Cześć. Bardzo proszę o sprawdzenie logów oraz o wskazanie aplikacji do usunięcia. Z góry dziękuję.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 31-07-2021
Uruchomiony przez Krzysztof (administrator) DESKTOP-3D161SR (Micro-Star International Co., Ltd. MS-7B79) (01-08-2021 08:07:15)
Uruchomiony z C:\Users\Krzysztof\Downloads\Programs
Załadowane profile: Krzysztof
Platform: Windows 10 Pro Wersja 21H1 19043.1151 (X64) Język: Polski (Polska)
Domyślna przeglądarka: FF
Tryb startu: Normal
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Adobe Inc. - & gt; Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(A-Volute SAS - & gt; A-Volute) C:\Windows\System32\NhNotifSys.exe
(A-Volute SAS - & gt; Nahimic) C:\Windows\System32\NahimicService.exe
(CHENGDU YIWO Tech Development Co., Ltd. - & gt; ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. - & gt; CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Code Sector - & gt; ) C:\Program Files\TeraCopy\TeraCopyService.exe
(Janos Mathe - & gt; H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Kilonova LLC - & gt; Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(LC Technology International, Inc - & gt; Corsair) C:\Program Files (x86)\Corsair SSD Toolbox\CSSDTService.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe & lt; 5 & gt;
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(MiniTool Software Limited - & gt; ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe & lt; 2 & gt;
(Oracle America, Inc. - & gt; Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH - & gt; AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Tonec Inc. - & gt; Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc. - & gt; Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Wilk Elektronik S.A. - & gt; Wilk Elektronik S.A.) C:\Program Files (x86)\GOODRAM\OPTIMUM SSD Tool\OST_service.exe
==================== Rejestr (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [MTPW] = & gt; C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited - & gt; )
HKLM-x32\...\Run: [Lightshot] = & gt; C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC - & gt; )
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. - & gt; Oracle Corporation)
HKU\S-1-5-21-3106871799-3620040056-3846488222-1001\...\Run: [IDMan] = & gt; C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5708192 2021-07-17] (Tonec Inc. - & gt; Tonec Inc.)
HKU\S-1-5-21-3106871799-3620040056-3846488222-1001\...\Run: [ChomikBox] = & gt; C:\Program Files (x86)\ChomikBox\chomikbox.exe [3941376 2021-06-13] () [Brak podpisu cyfrowego]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-06-12]
ShortcutTarget: AnyDesk.lnk - & gt; C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH - & gt; AnyDesk Software GmbH)
==================== Zaplanowane zadania (filtrowane) ============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {0504AEC4-E0A6-42D6-8DCB-004C83935428} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration = & gt; C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-21] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {06B01FFA-527E-4B6D-8D23-BBF3EF1CDBAF} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. - & gt; Adobe Inc.)
Task: {2A127575-0713-4DD6-894B-E468433296E8} - System32\Tasks\MiniToolPartitionWizard = & gt; C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited - & gt; )
Task: {2D1E0369-4C64-46F6-99C8-9B68BC942145} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 = & gt; C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-21] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {2FD6E299-D6D7-4EEA-BCED-2549AE8717CF} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Krzysztof = & gt; C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5968264 2021-01-14] (Janos Mathe - & gt; H.D.S. Hungary)
Task: {30DF0681-6481-4B7F-8C84-800C30FCF526} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {357E725E-84EE-4FC8-810E-FC8470504CB0} - System32\Tasks\WiseCleaner\WDCSkipUAC = & gt; C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [11982128 2021-07-30] (Lespeed Technology Co., Ltd - & gt; WiseCleaner.com)
Task: {390C61DF-D483-4BC2-A516-ADF37B2DA79B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {3935C1C8-C063-4A03-AFA1-A645F097B545} - System32\Tasks\update-sys = & gt; C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot - & gt; TODO: & lt; Company name & gt; )
Task: {4926752B-FB53-4808-989D-F471413573E4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {592C98EF-FC66-422C-911B-877647C8EDAC} - System32\Tasks\update-S-1-5-21-3106871799-3620040056-3846488222-1001 = & gt; C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot - & gt; TODO: & lt; Company name & gt; )
Task: {786D63FB-71AC-47C5-B13C-C1C4099E7AFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {7E756CF3-B40B-4040-85D2-8FC087C6D78A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon = & gt; C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-21] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {93A0EED8-B996-45C9-A802-D81DEEFFAEBD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {9E2A7F16-D1B0-40ED-867C-033151D6A887} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB = & gt; C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation - & gt; Mozilla Foundation)
Task: {ADD3B145-A86A-461C-A940-7529E092723A} - System32\Tasks\klcp_update = & gt; C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-05-20] () [Brak podpisu cyfrowego]
Task: {B366140B-8E1B-4648-AF12-BEAB7A6BB807} - System32\Tasks\SamsungMagician = & gt; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3059280 2021-03-06] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
Task: {C9F7E08B-26F5-47EC-8FF6-A63C605C3EEF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 = & gt; C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-21] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {DE5C21D7-1285-4A41-9DBE-A6B94A1A0CD6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation - & gt; Microsoft Corporation)
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
Task: C:\Windows\Tasks\update-S-1-5-21-3106871799-3620040056-3846488222-1001.job = & gt; C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job = & gt; C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c89238cf-9b9e-4a93-8645-7ccda6eb2991}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Krzysztof\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-01]
Edge HomePage: Default - & gt; hxxp://www.google.pl/
Edge StartupUrls: Default - & gt; " hxxp://www.google.pl/ "
Edge Extension: (Outlook) - C:\Users\Krzysztof\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-06-08]
Edge Extension: (Word) - C:\Users\Krzysztof\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-06-08]
Edge Extension: (Excel) - C:\Users\Krzysztof\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-06-08]
Edge Extension: (IDM Integration Module) - C:\Users\Krzysztof\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-06-08]
Edge Extension: (PowerPoint) - C:\Users\Krzysztof\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-06-08]
Edge HKU\S-1-5-21-3106871799-3620040056-3846488222-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2021-07-17]
FireFox:
========
FF DefaultProfile: yld1t5s9.default
FF ProfilePath: C:\Users\Krzysztof\AppData\Roaming\Mozilla\Firefox\Profiles\yld1t5s9.default [2021-07-27]
FF ProfilePath: C:\Users\Krzysztof\AppData\Roaming\Mozilla\Firefox\Profiles\vyne8btl.default-release [2021-08-01]
FF Homepage: Mozilla\Firefox\Profiles\vyne8btl.default-release - & gt; www.google.pl
FF NewTabOverride: Mozilla\Firefox\Profiles\vyne8btl.default-release - & gt; Enabled: newtaboverride@agenedia.com
FF NewTabOverride: Mozilla\Firefox\Profiles\vyne8btl.default-release - & gt; Enabled: uBlock0@raymondhill.net
FF Extension: (IDM Integration Module) - C:\Users\Krzysztof\AppData\Roaming\Mozilla\Firefox\Profiles\vyne8btl.default-release\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2021-07-27]
FF Extension: (New Tab Override) - C:\Users\Krzysztof\AppData\Roaming\Mozilla\Firefox\Profiles\vyne8btl.default-release\Extensions\newtaboverride@agenedia.com.xpi [2021-07-27]
FF Extension: (uBlock Origin) - C:\Users\Krzysztof\AppData\Roaming\Mozilla\Firefox\Profiles\vyne8btl.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-07-31]
FF Extension: (Minimalist Dark and Green Tabs) - C:\Users\Krzysztof\AppData\Roaming\Mozilla\Firefox\Profiles\vyne8btl.default-release\Extensions\{025e0b2c-c19a-4200-af49-0261a285ecfe}.xpi [2021-07-27]
FF Extension: (Ergodark) - C:\Users\Krzysztof\AppData\Roaming\Mozilla\Firefox\Profiles\vyne8btl.default-release\Extensions\{e61dd5ee-2a3f-41b0-8d99-22cf01552569}.xpi [2021-07-27]
FF HKU\S-1-5-21-3106871799-3620040056-3846488222-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Krzysztof\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Krzysztof\AppData\Roaming\IDM\idmmzcc5 [2021-06-08] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKU\S-1-5-21-3106871799-3620040056-3846488222-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Przestarzałe]
FF Plugin: @java.com/DTPlugin,version=11.301.2 - & gt; C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-20] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 - & gt; C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-20] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-19] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN - & gt; VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-19] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-19] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. - & gt; Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-07-17]
CHR HKU\S-1-5-21-3106871799-3620040056-3846488222-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-07-17]
==================== Usługi (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. - & gt; Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3763944 2021-06-12] (philandro Software GmbH - & gt; AnyDesk Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482696 2021-07-05] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 CorsairSSDToolBox; C:\Program Files (x86)\Corsair SSD Toolbox\CSSDTService.exe [2798632 2019-06-07] (LC Technology International, Inc - & gt; Corsair)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [43656 2021-02-20] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; CHENGDU YIWO Tech Development Co., Ltd)
R3 EPMVssEaseusProvider; C:\Windows\system32\dllhost.exe /Processid:{A1C3A7C9-0D46-4DC9-B03E-F8F4814C553E} [21312 2020-11-19] (Microsoft Windows - & gt; Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-31] (Malwarebytes Inc - & gt; Malwarebytes)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1675392 2021-05-27] (A-Volute SAS - & gt; Nahimic)
R2 OPTIMUM SSD Tool Service; C:\Program Files (x86)\GOODRAM\OPTIMUM SSD Tool\OST_service.exe [413264 2020-07-16] (Wilk Elektronik S.A. - & gt; Wilk Elektronik S.A.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-07-30] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14676264 2021-06-11] (TeamViewer Germany GmbH - & gt; TeamViewer Germany GmbH)
R2 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [114384 2021-04-21] (Code Sector - & gt; )
R3 VssEaseusProvider; C:\Windows\system32\dllhost.exe /Processid:{BD6B74E6-E775-4DBA-A6C2-BAF1A01DD731} [21312 2020-11-19] (Microsoft Windows - & gt; Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Sterowniki (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. - & gt; )
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. - & gt; )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
S3 epmdkdrv; C:\Windows\system32\epmdkdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; )
R0 EPMVolFl; C:\Windows\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; Windows (R) Codename Longhorn DDK provider)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [74296 2021-01-12] (Microsoft Windows Hardware Compatibility Publisher - & gt; CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [53304 2021-01-12] (Microsoft Windows Hardware Compatibility Publisher - & gt; )
R0 EUDCPEPM; C:\Windows\System32\drivers\EUDCPEPM.sys [76344 2020-12-08] (Microsoft Windows Hardware Compatibility Publisher - & gt; CHENGDU YIWO Tech Development Co., Ltd)
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [22784 2021-01-12] (Microsoft Windows Hardware Compatibility Publisher - & gt; CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\Windows\system32\drivers\EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [341760 2021-01-12] (Microsoft Windows Hardware Compatibility Publisher - & gt; CHENGDU YIWO Tech Development Co., Ltd)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (cert@ezbsystems.com - & gt; EZB Systems, Inc.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-06-09] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-06-09] (Malwarebytes Inc - & gt; Malwarebytes)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute - & gt; Windows (R) Win 7 DDK provider)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd - & gt; )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd - & gt; )
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [93240 2011-06-15] (Zhenping Sun - & gt; PowerISO Computing, Inc.)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (OOO Sfera-Tehno - & gt; Atola) [Brak podpisu cyfrowego]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows - & gt; Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows - & gt; Microsoft Corporation)
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S3 MpKsl98bdde89; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{89EFB351-5E7C-4E79-9078-1DA729A66DA1}\MpKslDrv.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc (utworzone) (filtrowane) =========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2021-08-01 08:07 - 2021-08-01 08:07 - 000000000 ____D C:\FRST
2021-08-01 07:47 - 2021-08-01 07:47 - 000636640 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-01 07:45 - 2021-08-01 07:46 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\Wise Disk Cleaner
2021-08-01 07:45 - 2021-08-01 07:45 - 000001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner.lnk
2021-08-01 07:45 - 2021-08-01 07:45 - 000001295 _____ C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2021-08-01 07:45 - 2021-08-01 07:45 - 000000000 ____D C:\Windows\system32\Tasks\WiseCleaner
2021-08-01 07:45 - 2021-08-01 07:45 - 000000000 ____D C:\Program Files (x86)\Wise
2021-08-01 03:12 - 2021-08-01 03:12 - 000000000 _RSHD C:\ProgramData\Key-Base
2021-08-01 03:12 - 2021-08-01 03:12 - 000000000 ____D C:\ProgramData\{ED1C3E74-F7AD-1BC6-C807-33CAE31BBFD1}
2021-08-01 03:09 - 2021-08-01 03:09 - 000000892 _____ C:\Users\Krzysztof\Desktop\Kopia.reg
2021-07-31 09:13 - 2021-07-31 09:13 - 000000000 ____D C:\AdwCleaner
2021-07-31 08:49 - 2021-07-31 08:49 - 000000000 ____D C:\Users\Krzysztof\AppData\Local\ESET
2021-07-30 19:52 - 2021-07-31 07:18 - 000000000 ____D C:\Program Files (x86)\DearMob
2021-07-30 19:52 - 2021-07-30 19:52 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\Digiarty
2021-07-30 19:44 - 2021-07-30 19:46 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\KMP
2021-07-30 05:29 - 2021-07-30 05:29 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-07-30 05:29 - 2021-07-30 05:29 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-07-30 05:29 - 2021-07-30 05:29 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-07-30 05:29 - 2021-07-30 05:29 - 000011461 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-07-30 05:28 - 2021-07-30 05:28 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-07-29 17:43 - 2021-07-29 17:43 - 000000000 ____D C:\Users\Krzysztof\AppData\Local\ElevatedDiagnostics
2021-07-27 14:07 - 2021-08-01 02:24 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\qBittorrent
2021-07-27 14:07 - 2021-07-27 14:07 - 000000903 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2021-07-27 14:07 - 2021-07-27 14:07 - 000000000 ____D C:\Users\Krzysztof\AppData\Local\qBittorrent
2021-07-27 14:07 - 2021-07-27 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2021-07-27 14:07 - 2021-07-27 14:07 - 000000000 ____D C:\Program Files\qBittorrent
2021-07-27 12:51 - 2021-08-01 07:48 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-27 12:51 - 2021-07-27 12:51 - 000001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-27 12:51 - 2021-07-27 12:51 - 000001007 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-07-27 12:51 - 2021-07-27 12:51 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-07-27 12:51 - 2021-07-27 12:51 - 000000000 ____D C:\Users\Krzysztof\AppData\Local\Mozilla
2021-07-27 12:51 - 2021-07-27 12:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-27 12:51 - 2021-07-27 12:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-27 10:25 - 2021-07-27 10:25 - 000042241 _____ C:\Users\Krzysztof\Desktop\bookmarks-2021-07-27.json
2021-07-27 10:18 - 2021-07-27 10:20 - 189373428 _____ C:\Users\Krzysztof\Desktop\KATALOG_PODSTAWOWY_2021.pdf
2021-07-25 16:12 - 2021-07-27 10:32 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-21 18:08 - 2021-07-21 18:08 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-07-20 17:33 - 2021-07-20 17:33 - 000000000 ____D C:\Users\Krzysztof\AppData\LocalLow\Oracle
2021-07-19 14:34 - 2021-06-29 05:43 - 000159864 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2021-07-17 07:25 - 2018-12-20 01:05 - 000229296 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2021-07-14 05:28 - 2021-07-14 05:28 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2021-07-14 05:28 - 2021-07-14 05:28 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2021-07-14 05:28 - 2021-07-14 05:28 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb
2021-07-14 05:28 - 2021-07-14 05:28 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb
2021-07-08 18:02 - 2021-07-08 18:02 - 000001306 _____ C:\Users\Public\Desktop\OPTIMUM SSD Tool.lnk
2021-07-08 18:02 - 2021-07-08 18:02 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\Goodram
2021-07-08 18:02 - 2021-07-08 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOODRAM
2021-07-08 18:02 - 2021-07-08 18:02 - 000000000 ____D C:\Program Files (x86)\GOODRAM
2021-07-06 05:11 - 2021-07-06 05:11 - 000003284 _____ C:\Windows\system32\Tasks\MiniToolPartitionWizard
2021-07-06 05:11 - 2021-07-06 05:11 - 000001042 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard.lnk
2021-07-06 05:11 - 2021-07-06 05:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12
2021-07-06 05:11 - 2021-07-06 05:11 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
==================== Jeden miesiąc (zmodyfikowane) ==================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2021-08-01 08:07 - 2021-06-08 19:58 - 000000000 ____D C:\Users\Krzysztof\AppData\LocalLow\Mozilla
2021-08-01 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Registration
2021-08-01 08:06 - 2021-06-08 20:00 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\IDM
2021-08-01 07:54 - 2021-06-08 18:16 - 001768984 _____ C:\Windows\system32\PerfStringBackup.INI
2021-08-01 07:54 - 2019-12-07 17:09 - 000784578 _____ C:\Windows\system32\perfh015.dat
2021-08-01 07:54 - 2019-12-07 17:09 - 000152474 _____ C:\Windows\system32\perfc015.dat
2021-08-01 07:54 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-08-01 07:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-01 07:48 - 2021-06-09 01:48 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\MPC-HC
2021-08-01 07:47 - 2021-06-25 17:38 - 000000000 ____D C:\Program Files\TeamViewer
2021-08-01 07:47 - 2021-06-08 18:02 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-01 07:47 - 2020-11-19 01:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-08-01 07:46 - 2021-06-25 17:39 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\TeamViewer
2021-08-01 07:46 - 2021-06-08 19:01 - 000000000 ____D C:\Windows\Panther
2021-08-01 07:46 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\Downloaded Program Files
2021-08-01 07:46 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-08-01 07:45 - 2021-06-08 20:00 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\DMCache
2021-08-01 07:33 - 2021-06-08 18:05 - 000000000 ____D C:\Users\Krzysztof\AppData\Local\ConnectedDevicesPlatform
2021-08-01 07:30 - 2021-06-08 18:05 - 000000000 ____D C:\Users\Krzysztof\AppData\Local\Packages
2021-08-01 07:19 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-08-01 02:47 - 2021-06-09 01:04 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\foobar2000
2021-08-01 02:34 - 2021-06-08 20:00 - 000000000 ____D C:\Users\Krzysztof\Downloads\Compressed
2021-08-01 02:24 - 2021-06-08 18:05 - 000000000 ____D C:\Users\Krzysztof
2021-08-01 01:36 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-08-01 01:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-01 01:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-08-01 01:26 - 2020-11-19 01:41 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-01 01:26 - 2020-11-19 01:41 - 000002300 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-07-31 15:30 - 2020-11-19 00:38 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-07-31 09:15 - 2021-06-09 01:15 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\TeraCopy
2021-07-31 08:44 - 2021-06-09 01:09 - 000002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-31 08:44 - 2021-06-09 01:09 - 000002035 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-07-31 08:27 - 2021-06-08 20:00 - 000000000 ____D C:\Users\Krzysztof\Downloads\Video
2021-07-30 09:15 - 2021-06-09 01:14 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-30 05:34 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-07-30 05:34 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-07-30 05:34 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-07-30 05:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-07-30 05:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-07-30 05:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-07-30 05:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-07-30 05:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-07-30 05:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-07-30 05:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-07-30 05:34 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-07-29 07:45 - 2020-11-19 01:41 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-29 07:45 - 2020-11-19 01:41 - 000003386 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-27 14:14 - 2021-06-08 19:55 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2021-07-27 12:51 - 2021-06-08 19:58 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\Mozilla
2021-07-27 10:33 - 2021-06-08 20:00 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2021-07-26 15:58 - 2021-06-08 18:07 - 000003388 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3106871799-3620040056-3846488222-1001
2021-07-26 15:58 - 2021-06-08 18:07 - 000000000 ___RD C:\Users\Krzysztof\OneDrive
2021-07-26 15:58 - 2021-06-08 18:05 - 000002453 _____ C:\Users\Krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-25 16:44 - 2021-06-13 15:05 - 000000000 ____D C:\Users\Krzysztof\AppData\Local\ChomikBox
2021-07-25 16:11 - 2021-06-13 15:05 - 000000000 ____D C:\Users\Krzysztof\.gstreamer-0.10
2021-07-21 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-07-21 18:07 - 2021-06-19 14:05 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-20 17:34 - 2021-06-09 01:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-07-20 17:34 - 2021-06-09 01:05 - 000000000 ____D C:\Program Files\Java
2021-07-20 17:33 - 2021-06-09 01:06 - 000191832 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2021-07-14 05:31 - 2021-06-12 16:23 - 000000048 _____ C:\Windows\SysWOW64\EUTB.TODJ
2021-07-14 05:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-07-14 05:30 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 05:18 - 2021-06-08 18:14 - 000000000 ____D C:\Windows\system32\MRT
2021-07-14 05:16 - 2021-06-08 18:14 - 133422552 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-07-10 07:12 - 2020-11-19 01:39 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-07-08 18:07 - 2021-06-11 18:22 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\KSM
2021-07-06 05:12 - 2021-06-13 15:04 - 000000000 ____D C:\Users\Krzysztof\AppData\Roaming\QtProject
==================== Pliki w katalogu głównym wybranych folderów ========
2021-06-13 14:55 - 2021-06-13 14:55 - 000000001 _____ () C:\Users\Krzysztof\AppData\Local\llftool.4.40.agreement
2021-06-12 16:17 - 2021-06-12 16:17 - 000000001 _____ () C:\Users\Krzysztof\AppData\Local\RawCopy.1.10.agreement
2021-06-09 01:18 - 2021-06-09 01:18 - 000000003 _____ () C:\Users\Krzysztof\AppData\Local\updater.log
2021-06-09 01:18 - 2021-06-09 01:18 - 000000424 _____ () C:\Users\Krzysztof\AppData\Local\UserProducts.xml
==================== SigCheck ============================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
==================== Koniec FRST.txt ========================