000000000 ____D C:\ProgramData\NVIDIA 2020-06-15 08:05 - 2019-02-11 14:13 - 002052646 _____ C:\Windows\system32\PerfStringBackup.INI 2020-06-15 08:05 - 2018-09-15 18:43 - 000889024 _____ C:\Windows\system32\perfh015.dat 2020-06-15 08:05 - 2018-09-15 18:43 - 000198760 _____ C:\Windows\system32\perfc015.dat 2020-06-15 08:05 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF 2020-06-15 08:04 - 2020-02-28 08:36 - 000000000 ____D C:\Users\oem\opera autoupdate 2020-06-15 08:04 - 2019-12-10 07:47 - 000000000 ____D C:\Users\oem\Downloads\opera autoupdate 2020-06-15 07:59 - 2019-03-01 09:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-06-15 07:59 - 2019-02-11 14:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-06-15 07:58 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI 2020-06-15 07:05 - 2019-09-24 07:07 - 000000000 ____D C:\Users\oem\AppData\Roaming\WhatsApp 2020-06-14 21:17 - 2019-04-10 17:49 - 000000000 __SHD C:\AdwCleaner 2020-06-14 20:43 - 2019-02-11 14:22 - 000000000 ___RD C:\Users\oem\OneDrive 2020-06-14 20:42 - 2019-02-11 14:19 - 000002411 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-06-14 18:50 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps 2020-06-14 18:50 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness 2020-06-12 16:23 - 2019-02-28 16:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-06-11 15:43 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp 2020-06-10 15:07 - 2020-02-27 08:27 - 000004440 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582784836 2020-06-09 16:35 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-06-09 16:35 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\Macromed 2020-06-09 07:33 - 2019-02-11 14:37 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-06-09 07:33 - 2019-02-11 14:37 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-06-07 07:05 - 2020-05-13 16:37 - 000001288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2020-06-06 21:53 - 2019-02-28 11:10 - 000000000 ____D C:\Users\oem\AppData\Roaming\ViberPC 2020-06-04 13:00 - 2019-02-11 14:22 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1631062182-3745506741-2849799659-1001 2020-06-04 13:00 - 2019-02-11 14:20 - 000000000 ____D C:\Users\oem\AppData\Local\Packages 2020-05-30 10:51 - 2019-02-11 14:39 - 000000000 ____D C:\Users\oem\AppData\Local\Adobe 2020-05-27 16:25 - 2019-12-09 17:14 - 000004244 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1575904470 2020-05-27 16:25 - 2019-12-09 17:14 - 000001432 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera GX.lnk 2020-05-22 14:31 - 2019-02-28 11:48 - 000004232 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1551347315 2020-05-22 14:31 - 2019-02-28 11:48 - 000001403 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2020-05-17 19:21 - 2020-04-03 10:20 - 000002197 _____ C:\Users\oem\Desktop\WhatsApp.lnk 2020-05-17 19:21 - 2019-09-24 07:07 - 000000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2020-05-17 19:21 - 2019-09-24 07:07 - 000000000 ____D C:\Users\oem\AppData\Local\SquirrelTemp 2020-05-17 17:41 - 2019-02-28 19:02 - 000000000 ____D C:\Users\oem\AppData\Roaming\vlc ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-02-28 11:03 - 2019-02-28 11:03 - 000000268 ___RH () C:\Users\oem\AppData\Roaming\Folder Actions 2019-02-28 11:03 - 2019-02-28 11:03 - 000000268 ___RH () C:\Users\oem\AppData\Roaming\Font Book 2020-06-15 18:43 - 2020-06-15 18:43 - 000055415 _____ () C:\Users\oem\AppData\Local\recently-used.xbel 2019-09-15 19:04 - 2019-09-15 19:04 - 000000017 _____ () C:\Users\oem\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================