ADVERTISEMENT

FRST.txt

Prośba o analizę logów FRST - oczekiwanie na feedback

Proszę o sprawdzenie logów FRST. Z góry dziękuję za pomoc.


Download file - link to post

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-08-2021
Ran by Piotr (administrator) on LENOVO-8D9DA260 (LENOVO 2768W9X) (27-08-2021 16:23:52)
Running from C:\Documents and Settings\Piotr\Moje dokumenty\Pobrane
Loaded Profiles: Piotr
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Language: Polski - & gt; Polski
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\APP\ddc\bin\psaAgent.exe
() [File not signed] C:\APP\ddc\bin\psaSingleSignOnDaemon.exe
() [File not signed] C:\APP\ediag\eclipse.exe
() [File not signed] C:\APP\sim\sim.exe
() [File not signed] C:\PROGRA~1\cosids\APACHE~1\Apache\ApchT2kW.exe & lt; 2 & gt;
() [File not signed] C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed] C:\WINDOWS\system32\PrintCtrl.exe
(Apache Software Foundation) [File not signed] C:\APP\ddc\opt\apache\bin\httpd_ddc.exe & lt; 2 & gt;
(Disc Soft Ltd - & gt; Disc Soft Ltd) [File not signed] C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(FabulaTech) [File not signed] C:\WINDOWS\system32\ftspssrv.exe
(FingerPower Digital Technology Ltd. - & gt; ) C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe
(International Business Machines Corporation) [File not signed] C:\APP\ediag\importedj9\jre\bin\j9w.exe
(LENOVO - & gt; Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(LENOVO - & gt; Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(LENOVO(JAPAN)LTD. - & gt; Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo(Japan)Ltd. - & gt; Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo(Japan)Ltd. - & gt; Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo(Japan)Ltd. - & gt; Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(Microsoft Corporation) [File not signed] C:\WINDOWS\explorer.exe
(Microsoft Corporation) [File not signed] C:\WINDOWS\system32\alg.exe
(Microsoft Corporation) [File not signed] C:\WINDOWS\system32\ctfmon.exe
(Microsoft Corporation) [File not signed] C:\WINDOWS\system32\rundll32.exe & lt; 2 & gt;
(Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wbem\wmiprvse.exe
(Microsoft Corporation) [File not signed] C:\WINDOWS\system32\wscntfy.exe
(Microsoft Windows Component Publisher - & gt; Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Microsoft Windows Hardware Compatibility Publisher - & gt; ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe & lt; 2 & gt;
(Microsoft Windows Hardware Compatibility Publisher - & gt; Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Mozilla Corporation - & gt; Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files\National Instruments\MAX\nimxs.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files\National Instruments\Shared\niauth\niauth_daemon.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files\National Instruments\Shared\nisvcloc\nisvcloc.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\WINDOWS\system32\lkads.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\WINDOWS\system32\lktsrv.exe
(National Instruments Corporation - & gt; National Instruments, Inc.) C:\WINDOWS\system32\lkcitdl.exe
(SafeNet, Inc. - & gt; SafeNet Inc.) C:\WINDOWS\system32\hasplms.exe
(SafeNet, Inc. - & gt; SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc. - & gt; SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(SafeNet, Inc.) [File not signed] C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(Sun Microsystems, Inc.) [File not signed] C:\PROGRA~1\cosids\JRE\bin\java.exe
(Synaptics, Inc.) [File not signed] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(The Firebird Project) [File not signed] C:\APP\firebird\bin\fbguard.exe
(The Firebird Project) [File not signed] C:\APP\firebird\bin\fbserver.exe
(TransAction Software, D 81737 Munich) [File not signed] C:\PROGRA~1\cosids\bin\tbmux32.exe
(VMware, Inc. - & gt; VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(VMware, Inc. - & gt; VMware, Inc.) C:\Program Files\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. - & gt; VMware, Inc.) C:\WINDOWS\system32\vmnat.exe
(VMware, Inc. - & gt; VMware, Inc.) C:\WINDOWS\system32\vmnetdhcp.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrSaz.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] = & gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1351680 2008-07-04] (Synaptics, Inc.) [File not signed]
HKLM\...\Run: [BluetoothAuthenticationAgent] = & gt; rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [KernelFaultCheck] = & gt; %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [PrintDisp] = & gt; C:\WINDOWS\system32\PrintDisp.exe [1004032 2010-07-23] (ActMask Co.,Ltd - hxxp://www.all2pdf.com) [File not signed]
HKLM\...\Run: [psastart] = & gt; C:\APP\ddc\bin\psaagent.exe [205824 2014-10-29] () [File not signed]
HKLM\...\Run: [ediagStart] = & gt; C:\APP\ediag\eDiagStart.lnk [512 2021-07-12] () [File not signed]
HKLM\...\Run: [SIM] = & gt; C:\APP\SIM\SIMBat.lnk [519 2021-07-12] () [File not signed]
HKLM\...\Run: [ClipStatusNotification] = & gt; C:\Clip_X91\Lib\Application\StatusNotification.exe [111104 2017-05-22] (Bosch) [File not signed]
HKLM\...\Run: [Adobe ARM] = & gt; C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [54272 2008-04-15] (Microsoft Corporation) [File not signed]
HKLM\...\Winlogon: [Shell] C:\WINDOWS\Explorer.exe [1062912 2008-04-15] (Microsoft Corporation) [File not signed]
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [542720 2008-04-15] (Microsoft Corporation) [File not signed]
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2010-08-26] (ATI Technologies Inc.)
HKU\S-1-5-19\...\Run: [CTFMON.EXE] = & gt; C:\WINDOWS\system32\CTFMON.EXE [43008 2008-04-15] (Microsoft Corporation) [File not signed]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE - & gt; C:\WINDOWS\System32\logon.scr [220672 2008-04-15] (Microsoft Corporation) [File not signed]
HKU\S-1-5-20\...\Run: [CTFMON.EXE] = & gt; C:\WINDOWS\system32\CTFMON.EXE [43008 2008-04-15] (Microsoft Corporation) [File not signed]
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE - & gt; C:\WINDOWS\System32\logon.scr [248320 2008-04-15] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-1757981266-179605362-682003330-1003\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3281600 2016-03-03] (Disc Soft Ltd - & gt; Disc Soft Ltd) [File not signed]
HKU\S-1-5-21-1757981266-179605362-682003330-1003\...\Run: [ctfmon.exe] = & gt; C:\WINDOWS\system32\ctfmon.exe [43008 2008-04-15] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-1757981266-179605362-682003330-1003\...\Run: [AlcoholAutomount] = & gt; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft - & gt; Alcohol Soft Development Team)
HKU\S-1-5-21-1757981266-179605362-682003330-1003\...\MountPoints2: {041cb047-ccaf-11e5-bdd0-00216a18495e} - E:\AutoRun.exe
HKU\S-1-5-21-1757981266-179605362-682003330-1003\...\MountPoints2: {36f6dac1-2f05-11e9-b11d-005056c00008} - F:\Setup.exe
HKU\S-1-5-21-1757981266-179605362-682003330-1003\...\MountPoints2: {62d9f55e-2934-11e9-a6dc-005056c00008} - F:\Setup.exe
HKU\S-1-5-21-1757981266-179605362-682003330-1003\...\MountPoints2: {723fe7c1-0528-11e6-a9fb-005056c00008} - E:\autorun.exe
HKU\S-1-5-21-1757981266-179605362-682003330-1003\...\MountPoints2: {c2357669-6946-11e7-8d13-00216a18495e} - E:\Setup.exe
HKU\S-1-5-18\...\Run: [CTFMON.EXE] = & gt; C:\WINDOWS\system32\CTFMON.EXE [43008 2008-04-15] (Microsoft Corporation) [File not signed]
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE - & gt; C:\WINDOWS\BOSCHE~1.SCR
HKLM\...\Windows NT x86\Print Processors\ActPrint: C:\Windows\System32\spool\prtprocs\W32X86\ActPrint.dll [28672 2010-06-21] (ActMask Co.,Ltd) [File not signed]
HKLM\...\Windows NT x86\Print Processors\MS_XPS: C:\Windows\System32\spool\prtprocs\W32X86\filterpipelineprintproc.dll [89088 2008-07-06] (Microsoft Windows Component Publisher - & gt; Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\winprint: localspl.dll
HKLM\...\Print\Monitors\BJ Language Monitor: C:\WINDOWS\system32\cnbjmon.dll [49152 2008-04-15] (Microsoft Windows Component Publisher - & gt; Microsoft Corporation)
HKLM\...\Print\Monitors\HP 8911 Status Monitor: C:\WINDOWS\system32\hpinksts8911LM.dll [269200 2012-09-12] (Hewlett Packard - & gt; Hewlett-Packard Co.)
HKLM\...\Print\Monitors\MPE3 Port: C:\WINDOWS\system32\mpelocalmon.dll [23040 2018-05-14] (Copyright (c) Code Industry Ltd) [File not signed]
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [96256 2016-11-29] (pdfforge GmbH) [File not signed]
HKLM\...\Print\Monitors\PJL Language Monitor: C:\WINDOWS\system32\pjlmon.dll [15360 2008-04-15] (Microsoft Windows Component Publisher - & gt; Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [ & lt; {12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] - & gt; C:\WINDOWS\system32\ieudinit.exe [2009-03-08] (Microsoft Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [ & gt; {22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - & gt; C:\WINDOWS\inf\unregmp2.exe [2007-06-27] (Microsoft Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [ & gt; {881dd1c5-3dcf-431b-b061-f3f88e8be88a}] - & gt; C:\WINDOWS\system32\shmgrate.exe [2008-04-15] (Microsoft Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] - & gt;
HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - & gt;
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - & gt; C:\Program Files\Outlook Express\setup50.exe [2008-04-15] (Microsoft Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] - & gt; C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Windows - & gt; Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] - & gt; C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Windows - & gt; Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - & gt; C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Windows - & gt; Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] - & gt; C:\Program Files\Outlook Express\setup50.exe [2008-04-15] (Microsoft Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2021-02-08] (Google Inc - & gt; Google Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] - & gt; C:\WINDOWS\System32\cscui.dll [2008-04-15] (Microsoft Windows Component Publisher - & gt; Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\NI Error Reporting.lnk [2019-04-04]
ShortcutTarget: NI Error Reporting.lnk - & gt; C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation - & gt; National Instruments Corporation)
Startup: C:\Documents and Settings\Piotr\Menu Start\Programy\Autostart\Powiadomienia monitorowania tuszu - HP Deskjet 1050 J410 series.lnk [2021-08-27]
ShortcutAndArgument: Powiadomienia monitorowania tuszu - HP Deskjet 1050 J410 series.lnk - & gt; C:\WINDOWS\system32\RunDll32.exe = & gt; " C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll " ,RunDLLEntry SERIALNUMBER=CN35R1FN3705YC;CONNECTION=USB;MONITOR=1;
Startup: C:\Documents and Settings\Piotr\Menu Start\Programy\Autostart\RT-Automatyczne aktualizacje-AKP.lnk [2021-03-26]
ShortcutTarget: RT-Automatyczne aktualizacje-AKP.lnk - & gt; C:\ADAKO\VCDS\VCDS.exe (Ross-Tech, LLC - & gt; Ross-Tech, LLC) [File not signed]
Startup: C:\Documents and Settings\Piotr\Menu Start\Programy\Autostart\RT-Updater.lnk [2021-04-16]
ShortcutTarget: RT-Updater.lnk - & gt; C:\Ross-Tech\VCDS\VCDS.EXE (Ross-Tech, LLC - & gt; Ross-Tech, LLC) [File not signed]
GroupPolicy: Restriction ? & lt; ==== ATTENTION
Policies: C:\Documents and Settings\All Users\NTUSER.pol: Restriction & lt; ==== ATTENTION

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job = & gt; C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job = & gt; C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1757981266-179605362-682003330-1003] = & gt;
Winsock: Catalog5 05 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2014-06-06] (National Instruments Corporation - & gt; National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 31.11.173.2 89.228.4.126
Tcpip\..\Interfaces\{90FF9259-6D0E-4CED-8C1F-6733ADB34F04}: [DhcpNameServer] 31.11.173.2 89.228.4.126

FireFox:
========
FF ProfilePath: C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab\SafeBrowser\S-1-5-21-1757981266-179605362-682003330-1003\FireFox [not found] & lt; ==== ATTENTION
FF DefaultProfile: bm25p6iu.default-1480065242984
FF ProfilePath: C:\Documents and Settings\Piotr\Dane aplikacji\TomTom\HOME\Profiles\9zm95k4p.default [2019-09-03]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\bm25p6iu.default-1480065242984 [2021-08-27]
FF NewTab: C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\bm25p6iu.default-1480065242984 - & gt; hxxp://securedsearch.lavasoft.com/?pr=vmn & id=webcompa & ent=hp_WCYID10420__200119
FF Extension: (Google Translator for Firefox) - C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\bm25p6iu.default-1480065242984\Extensions\translator@zoli.bod.xpi [2017-02-02] [Legacy]
FF Extension: (Mozilla Archive Format) - C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\bm25p6iu.default-1480065242984\Extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}.xpi [2018-02-21] [Legacy]
FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Documents and Settings\Piotr\Dane aplikacji\Mozilla\Firefox\Profiles\bm25p6iu.default-1480065242984\features\{52030780-08df-48ad-b23f-4148c3a75ece}\hotfix-bug-1548973@mozilla.org.xpi [2020-02-27] [Legacy]
FF ProfilePath: C:\Documents and Settings\Piotr\Dane aplikacji\Actia\diagnostic2.3.4.3\Profiles\1vgz2mim.default [2021-07-12]
FF ProfilePath: C:\Documents and Settings\Piotr\Dane aplikacji\Actia\diagnostic2.3.30.0\Profiles\nuzrpkqo.default [2018-07-31]
FF ProfilePath: C:\Documents and Settings\Piotr\Dane aplikacji\Actia\diagnostic2.16.3.0\Profiles\3gpu6f39.default [2020-12-14]
FF ProfilePath: C:\Documents and Settings\Piotr\Dane aplikacji\Actia\diagnostic2.16.2.0\Profiles\3fnnm8np.default [2021-07-29]
FF ProfilePath: C:\Documents and Settings\Piotr\Dane aplikacji\Actia\diagnostic2.15.2.0\Profiles\3unk0dge.default [2021-07-12]
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_465.dll [2021-02-08] (Adobe Inc. - & gt; ) [File not signed]
FF Plugin: @adobe.com/ShockwavePlayer - & gt; C:\WINDOWS\system32\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @java.com/DTPlugin,version=11.151.2 - & gt; C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-25] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 - & gt; C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-25] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @lattice3d.com/XVL Player - & gt; C:\Program Files\Lattice\Player3\npxvlplay.dll [2016-02-22] (Lattice Technology Co.,Ltd. - & gt; Lattice Technology Co.,Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - & gt; c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: Adobe Reader - & gt; C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems, Incorporated - & gt; Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default " }, " rappor " :{ " cohort_seed " :378, " last_daily_sample " : " 13274221539003241
CHR Profile: C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default [2021-08-23]
CHR Extension: (Prezentacje) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-13]
CHR Extension: (Dokumenty) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-16]
CHR Extension: (Dysk Google) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-05]
CHR Extension: (Google Search) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-08]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-08]
CHR Extension: (Gmail) - C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-08]
CHR Profile: C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Guest Profile [2021-08-09]
CHR Profile: C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\System Profile [2021-08-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALG; C:\WINDOWS\System32\alg.exe [72192 2008-04-15] (Microsoft Corporation) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [606208 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher - & gt; ATI Technologies Inc.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft - & gt; Alcohol Soft Development Team)
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [33280 2008-04-15] (Microsoft Corporation) [File not signed]
S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [60928 2008-04-15] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [32768 2008-04-15] (Microsoft Corporation) [File not signed]
R2 COSIDS_TB; C:\Program Files\cosids\bin\tbmux32.exe [193024 2001-11-20] (TransAction Software, D 81737 Munich) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082560 2016-03-03] (Disc Soft Ltd - & gt; Disc Soft Ltd) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [252928 2008-04-15] (Microsoft Corp., Veritas Software) [File not signed]
R2 FirebirdGuardianDefaultInstance; C:\APP\firebird\bin\fbguard.exe [94208 2008-07-03] (The Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\APP\firebird\bin\fbserver.exe [1556480 2008-07-03] (The Firebird Project) [File not signed]
R2 ftspssrv; C:\WINDOWS\system32\ftspssrv.exe [737280 2011-03-11] (FabulaTech) [File not signed]
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4609928 2013-08-01] (SafeNet, Inc. - & gt; SafeNet Inc.)
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [178176 2008-04-15] (Microsoft Corporation) [File not signed]
R2 KingoSoftService; C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\Kingosoft\Kingo Root\update_54326\bin\checkupdate.exe [389632 2018-10-23] () [File not signed]
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [268288 2013-01-17] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1349632 2013-01-17] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [420352 2013-01-17] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [363008 2013-01-17] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [505856 2013-01-17] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [400896 2013-01-17] (Volkswagen AG) [File not signed]
R2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [44024 2013-02-26] (LENOVO(JAPAN)LTD. - & gt; Lenovo Group Limited)
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [110128 2014-05-27] (Lenovo(Japan)Ltd. - & gt; Lenovo Group Limited)
R2 LkCitadelServer; C:\WINDOWS\system32\lkcitdl.exe [695136 2014-01-14] (National Instruments Corporation - & gt; National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\system32\lkads.exe [53032 2014-06-09] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\system32\lktsrv.exe [63280 2014-06-09] (National Instruments Corporation - & gt; National Instruments Corporation)
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [61440 2008-04-15] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [33792 2008-04-15] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\system32\msiexec.exe /V [123392 2008-05-19] (Microsoft Corporation) [File not signed]
R2 mxssvr; C:\Program Files\National Instruments\MAX\nimxs.exe [84280 2014-07-16] (National Instruments Corporation - & gt; National Instruments Corporation)
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [142336 2008-04-15] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [142336 2008-04-15] (Microsoft Corporation) [File not signed]
R2 niauth; C:\Program Files\National Instruments\Shared\niauth\niauth_daemon.exe [569152 2014-06-20] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 NIDomainService; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [394544 2014-06-09] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 niLXIDiscovery; C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [383352 2014-06-13] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [320368 2014-06-06] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files\National Instruments\Shared\niSvcLoc\nisvcloc.exe [89928 2014-06-06] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [195072 2012-12-07] () [File not signed]
R2 Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [94208 2009-10-28] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [169984 2008-04-15] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [102912 2008-04-15] (Microsoft Corporation) [File not signed]
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [160256 2008-04-15] (Microsoft Corporation) [File not signed]
R2 SentinelKeysServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [405504 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc. - & gt; SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc. - & gt; SafeNet, Inc.)
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{15F68F0B-4CDF-492D-BEF7-F919751C1039} [32768 2008-04-15] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [118784 2008-04-15] (Microsoft Corporation) [File not signed]
R2 TIS 2000 Apache Web Server; C:\Program Files\cosids\Apache Group\Apache\ApchT2kW.exe [31744 1999-03-23] () [File not signed]
S4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [102912 2008-04-15] (Microsoft Corporation) [File not signed]
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [116208 2014-06-10] (LENOVO - & gt; Lenovo Group Limited)
S3 UPS; C:\WINDOWS\System32\ups.exe [46080 2008-04-15] (Microsoft Corporation) [File not signed]
R2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [86744 2014-06-12] (VMware, Inc. - & gt; VMware, Inc.)
R2 VMnetDHCP; C:\WINDOWS\system32\vmnetdhcp.exe [359128 2014-06-12] (VMware, Inc. - & gt; VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [722624 2014-02-27] (VMware, Inc. - & gt; VMware, Inc.)
R2 VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [437976 2014-06-12] (VMware, Inc. - & gt; VMware, Inc.)
S3 VSS; C:\WINDOWS\System32\vssvc.exe [319488 2008-04-15] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-15] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [918016 2006-12-01] (Microsoft Corporation) [File not signed]
S2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe [509952 2018-08-29] (Wondershare) [File not signed]
S2 Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksfridge; C:\WINDOWS\system32\drivers\aksfridge.sys [376200 2013-08-01] (SafeNet, Inc. - & gt; SafeNet Inc.)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [5386752 2010-08-26] (Microsoft Windows Hardware Compatibility Publisher - & gt; ATI Technologies Inc.)
R3 audas0; C:\WINDOWS\System32\DRIVERS\audas0.sys [879032 2013-12-30] (nodongle.biz solutions (test) - & gt; nodongle.biz solutions)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Windows Component Publisher - & gt; Microsoft Corporation)
R3 CnxtHdAudService; C:\WINDOWS\System32\drivers\CHDAU32.sys [822400 2010-07-18] (Conexant Systems, Inc. - & gt; Conexant Systems Inc.)
R2 cvintdrv; C:\Windows\System32\Drivers\cvintdrv.sys [21792 2014-01-15] (National Instruments Corporation - & gt; )
S3 dg_ssudbus; C:\WINDOWS\System32\DRIVERS\ssudbus.sys [83864 2013-05-02] (Samsung Electronics CO., LTD. - & gt; DEVGURU Co., LTD.(www.devguru.co.kr))
R2 DirectNT; C:\Windows\System32\Drivers\DirectNT.sys [3424 2004-10-19] (c't) [File not signed]
U5 dmboot; C:\Windows\System32\Drivers\dmboot.sys [800000 2008-04-15] (Microsoft Windows Component Publisher - & gt; Microsoft Corp., Veritas Software)
R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [26168 2016-12-29] (Disc Soft Ltd - & gt; Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\DRIVERS\dtliteusbbus.sys [40504 2016-12-29] (Disc Soft Ltd - & gt; Disc Soft Ltd)
S3 DUB-E100; C:\WINDOWS\System32\DRIVERS\DUB-E100.sys [80128 2013-08-12] (Microsoft Windows Hardware Compatibility Publisher - & gt; ASIX Electronics Corp.)
S3 e1yexpress; C:\WINDOWS\System32\DRIVERS\e1y5132.sys [250584 2011-10-20] (Intel Corporation - & gt; Intel Corporation)
R2 eusk2par; C:\WINDOWS\system32\Drivers\eusk2par.sys [25680 2008-12-18] (Aladdin Knowledge Systems LTD - & gt; Aladdin Knowledge Systems Ltd.)
S3 FTD2XX; C:\WINDOWS\System32\Drivers\FTD2XX.sys [29292 2004-10-15] (FTDI Ltd.) [File not signed]
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [65896 2013-07-12] (Future Technology Devices International Ltd - & gt; FTDI Ltd.)
S3 FTSER2K; C:\WINDOWS\System32\drivers\ftser2k.sys [74088 2013-07-12] (Future Technology Devices International Ltd - & gt; FTDI Ltd.)
R3 ftvspenum; C:\WINDOWS\System32\DRIVERS\ftvspenum.sys [36856 2011-01-12] (FabulaTech - & gt; FabulaTech)
S3 ftvsport; C:\WINDOWS\system32\drivers\ftvsport.sys [45560 2011-01-12] (FabulaTech - & gt; FabulaTech)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [608648 2013-08-01] (SafeNet, Inc. - & gt; SafeNet Inc.)
R2 hcmon; C:\WINDOWS\system32\drivers\hcmon.sys [43840 2014-02-27] (VMware, Inc. - & gt; VMware, Inc.)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-15] (Microsoft Windows Component Publisher - & gt; Windows (R) Server 2003 DDK provider)
R2 HOSTNT; C:\Windows\System32\Drivers\HOSTNT.sys [4032 2013-03-23] () [File not signed]
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2005-10-22] (Microsoft Windows Hardware Compatibility Publisher - & gt; HP)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [210304 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher - & gt; Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [986240 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher - & gt; Conexant Systems, Inc.)
S3 htcnprot; C:\WINDOWS\System32\DRIVERS\htcnprot.sys [21248 2012-12-07] (Microsoft Windows Hardware Compatibility Publisher - & gt; Windows (R) Win 7 DDK provider)
R2 io.sys; C:\WINDOWS\system32\drivers\io.sys [5152 2014-07-28] () [File not signed]
S3 Jcae04_USBw32; C:\WINDOWS\System32\Drivers\Jcae04_USBw32.sys [39080 2016-03-25] (Bosch Automotive Service Solutions SARL - & gt; JCAE)
S3 JCAECAN; C:\WINDOWS\System32\drivers\JCAECan.sys [22992 2016-03-25] (Bosch Automotive Service Solutions SARL - & gt; Johnson Controls)
S3 JCAEISO; C:\WINDOWS\System32\drivers\JCAEIso.sys [22992 2016-03-25] (Bosch Automotive Service Solutions SARL - & gt; Johnson Controls)
S3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [35392 2015-06-28] (Akeo Consulting - & gt; hxxp://libusb-win32.sourceforge.net)
R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-18] (Microsoft Windows Hardware Compatibility Publisher - & gt; Conexant)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Windows Component Publisher - & gt; Microsoft Corporation)
R3 NETwNx32; C:\WINDOWS\System32\DRIVERS\NETwNx32.sys [7477760 2012-01-24] (Microsoft Windows Hardware Compatibility Publisher - & gt; Intel Corporation)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [14176 2014-03-13] (National Instruments Corporation - & gt; National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [14160 2014-03-12] (National Instruments Corporation - & gt; National Instruments Corporation)
S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [13696 2014-06-05] (National Instruments Corporation - & gt; National Instruments Corporation)
R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [604504 2014-06-05] (National Instruments Corporation - & gt; National Instruments Corporation)
S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [13688 2014-06-05] (National Instruments Corporation - & gt; National Instruments Corporation)
R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [17752 2014-02-28] (National Instruments Corporation - & gt; National Instruments Corporation)
S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [14176 2014-09-13] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [14176 2014-09-13] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 NSHE; C:\WINDOWS\system32\Drivers\NSHE.SYS [97792 2012-12-13] (Tecar Forum) [File not signed]
R1 oreans32; C:\WINDOWS\system32\drivers\oreans32.sys [33824 2014-10-02] () [File not signed]
R3 psadd; C:\WINDOWS\System32\DRIVERS\psadd.sys [21376 2007-02-19] (Microsoft Windows Hardware Compatibility Publisher - & gt; Lenovo (United States) Inc.)
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2008-04-15] (Microsoft Windows Component Publisher - & gt; Parallel Technologies, Inc.)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd - & gt; )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd - & gt; )
R2 rimmptsk; C:\WINDOWS\System32\DRIVERS\rimmptsk.sys [46592 2008-02-15] (Microsoft Windows Hardware Compatibility Publisher - & gt; REDC)
R2 rimsptsk; C:\WINDOWS\System32\DRIVERS\rimsptsk.sys [43008 2007-07-30] (Microsoft Windows Hardware Compatibility Publisher - & gt; REDC)
R2 rismxdp; C:\WINDOWS\System32\DRIVERS\rixdptsk.sys [38400 2007-07-30] (Microsoft Windows Hardware Compatibility Publisher - & gt; REDC)
S3 RT-USB; C:\WINDOWS\System32\drivers\RT-USB.SYS [80256 2014-05-12] (Ross-Tech, LLC - & gt; Ross-Tech LLC)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-15] (Microsoft Windows Component Publisher - & gt; Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 Ser2pl; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [48640 2005-07-25] (Microsoft Windows Hardware Compatibility Publisher - & gt; Prolific Technology Inc.)
S3 ser2plx86; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [48640 2005-07-25] (Microsoft Windows Hardware Compatibility Publisher - & gt; Prolific Technology Inc.)
S3 silabenm; C:\WINDOWS\System32\DRIVERS\silabenm.sys [47176 2011-08-08] (Silicon Laboratories - & gt; Silicon Laboratories)
S3 silabser; C:\WINDOWS\System32\DRIVERS\silabser.sys [60544 2011-08-08] (Microsoft Windows Hardware Compatibility Publisher - & gt; Silicon Laboratories)
S3 SIUSBXP; C:\WINDOWS\System32\drivers\SiUSBXp.sys [14592 2009-11-17] (Silicon Laboratories) [File not signed]
R3 SNTNLUSB; C:\WINDOWS\System32\DRIVERS\SNTNLUSB.SYS [41936 2012-12-11] (SafeNet, Inc. - & gt; SafeNet, Inc.)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [329384 2016-12-29] (Disc Soft Ltd - & gt; Duplex Secure Ltd.)
S3 ssudmdm; C:\WINDOWS\System32\DRIVERS\ssudmdm.sys [181912 2013-05-02] (Samsung Electronics CO., LTD. - & gt; DEVGURU Co., LTD.(www.devguru.co.kr))
R2 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [13120 2016-02-21] (Rocket Division Software Ltd - & gt; )
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [37912 2012-07-20] (STMicroelectronics - & gt; STMicroelectronics)
R3 SynTP; C:\WINDOWS\System32\DRIVERS\SynTP.sys [225664 2008-07-03] (Microsoft Windows Hardware Compatibility Publisher - & gt; Synaptics, Inc.)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
R1 TPHKDRV; C:\WINDOWS\System32\DRIVERS\TPHKDRV.sys [17844 2013-05-22] (Microsoft Windows Hardware Compatibility Publisher - & gt; Lenovo Group Limited)
R3 tpm; C:\WINDOWS\System32\DRIVERS\tpm.sys [13824 2008-03-26] (Microsoft Windows Hardware Compatibility Publisher - & gt; Intel Corporation)
S3 VCommUSB; C:\WINDOWS\System32\Drivers\VCommUSB.sys [40576 2006-12-21] (ACTIA) [File not signed]
R3 vmkbd; C:\WINDOWS\system32\drivers\VMkbd.sys [26456 2014-06-12] (VMware, Inc. - & gt; VMware, Inc.)
R3 VMnetAdapter; C:\WINDOWS\System32\DRIVERS\vmnetadapter.sys [17104 2014-06-12] (VMware, Inc. - & gt; VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\System32\DRIVERS\vmnetbridge.sys [35032 2014-06-12] (VMware, Inc. - & gt; VMware, Inc.)
R2 VMnetuserif; C:\WINDOWS\system32\drivers\vmnetuserif.sys [26968 2014-06-12] (VMware, Inc. - & gt; VMware, Inc.)
R2 vmx86; C:\WINDOWS\system32\Drivers\vmx86.sys [66136 2014-06-12] (VMware, Inc. - & gt; VMware, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Windows Hardware Compatibility Publisher - & gt; Microsoft Corporation)
S3 WDI; C:\WINDOWS\System32\DRIVERS\WDI.sys [38088 2013-05-08] (WABCO - & gt; )
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [731264 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher - & gt; Conexant Systems, Inc.)
S3 WinDriver6; C:\WINDOWS\System32\drivers\windrvr6.sys [195424 2009-09-02] (Jungo) [File not signed]
U3 atkqkvw3; C:\Windows\System32\Drivers\atkqkvw3.sys [0 0000-00-00] (Microsoft Corporation) & lt; ==== ATTENTION (zero byte File/Folder)
S2 adc200; \SystemRoot\system32\drivers\adc200.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 WDC_SAM; system32\DRIVERS\wdcsam.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-27 16:23 - 2021-08-27 16:24 - 000000000 ____D C:\FRST
2021-08-27 12:42 - 2021-08-27 12:43 - 000000000 ____D C:\AdwCleaner
2021-08-11 09:19 - 2021-08-11 09:20 - 000000410 _____ C:\Documents and Settings\Piotr\Pulpit\Nowy Dokument tekstowy (4).txt
2021-08-10 12:07 - 2021-08-10 12:07 - 000000000 ____D C:\SiLabs
2021-08-10 11:55 - 2021-08-10 11:55 - 000000512 _____ C:\Documents and Settings\Piotr\Moje dokumenty\WBABP71030JZ05514-0D46J-2021-08-10(55).BIN
2021-08-10 11:54 - 2021-08-10 11:54 - 000000064 _____ C:\Documents and Settings\Piotr\Moje dokumenty\0D46J-2021-08-10(54).BIN
2021-08-10 11:52 - 2021-08-10 11:52 - 000000512 _____ C:\Documents and Settings\Piotr\Moje dokumenty\WBABP71030JZ05514-0D46J-2021-08-10(52).BIN
2021-08-10 11:51 - 2021-08-10 11:51 - 000000512 _____ C:\Documents and Settings\Piotr\Moje dokumenty\WBABP71030JZ05514-0D46J-2021-08-10(51).BIN
2021-08-10 11:09 - 2021-08-10 11:09 - 000000694 _____ C:\Documents and Settings\All Users\Pulpit\AK90.lnk
2021-08-09 10:49 - 2021-08-09 10:49 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_silabser_01009.Wdf
2021-08-09 10:44 - 2021-08-10 11:04 - 000000000 ____D C:\Program Files\HRT
2021-08-09 09:00 - 2021-08-09 09:02 - 000002347 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk
2021-08-09 08:29 - 2021-08-09 15:53 - 000000000 ____D C:\Program Files\CCleaner
2021-08-06 12:35 - 2021-08-06 12:35 - 000000000 ____D C:\Program Files\Silabs
2021-08-06 12:35 - 2011-08-08 10:45 - 000060544 _____ (Silicon Laboratories) C:\WINDOWS\system32\Drivers\silabser.sys
2021-08-06 12:35 - 2011-08-08 10:45 - 000047176 _____ (Silicon Laboratories) C:\WINDOWS\system32\Drivers\silabenm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-27 16:24 - 2019-04-21 21:00 - 000000000 ____D C:\Documents and Settings\Piotr\Ustawienia lokalne\Temp
2021-08-27 16:23 - 2014-06-12 19:48 - 000000000 ____D C:\Documents and Settings\Piotr\Moje dokumenty\Pobrane
2021-08-27 15:14 - 2013-03-22 20:35 - 001304130 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-27 15:14 - 2008-04-15 14:00 - 000571396 _____ C:\WINDOWS\system32\perfh015.dat
2021-08-27 15:14 - 2008-04-15 14:00 - 000113406 _____ C:\WINDOWS\system32\perfc015.dat
2021-08-27 15:10 - 2017-04-19 18:24 - 000000000 ____D C:\WINDOWS\hsperfdata_SYSTEM
2021-08-27 15:10 - 2013-08-02 23:32 - 000000000 ____D C:\Program Files\Google
2021-08-27 15:10 - 2013-07-18 11:23 - 000000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\VMware
2021-08-27 15:10 - 2013-07-18 11:21 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\VMware
2021-08-27 15:10 - 2013-03-22 19:51 - 000000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp
2021-08-27 15:10 - 2008-04-15 14:00 - 000013646 _____ C:\WINDOWS\system32\wpa.dbl
2021-08-27 15:09 - 2013-08-02 23:32 - 000001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2021-08-27 15:09 - 2013-03-22 19:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-27 14:47 - 2015-01-23 20:32 - 000032584 _____ C:\WINDOWS\SchedLgU.Txt
2021-08-27 14:47 - 2013-03-22 19:51 - 000000188 ___SH C:\Documents and Settings\Piotr\ntuser.ini
2021-08-27 14:08 - 2013-08-02 23:32 - 000001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2021-08-27 12:16 - 2013-03-22 19:51 - 000000000 ___HD C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2021-08-27 08:08 - 2013-03-22 19:51 - 000000000 ___HD C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji
2021-08-27 07:55 - 2021-01-28 15:03 - 000000000 ____D C:\MANWIS
2021-08-26 07:10 - 2013-03-22 22:26 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2021-08-26 07:10 - 2013-03-22 22:14 - 000000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\ThinkVantage
2021-08-26 07:05 - 2019-04-20 09:33 - 000000000 ____D C:\Documents and Settings\Piotr
2021-08-26 07:05 - 2017-03-26 07:18 - 000000000 ____D C:\Documents and Settings\ntp
2021-08-26 07:05 - 2013-03-22 19:51 - 000000000 __SHD C:\Documents and Settings\LocalService
2021-08-26 07:05 - 2013-03-22 19:50 - 000000000 __SHD C:\Documents and Settings\NetworkService
2021-08-26 07:05 - 2013-03-22 19:44 - 000000000 ____D C:\WINDOWS\Registration
2021-08-23 22:17 - 2018-07-12 17:08 - 000000000 ____D C:\Documents and Settings\Piotr\Pulpit\Ciężarowe
2021-08-23 22:17 - 2013-03-22 19:51 - 000000000 ____D C:\Documents and Settings\Piotr\Pulpit
2021-08-23 22:11 - 2013-03-22 20:34 - 000000000 ____D C:\Documents and Settings\All Users\Pulpit
2021-08-23 22:11 - 2013-03-22 20:34 - 000000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy
2021-08-23 21:57 - 2013-03-22 20:34 - 000000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji
2021-08-19 18:51 - 2016-04-24 11:43 - 000000000 ____D C:\Documents and Settings\Piotr\Moje dokumenty\Autodata
2021-08-18 18:05 - 2013-03-23 13:11 - 000000000 ____D C:\Documents and Settings\Piotr\Pulpit\Osobowe
2021-08-17 17:15 - 2017-12-09 11:50 - 000000000 ____D C:\Program Files\Multi
2021-08-10 12:07 - 2013-03-22 20:27 - 000000000 ___HD C:\WINDOWS\inf
2021-08-10 11:55 - 2013-03-22 19:51 - 000000000 ____D C:\Documents and Settings\Piotr\Moje dokumenty
2021-08-10 11:03 - 2013-03-22 20:34 - 000000000 ___RD C:\Documents and Settings\All Users\Menu Start
2021-08-10 11:03 - 2013-03-22 19:51 - 000000000 __RHD C:\Documents and Settings\Piotr\Dane aplikacji
2021-08-09 22:30 - 2017-07-02 10:58 - 000000626 _____ C:\Documents and Settings\Piotr\Pulpit\Fcom.lnk
2021-08-09 11:39 - 2013-03-23 12:12 - 000000000 ____D C:\Documents and Settings\Piotr\Dane aplikacji\DAEMON Tools Lite
2021-08-09 09:00 - 2013-04-08 17:55 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-08-09 09:00 - 2013-03-23 12:00 - 000000000 ____D C:\Program Files\Adobe
2021-08-09 08:30 - 2020-01-27 15:09 - 000000000 ____D C:\Documents and Settings\Piotr\Dane aplikacji\uTorrent
2021-08-09 08:30 - 2013-08-26 00:39 - 000000000 ____D C:\WINDOWS\Minidump
2021-08-08 13:29 - 2013-03-23 11:59 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2021-08-05 12:06 - 2018-12-27 20:39 - 000000026 _____ C:\WINDOWS\Zone.Identifier
2021-08-04 20:30 - 2021-05-18 17:00 - 000000000 ____D C:\vcp8
2021-08-04 12:55 - 2013-05-09 19:19 - 000000056 _____ C:\WINDOWS\Acroread.ini
2021-08-04 08:49 - 2019-02-18 10:04 - 000000000 __SHD C:\Documents and Settings\Piotr\wc
2021-07-30 22:47 - 2013-04-20 08:55 - 000001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2021-07-30 20:03 - 2013-03-22 20:27 - 000000000 ____D C:\WINDOWS\Media
2021-07-28 17:13 - 2021-07-26 21:18 - 000004721 _____ C:\WINDOWS\Asde_Dacia.ini
2021-07-28 17:13 - 2021-07-26 21:13 - 000004688 _____ C:\WINDOWS\Asde_Renault.ini
2021-07-28 17:10 - 2021-03-26 07:51 - 000000812 _____ C:\Documents and Settings\All Users\reg.xml

==================== Files in the root of some directories ========

2020-12-15 20:18 - 2020-12-15 23:11 - 000001668 _____ () C:\Program Files\INSTALL.LOG
2014-08-19 19:24 - 2014-08-19 19:24 - 000002528 _____ () C:\Documents and Settings\Piotr\Dane aplikacji\$_hpcst$.hpc
2015-01-14 15:02 - 2015-01-14 15:02 - 000000038 ___SH () C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\69ff07055291669bb2b218.72821112
2015-01-14 15:07 - 2015-01-14 15:07 - 000000037 ___SH () C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\70149b02515b3bb20dd492.47983420
2015-11-07 21:45 - 2017-09-13 21:06 - 000004608 _____ () C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-25 09:52 - 2015-03-29 20:33 - 000000041 _____ () C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\DiegoG3-3.0.3.1.INI
2013-03-22 21:53 - 2013-03-22 21:53 - 000000130 _____ () C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
2020-02-14 21:34 - 2020-02-14 21:34 - 000001861 _____ () C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\recently-used.xbel
2017-07-02 13:34 - 2019-02-12 22:04 - 000000162 _____ () C:\Documents and Settings\Piotr\Ustawienia lokalne\Dane aplikacji\uts.ini
2015-01-16 13:19 - 2015-01-16 13:32 - 000000041 ___SH () C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
2015-12-10 22:20 - 2015-12-10 22:20 - 000000057 _____ () C:\Documents and Settings\All Users\Dane aplikacji\Ament.ini
2018-08-26 22:31 - 2018-08-26 22:31 - 000004910 _____ () C:\Documents and Settings\All Users\Dane aplikacji\fqgjvmoc.eqt
2018-09-30 17:24 - 2018-09-30 17:24 - 000005008 _____ () C:\Documents and Settings\All Users\Dane aplikacji\hesicptl.idh
2018-04-25 16:32 - 2021-01-12 22:10 - 000001101 _____ () C:\Documents and Settings\All Users\Dane aplikacji\Microsoft.SqlServer.Compact.351.32.bc
2018-09-30 17:24 - 2018-09-30 17:24 - 000000016 _____ () C:\Documents and Settings\All Users\Dane aplikacji\mntemp
2017-12-09 11:50 - 2017-12-09 12:22 - 000000607 _____ () C:\Documents and Settings\All Users\Dane aplikacji\Multi.cfg
2017-11-05 10:13 - 2017-12-09 12:41 - 000021050 _____ () C:\Documents and Settings\All Users\Dane aplikacji\MultiInstall.log
2013-03-24 12:10 - 2017-10-16 16:55 - 000023552 _____ () C:\Documents and Settings\All Users\Dane aplikacji\ppe_fleetdb.vdb
2018-06-08 19:45 - 2018-06-08 19:45 - 000005053 _____ () C:\Documents and Settings\All Users\Dane aplikacji\sunuprce.nuw

==================== FLock ==============================

2021-08-27 07:55 C:\MANWIS
2008-04-15 14:00 C:\WINDOWS\system32\alg.exe
2010-08-26 10:37 C:\WINDOWS\system32\ati2evxx.exe
2008-04-15 14:00 C:\WINDOWS\system32\ctfmon.exe
2008-04-15 14:00 C:\WINDOWS\system32\lsass.exe
2010-07-23 11:34 C:\WINDOWS\system32\PrintDisp.exe
2008-04-15 14:00 C:\WINDOWS\system32\rundll32.exe
2008-04-15 14:00 C:\WINDOWS\system32\scardsvr.exe
2009-02-09 13:25 C:\WINDOWS\system32\services.exe
2010-08-17 15:17 C:\WINDOWS\system32\spoolsv.exe
2008-04-15 14:00 C:\WINDOWS\system32\svchost.exe
2008-04-15 14:00 C:\WINDOWS\system32\winlogon.exe
2013-05-07 21:43 C:\WINDOWS\diagerr.xml
2013-05-07 21:43 C:\WINDOWS\diagwrn.xml
2008-04-15 14:00 C:\WINDOWS\explorer.exe
2021-08-27 15:10 C:\WINDOWS\hsperfdata_SYSTEM
2013-03-22 21:29 C:\Documents and Settings\All Users\DRM
2018-04-13 12:06 C:\Documents and Settings\All Users\Dane aplikacji\Brother

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 001062912 _____ (Microsoft Corporation) A027452694281672D729EBE93FA07F6F

C:\WINDOWS\system32\userinit.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 000054272 _____ (Microsoft Corporation) D9488523C767E798EFAF34C76C06CD4C

C:\WINDOWS\system32\dllhost.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 000032768 _____ (Microsoft Corporation) F0B5429CF0D106B8E8B760C6A8749952

==================== End of FRST.txt ========================