Czy mogę prosić o pomoc? Spyhunter (którego usunę natychmiast) pisze mi o: HEUR.Malware.Misc.Packed.Generic i ELEX. Hijacker. W załączeniu logi po skanie FRST. Pozdrawiam ---- Wydzielono z tematu: Elex.LF co to jest?, jak to usunać? przez Dra98 dnia 29 Sty 2022 12:10
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 26-01-2022
Uruchomiony przez Karluum (administrator) KAREL (Dell Inc. OptiPlex 745) (28-01-2022 20:43:11)
Uruchomiony z C:\Users\Karluum\Downloads
Załadowane profile: Karluum
Platform: Microsoft Windows 10 Pro Wersja 21H1 19043.1466 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
() [Brak podpisu cyfrowego] C:\Windows\Samsung\PanelMgr\caller64.exe
() [Brak podpisu cyfrowego] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Acronis, Inc - & gt; Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis, Inc - & gt; Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Inc. - & gt; Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. - & gt; Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. - & gt; Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc. - & gt; Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. - & gt; Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CHENGDU YIWO Tech Development Co., Ltd. - & gt; ) [Brak podpisu cyfrowego] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. - & gt; CHENGDU YIWO Tech Development Co., Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(EnigmaSoft Limited - & gt; EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited - & gt; EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited - & gt; EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe & lt; 11 & gt;
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Hola Networks Ltd - & gt; Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(McAfee, Inc. - & gt; McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. - & gt; McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe & lt; 2 & gt;
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe & lt; 3 & gt;
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows Hardware Compatibility Publisher - & gt; AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher - & gt; AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation - & gt; Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe & lt; 23 & gt;
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe & lt; 5 & gt;
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation - & gt; National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation - & gt; National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(Nero AG - & gt; Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Samsung Electronics CO., LTD. - & gt; ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Samsung Electronics CO., LTD. - & gt; Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
(Samsung Electronics CO., LTD. - & gt; Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe
(Siemens AG - & gt; Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(Siemens AG - & gt; SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Sun Microsystems, Inc. - & gt; Sun Microsystems, Inc.) C:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1\bin\javaw.exe
(WIBU-SYSTEMS AG - & gt; WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
==================== Rejestr (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [BCSSync] = & gt; C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM\...\Run: [Windows Mobile Device Center] = & gt; C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] = & gt; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. - & gt; Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Samsung PanelMgr] = & gt; C:\Windows\Samsung\PanelMgr\ssmmgr.exe [696320 2011-11-18] () [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [STO Backup Service] = & gt; C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [199800 2012-09-27] (Samsung Electronics CO., LTD. - & gt; Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [STO Launcher Service] = & gt; C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [405624 2012-09-27] (Samsung Electronics CO., LTD. - & gt; Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] = & gt; C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. - & gt; Advanced Micro Devices, Inc.)
HKU\S-1-5-21-879878246-1194976344-2670115965-1000\...\Run: [GUDelayStartup] = & gt; C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2018-12-24] (Glarysoft LTD - & gt; Glarysoft Ltd)
HKU\S-1-5-21-879878246-1194976344-2670115965-1000\...\Run: [NIRegistrationWizard] = & gt; C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [794200 2016-06-01] (National Instruments Corporation - & gt; National Instruments Corporation)
HKU\S-1-5-21-879878246-1194976344-2670115965-1000\...\Run: [ChomikBox] = & gt; C:\Program Files (x86)\ChomikBox\chomikbox.exe [3941376 2018-03-12] () [Brak podpisu cyfrowego]
HKU\S-1-5-21-879878246-1194976344-2670115965-1000\...\MountPoints2: E - " E:\Start.exe "
HKU\S-1-5-21-879878246-1194976344-2670115965-1000\...\MountPoints2: {3e1ab611-2dc7-11ec-9de8-001e4f986a83} - " E:\Setup.exe "
HKU\S-1-5-21-879878246-1194976344-2670115965-1000\...\MountPoints2: {8926246e-d4fc-11e9-a183-001e4f986a83} - " E:\Setup.exe "
HKLM\...\Windows x64\Print Processors\ssb3mPC: C:\Windows\System32\spool\prtprocs\x64\ssb3mpc.dll [36864 2011-04-18] (Windows (R) Server 2003 DDK provider) [Brak podpisu cyfrowego]
HKLM\...\Windows x64\Print Processors\usp02PC: C:\Windows\System32\spool\prtprocs\x64\usp02pc.dll [43520 2014-02-24] (Microsoft Windows Hardware Compatibility Publisher - & gt; Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\system32\cpwmon64.dll [89008 2016-01-22] (Acro Software Inc. - & gt; )
HKLM\...\Print\Monitors\ssb3m Langmon: C:\WINDOWS\system32\ssb3ml6.dll [34304 2011-04-14] () [Brak podpisu cyfrowego]
HKLM\...\Print\Monitors\usp02 Langmon: C:\WINDOWS\system32\usp02l.dll [29184 2014-04-16] (Microsoft Windows Hardware Compatibility Publisher - & gt; )
HKLM\Software\...\AppCompatFlags\Custom\Siemens.Automation.Portal.exe: [{fdfc9ea1-fd21-4102-983e-f54931742522}.sdb] - & gt; Siemens.Automation.Portal.exe
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfc9ea1-fd21-4102-983e-f54931742522}: [DatabasePath] - & gt; C:\WINDOWS\AppPatch\CustomSDB\{fdfc9ea1-fd21-4102-983e-f54931742522}.sdb [2014-02-12]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-21] (Google LLC - & gt; Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] - & gt;
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] - & gt; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2018-11-27] (McAfee, Inc. - & gt; McAfee, LLC.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter " C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter " " C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter "
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2017-11-07]
ShortcutTarget: NI Error Reporting.lnk - & gt; C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation - & gt; National Instruments Corporation)
GroupPolicy: Ograniczenia ? & lt; ==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia & lt; ==== UWAGA
HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA
==================== Zaplanowane zadania (filtrowane) ============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {06300C80-DE44-416B-8995-CB822E165F05} - System32\Tasks\90E404F8-BE6B-9A0B-A840-E778226A71A6 = & gt; C:\Windows\SysWOW64\regsvr32.exe /n /s /i: " /65a1fbe8c878f751 /q " " C:\Users\Karluum\AppData\Local\4CE3F8~1\{6A42D~1. " & lt; ==== UWAGA
Task: {0715C0E7-B32E-4151-AF87-FE1D6F5EEF50} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake = & gt; {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0719BED4-3C0C-452B-A956-7A7C034C1019} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-03] (Google LLC - & gt; Google LLC)
Task: {09BE028C-D589-4E20-BCCA-E887A5AEEB94} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B = & gt; C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task " E7CF176E110C211B "
Task: {0DDB498C-F5FB-4E1F-B8FE-6A14CA562740} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Brak pliku)
Task: {0ED0E8DE-42EA-4120-97C7-87FD8EA89954} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 = & gt; C:\WINDOWS\system32\sipnotify.exe [334848 2019-07-13] (Microsoft Corporation) [Brak podpisu cyfrowego]
Task: {1123870C-0804-4198-B35B-9F11D102FA2A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask = & gt; C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Brak pliku)
Task: {11782D72-D9D2-4382-B94C-641173BE80AE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Brak pliku)
Task: {12CDCA9C-373E-41A5-9A95-274F3D6E903E} - System32\Tasks\Opera scheduled Autoupdate 1513370863 = & gt; C:\Users\Karluum\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Brak pliku)
Task: {1691C728-E772-45AC-AEEB-05DBBA10B30B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask = & gt; C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Brak pliku)
Task: {186E5024-17C6-44C1-85A2-6243BFF2504F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask = & gt; C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Brak pliku)
Task: {1A98F959-22A4-44A6-AF5E-568C81BEC0F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 = & gt; C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7055792 2022-01-24] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {1B11BEA5-465B-40E9-AB18-E2C3DC35A695} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry = & gt; C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Brak pliku)
Task: {1C1227D0-FC14-407D-AD25-89A7860DAE1E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon = & gt; C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [140160 2022-01-24] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {1D285B68-8D4C-4FD7-ADD9-8FF7F7B1AD10} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 = & gt; C:\WINDOWS\system32\sipnotify.exe [334848 2019-07-13] (Microsoft Corporation) [Brak podpisu cyfrowego]
Task: {2121028F-0F71-47C2-AFDE-63B394BB4F62} - System32\Tasks\Games\UpdateCheck_S-1-5-21-879878246-1194976344-2670115965-1000 = & gt; {CA22F5B1-E06F-4A2B-94FC-21E87FE53781}
Task: {25274B0C-6620-4AFE-95DD-925464B23206} - System32\Tasks\0915tbUpdateInfo = & gt; C:\ProgramData\Avg_Update_0915tb\0915tb_{7E591483-627D-4E3B-AF5F-1FF61F94A680}.exe /SETINFO /CMPID=0915tb /INFORETRY=3 /RUNBY=UP (Brak pliku)
Task: {32C23687-A02F-4D5C-BC69-C590DB8021E0} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager = & gt; {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {358E2987-64D2-457A-B2DF-FEF9F1EFFD8D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording = & gt; C:\WINDOWS\ehome\ehrec.exe /StartRecording (Brak pliku)
Task: {38B59629-5C46-4C2B-8398-D72E14C696FF} - System32\Tasks\{0758A693-7E4C-4237-9283-836933C97834} = & gt; C:\Users\Karluum\Downloads\Ntest(dobreprogramy.pl).exe (Brak pliku)
Task: {3B0245E6-7565-4DCA-90D1-0EC5E72B0D79} - System32\Tasks\{E89762FF-1B45-49E8-BC1E-4915AED57F9D} = & gt; C:\Users\Karluum\Downloads\Ntest(dobreprogramy.pl).exe (Brak pliku)
Task: {3E50598C-D12F-4384-9CAE-7E7407074526} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Brak pliku)
Task: {45DB0079-D130-44B6-B7A8-53168A9CB882} - \Microsoft\Windows\Setup\EOSNotify2 - & gt; Brak pliku & lt; ==== UWAGA
Task: {474F8686-BE07-4CFB-A756-2D5DC3F804C5} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart = & gt; {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration = & gt; {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {52071CC4-5509-4056-B18E-3A32E2341E94} - System32\Tasks\G2MUpdateTask-S-1-5-21-879878246-1194976344-2670115965-1000 = & gt; C:\Users\Karluum\AppData\Local\GoToMeeting\16474\g2mupdate.exe [32256 2020-01-12] (LogMeIn, Inc. - & gt; LogMeIn, Inc.)
Task: {5A9F0F93-B4CC-4A67-8A3C-2B8A7D9AE864} - System32\Tasks\{A9A1F7E1-57D7-432B-8C82-DF26D114CC02} = & gt; C:\Windows\system32\pcalua.exe -a C:\Users\Karluum\Documents\zip_repair.exe -d C:\Users\Karluum\Documents
Task: {5AB57579-5541-4A19-8472-040871C5D45E} - System32\Tasks\{BCD20621-6251-4E91-94BF-240B56437AAA} = & gt; C:\Windows\system32\pcalua.exe -a C:\Users\Karluum\Desktop\20030828155334718_20020729113435_sm957mb2k_xp\setup_xp.exe -d C:\Users\Karluum\Desktop\20030828155334718_20020729113435_sm957mb2k_xp
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls = & gt; {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5D95D09A-1676-4B3B-A927-A1D5FA5456E5} - System32\Tasks\AdobeGCInvoker-1.0 = & gt; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. - & gt; Adobe Systems, Incorporated)
Task: {5F3D6A37-3D0F-4DA0-BA2D-CDB024C810FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {5FB691C9-5A6D-491E-8792-D0DA7E5BE8D2} - System32\Tasks\AutoPico Daily Restart = & gt; J:\Aktywator [Argument = Office 2016\Aktywator Office 2016\AutoPico.exe /silent]
Task: {602C0B7A-5561-4C63-867B-B64CFE1022E3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Brak pliku)
Task: {61DA87D2-2747-48AF-B8EB-18B4A78B7EB4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Brak pliku)
Task: {65871BB2-DB66-4C14-8A25-9BA07186EBB1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21862256 2021-12-16] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {66B1C188-AC3F-4D32-9FE2-6CC8ED7D1E2C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate = & gt; C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Brak pliku)
Task: {7371D0B5-E18F-4E8C-B910-C2C5E8A1DF8C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Brak pliku)
Task: {764B3BEC-AC21-4483-A53D-B36F5BDB4964} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Brak pliku)
Task: {7CA5ADA0-D578-4849-9386-1CD5D9B86546} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Brak pliku)
Task: {8528879C-C518-4232-A0E4-38434E9ADEBA} - System32\Tasks\NIUpdateServiceCheckTask = & gt; C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [865288 2016-06-07] (National Instruments Corporation - & gt; National Instruments)
Task: {8F41BA08-71B6-4FE4-AA6C-2A7E39FBEE50} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {917250E2-5FF4-4A00-B34A-433FD9DB8538} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {9459C47A-A79F-4DE6-ACC4-960DD3BE8BC7} - System32\Tasks\GU5SkipUAC = & gt; C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [915920 2018-12-24] (Glarysoft LTD - & gt; Glarysoft Ltd)
Task: {9613A1C9-96E2-4902-8EE2-C0D4486ACFAA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask = & gt; C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Brak pliku)
Task: {9713ABE5-0DB8-4E38-B10B-69D75542BECC} - System32\Tasks\JKIUpdateTask = & gt; C:\Program Files (x86)\JKI\VI Package Manager\support\JKIUpdate.exe [545024 2016-03-21] (JKI - & gt; JKI) [Brak podpisu cyfrowego]
Task: {98E6DBDF-ABC0-45C2-9D72-FAA5E0F3090E} - System32\Tasks\Microsoft\Office\Office Feature Updates = & gt; C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [140160 2022-01-24] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {A0388B23-EBD7-43B8-94A2-4281142900FD} - System32\Tasks\NIUpdateServiceStartupTask = & gt; C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [865288 2016-06-07] (National Instruments Corporation - & gt; National Instruments)
Task: {A34E3CF2-B0A9-4C3A-81C6-450A25C5D0AA} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. - & gt; Adobe Inc.)
Task: {A543379E-F6C3-468A-BA22-B22A69500150} - System32\Tasks\{EF3B02DC-5EA2-48BD-8CD2-BB9837899C32} = & gt; C:\Windows\system32\pcalua.exe -a C:\Users\Karluum\Desktop\wi\WICleanupUI.EXE -d C:\Users\Karluum\Desktop\wi
Task: {A696126C-5D5E-490D-8D3E-C8090A58D8C3} - System32\Tasks\G2MUploadTask-S-1-5-21-879878246-1194976344-2670115965-1000 = & gt; C:\Users\Karluum\AppData\Local\GoToMeeting\16474\g2mupload.exe [32256 2020-01-12] (LogMeIn, Inc. - & gt; LogMeIn, Inc.)
Task: {AFC21FDF-124D-423F-8512-2F37C53F03D5} - \{43387504-2029-C3A0-46EC-A14E9DBFB949} - & gt; Brak pliku & lt; ==== UWAGA
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor = & gt; {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {BBA8F032-97F5-496F-9FD2-C69A99B653FF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Brak pliku)
Task: {BC9EAA7A-A83C-4780-9D17-BDCDD9565CF6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Brak pliku)
Task: {BD93CAC8-A5F0-4E7E-9A1C-C220074109DA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart = & gt; C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Brak pliku)
Task: {BE789C3C-8B51-465D-A5F8-9F1A5E397645} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Brak pliku)
Task: {BFB465BC-D3BC-42D2-8C10-09700E27ABF7} - System32\Tasks\Driver Easy Scheduled Scan = & gt; C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3978504 2021-07-29] (Easeware Technology Limited - & gt; Easeware)
Task: {C14C1FA7-06FE-4A1D-B223-7A95B267BE61} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B = & gt; C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {C1C4B99D-5713-4297-9FDB-F8231FA9A3BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {C35D8BE4-CE4A-488B-A5C1-AC76886401BB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 = & gt; C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7055792 2022-01-24] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {C43672CA-29D9-459D-81F8-610AEBFEE79A} - System32\Tasks\{E6AC8523-70EC-4A1F-AF96-FEF03561888B} = & gt; C:\Users\Karluum\Downloads\Samsung_SyncMaster765MB\Samsung SyncMaster765MB\MouScreen 2.01\MouScreen.exe (Brak pliku)
Task: {C7E77095-84D6-48AE-B8C4-DC1BD33DDB5D} - \Microsoft\Windows\Setup\EOSNotify - & gt; Brak pliku & lt; ==== UWAGA
Task: {DB0939C0-81D3-4957-A7B2-FB2258D09231} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21862256 2021-12-16] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {DFBC2CF2-436D-4E24-B08B-B0963B40BD8E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Brak pliku)
Task: {E30E107E-8BCC-45DF-B0B5-63A7DACCED27} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders = & gt; {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {E751CB2B-4D97-4455-A4D0-A6C294064CBD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit = & gt; C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Brak pliku)
Task: {ED2B9C0E-0605-445B-AE81-9D3533CB32F1} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent = & gt; {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {FF51014B-52ED-4A63-AEE1-D0996AFA392C} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-03] (Google LLC - & gt; Google LLC)
Task: {FF99EB04-B2DC-4D38-978F-1308589C67E3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask = & gt; C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Brak pliku)
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
Task: C:\WINDOWS\Tasks\0915tbUpdateInfo.job = & gt; C:\ProgramData\Avg_Update_0915tb\0915tb_{7E591483-627D-4E3B-AF5F-1FF61F94A680}.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job = & gt; C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-879878246-1194976344-2670115965-1000.job = & gt; C:\Users\Karluum\AppData\Local\GoToMeeting\19932\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-879878246-1194976344-2670115965-1000.job = & gt; C:\Users\Karluum\AppData\Local\GoToMeeting\19932\g2mupload.exe
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{17CBA2C9-5353-40B3-BEBB-26F2D8874851}: [DhcpNameServer] 192.168.1.1 192.168.0.254
Tcpip\..\Interfaces\{34921BDB-B040-4AF4-8464-2E989C67DE1D}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{4420112f-e00a-4bfa-8da8-368ccc0a3ae7}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{5B35FF1E-DC74-44B1-A2D9-105EF9620C24}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{a279c611-4775-449b-badf-0c7d972a2ffa}: [DhcpNameServer] 192.168.100.1
Edge:
=======
Edge Extension: (Brak nazwy) - & gt; AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; BookReader_B171F20233094AC88D05A8EF7B9763E8 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Karluum\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-27]
FireFox:
========
FF DefaultProfile: u9wvi9h7.default-1520109813955
FF ProfilePath: C:\Users\Karluum\AppData\Roaming\Mozilla\Firefox\Profiles\u9wvi9h7.default-1520109813955 [2022-01-28]
FF Notifications: Mozilla\Firefox\Profiles\u9wvi9h7.default-1520109813955 - & gt; hxxps://pl.pinterest.com
FF Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Karluum\AppData\Roaming\Mozilla\Firefox\Profiles\u9wvi9h7.default-1520109813955\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi [2021-08-06]
FF Extension: (Przelewy24) - C:\Users\Karluum\AppData\Roaming\Mozilla\Firefox\Profiles\u9wvi9h7.default-1520109813955\Extensions\jid1-AoXeeOB4j7kFdA@jetpack.xpi [2018-03-18]
FF Extension: (AdBlocker for YouTube™) - C:\Users\Karluum\AppData\Roaming\Mozilla\Firefox\Profiles\u9wvi9h7.default-1520109813955\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2021-10-25]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-01-24] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN - & gt; VideoLAN)
FF Plugin: Adobe Acrobat - & gt; C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. - & gt; Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - & gt; C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Brak pliku]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - & gt; C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc - & gt; Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-01-24] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-01-24] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeExManDetect - & gt; C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Brak pliku]
Chrome:
=======
CHR Profile: C:\Users\Karluum\AppData\Local\Google\Chrome\User Data\Default [2022-01-28]
CHR Extension: (Prezentacje) - C:\Users\Karluum\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-03]
CHR Extension: (Dokumenty) - C:\Users\Karluum\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-03]
CHR Extension: (Dysk Google) - C:\Users\Karluum\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-22]
CHR Extension: (YouTube) - C:\Users\Karluum\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-03]
CHR Extension: (Arkusze) - C:\Users\Karluum\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Karluum\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-19]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Karluum\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-22]
CHR Extension: (Gmail) - C:\Users\Karluum\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-24]
==================== Usługi (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [894688 2009-12-11] (Acronis, Inc - & gt; Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. - & gt; Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2480048 2017-10-31] (Acronis, Inc - & gt; Acronis)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. - & gt; Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. - & gt; Adobe Systems, Incorporated)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1563968 2014-01-13] (Siemens AG - & gt; SIEMENS AG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9192328 2021-12-16] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; CHENGDU YIWO Tech Development Co., Ltd) [Brak podpisu cyfrowego]
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [17301280 2022-01-28] (EnigmaSoft Limited - & gt; EnigmaSoft Limited)
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [21051840 2019-11-28] (Hola Networks Ltd - & gt; Hola Networks Ltd.) & lt; ==== UWAGA
R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2015-06-05] (National Instruments Corporation - & gt; National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [50200 2016-06-08] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [60440 2016-06-08] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [94752 2016-05-23] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [65096 2016-05-31] (National Instruments Corporation - & gt; National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [83528 2016-05-31] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [594984 2016-05-27] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [394264 2016-06-08] (National Instruments Corporation - & gt; National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (National Instruments Corporation - & gt; Macrovision Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [334424 2016-05-31] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [179304 2016-05-31] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [102512 2016-05-19] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [65080 2016-05-31] (National Instruments Corporation - & gt; National Instruments Corporation)
R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [699952 2016-06-05] (National Instruments Corporation - & gt; National Instruments Corporation)
S3 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [144608 2014-01-16] (Siemens AG - & gt; Siemens AG)
S2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [472288 2014-01-16] (Siemens AG - & gt; Siemens AG)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] (Samsung Electronics CO., LTD. - & gt; )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-12] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [528160 2022-01-28] (EnigmaSoft Limited - & gt; EnigmaSoft Limited)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [352688 2018-11-27] (McAfee, Inc. - & gt; McAfee, LLC.)
S3 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [352688 2018-11-27] (McAfee, Inc. - & gt; McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2018-11-27] (McAfee, Inc. - & gt; McAfee, LLC.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
===================== Sterowniki (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego]
R3 dpmconv; C:\WINDOWS\System32\drivers\dpmconv.sys [259584 2013-08-07] (Microsoft Windows Hardware Compatibility Publisher - & gt; Siemens AG)
R3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [76744 2022-01-28] (EnigmaSoft Limited - & gt; EnigmaSoft Limited)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [27008 2019-12-27] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [21376 2019-12-27] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; Windows (R) Codename Longhorn DDK provider)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [66040 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; CHENGDU YIWO Tech Development Co., Ltd) [Brak podpisu cyfrowego]
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53240 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; ) [Brak podpisu cyfrowego]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [23544 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; CHENGDU YIWO Tech Development Co., Ltd) [Brak podpisu cyfrowego]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [197624 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; CHENGDU YIWO Tech Development Co., Ltd) [Brak podpisu cyfrowego]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [14720 2019-12-27] (CHENGDU YIWO Tech Development Co., Ltd. - & gt; )
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-12-31] (Glarysoft LTD - & gt; Glarysoft Ltd)
R3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited - & gt; Windows (R) Codename Longhorn DDK provider)
R3 s7odpx2x64; C:\WINDOWS\System32\drivers\s7odpx2x64.sys [71168 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher - & gt; SIEMENS AG)
R3 s7oppinx64; C:\WINDOWS\System32\drivers\s7oppinx64.sys [107520 2012-07-24] (Microsoft Windows Hardware Compatibility Publisher - & gt; SIEMENS AG)
R3 s7oserix64; C:\WINDOWS\System32\Drivers\s7oserix64.sys [121856 2012-07-24] (Microsoft Windows Hardware Compatibility Publisher - & gt; SIEMENS AG)
R3 s7osmcax64; C:\WINDOWS\System32\drivers\s7osmcax64.sys [199680 2012-07-24] (Microsoft Windows Hardware Compatibility Publisher - & gt; SIEMENS AG)
R3 s7osobux64; C:\WINDOWS\System32\drivers\s7osobux64.sys [153600 2012-07-24] (Microsoft Windows Hardware Compatibility Publisher - & gt; SIEMENS AG)
R3 s7otmcd64x; C:\WINDOWS\System32\Drivers\s7otmcd64x.sys [199680 2012-07-24] (Microsoft Windows Hardware Compatibility Publisher - & gt; SIEMENS AG)
R3 s7otranx64; C:\WINDOWS\System32\drivers\s7otranx64.sys [260608 2013-12-02] (Microsoft Windows Hardware Compatibility Publisher - & gt; Siemens AG)
R3 s7otsadx64; C:\WINDOWS\System32\drivers\s7otsadx64.sys [196096 2012-07-24] (Microsoft Windows Hardware Compatibility Publisher - & gt; SIEMENS AG)
R2 s7ousbu64x; C:\WINDOWS\System32\drivers\s7ousbu64x.sys [137216 2013-12-17] (Microsoft Windows Hardware Compatibility Publisher - & gt; Siemens AG)
R2 s7sn2srtx; C:\WINDOWS\system32\DRIVERS\s7sn2srtx.sys [83032 2012-05-09] (SIEMENS AG - & gt; SIEMENS AG)
R2 SNTIE; C:\WINDOWS\System32\DRIVERS\sntie.sys [359648 2013-10-28] (Siemens AG - & gt; Siemens AG)
R0 tdrpman258; C:\WINDOWS\System32\DRIVERS\tdrpm258.sys [1477728 2017-10-31] (Acronis, Inc - & gt; Acronis)
R3 vsnl2ada; C:\WINDOWS\System32\drivers\vsnl2ada.sys [128000 2013-08-07] (Microsoft Windows Hardware Compatibility Publisher - & gt; SIEMENS AG)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows - & gt; Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows - & gt; Microsoft Corporation)
U3 idsvc; Brak ImagePath
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc (utworzone) (filtrowane) =========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2022-01-28 20:43 - 2022-01-28 20:46 - 000044084 _____ C:\Users\Karluum\Downloads\FRST.txt
2022-01-28 20:39 - 2022-01-28 20:39 - 002311680 _____ (Farbar) C:\Users\Karluum\Downloads\FRST64.exe
2022-01-28 20:20 - 2022-01-28 20:20 - 000076744 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2022-01-15 10:23 - 2022-01-15 10:23 - 000006243 _____ C:\Users\Karluum\Documents\PG.txt
2022-01-14 19:46 - 2022-01-28 09:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-01-14 18:54 - 2022-01-14 19:01 - 000000000 ____D C:\Users\Karluum\Desktop\gallo
2022-01-13 19:23 - 2022-01-13 19:23 - 000000004 ____H C:\ProgramData\cm-lock
2022-01-12 06:13 - 2022-01-12 06:13 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-12 06:13 - 2022-01-12 06:13 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-12 06:13 - 2022-01-12 06:13 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-12 05:55 - 2022-01-12 05:55 - 000000000 ___HD C:\$WinREAgent
2022-01-03 12:20 - 2022-01-03 13:53 - 000000000 ____D C:\Users\Karluum\Desktop\Busso
==================== Jeden miesiąc (zmodyfikowane) ==================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2022-01-28 20:47 - 2016-03-25 08:54 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-28 20:45 - 2018-03-03 22:01 - 000000000 ____D C:\FRST
2022-01-28 20:31 - 2019-11-06 16:42 - 000000068 ___SH C:\WINDOWS\system32\Drivers\vdrvroot.winsecurity
2022-01-28 20:19 - 2021-02-23 20:23 - 000001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter5.lnk
2022-01-28 20:19 - 2018-11-06 19:09 - 000001055 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2022-01-28 20:18 - 2020-11-10 17:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-28 20:04 - 2019-11-06 16:42 - 000000068 ___SH C:\WINDOWS\system32\Drivers\WdfLdr.winsecurity
2022-01-28 19:37 - 2016-12-01 20:07 - 000000000 ____D C:\Users\Karluum\AppData\LocalLow\Mozilla
2022-01-28 19:10 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-28 18:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-28 18:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-28 14:05 - 2019-10-03 12:58 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-27 15:00 - 2016-01-06 15:08 - 000000000 ____D C:\Users\Karluum\AppData\Local\ChomikBox
2022-01-27 15:00 - 2015-05-03 12:46 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-27 14:59 - 2016-01-06 15:08 - 000000000 ____D C:\Users\Karluum\.gstreamer-0.10
2022-01-26 01:05 - 2020-11-28 09:47 - 000003416 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b7825d800979
2022-01-26 01:05 - 2020-11-10 18:01 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-24 21:54 - 2021-12-11 21:58 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-879878246-1194976344-2670115965-1000
2022-01-24 21:54 - 2020-11-10 18:01 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-879878246-1194976344-2670115965-1000
2022-01-24 21:54 - 2020-11-10 17:50 - 000002464 _____ C:\Users\Karluum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-24 19:46 - 2015-05-03 21:47 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-22 10:21 - 2020-06-06 23:31 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-22 10:20 - 2021-10-09 10:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-22 10:20 - 2015-05-03 12:46 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-21 20:41 - 2020-05-03 08:23 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-21 20:41 - 2020-05-03 08:23 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-21 20:34 - 2020-11-10 18:01 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 20:34 - 2020-11-10 18:01 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-15 13:58 - 2015-05-03 12:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-14 22:43 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-01-14 18:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-13 19:28 - 2020-11-10 17:59 - 001922414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-13 19:28 - 2019-12-07 16:09 - 000823514 _____ C:\WINDOWS\system32\perfh015.dat
2022-01-13 19:28 - 2019-12-07 16:09 - 000171532 _____ C:\WINDOWS\system32\perfc015.dat
2022-01-13 19:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-13 19:21 - 2020-11-10 18:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-13 06:59 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-13 06:58 - 2020-11-10 17:47 - 005154384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-13 06:56 - 2019-12-07 16:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-13 06:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-13 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-13 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-13 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-13 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-13 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-13 06:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-12 17:26 - 2020-11-10 18:01 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-12 17:25 - 2021-12-10 20:31 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-12 17:25 - 2021-12-10 20:31 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-12 06:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-12 05:54 - 2015-05-09 19:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-12 05:48 - 2015-05-09 19:39 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-11 22:51 - 2015-05-04 23:04 - 000000000 ____D C:\Users\Karluum\AppData\Roaming\vlc
2022-01-11 22:26 - 2021-02-24 12:58 - 000000000 ____D C:\Users\Karluum\Documents\My Kindle Content
2022-01-05 00:04 - 2020-11-10 17:50 - 000000000 ____D C:\Users\Karluum
2022-01-02 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
==================== Pliki w katalogu głównym wybranych folderów ========
2015-08-22 21:15 - 2019-01-26 07:02 - 000000180 _____ () C:\Users\Karluum\AppData\Roaming\default.rss
2015-10-04 22:02 - 2015-10-04 22:02 - 000000000 _____ () C:\Users\Karluum\AppData\Roaming\downloads.m3u
2018-09-30 16:08 - 2018-09-30 16:08 - 000000000 _____ () C:\Users\Karluum\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
==================== Koniec FRST.txt ========================