Hej, mam problem z dll-propagation... Jak dziecko... przy torrentach się przemycił :/ Bardzo proszę o pomoc kolegów. Pliki FRST.txt i Addition.txt po przeskanowaniu FRST64 w załączniku. Dodatkowo pojawił się plik fixlist.txt - podobny czas utworzenia, więc zakładam, że jest jakoś powiązany... Bardzo proszę o podesłanie skryptu. Z góry serdecznie dziękuję!
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 12-04-2022 03
Uruchomiony przez Sławek (administrator) KCBLW78J2CRY1 (Dell Inc. Latitude E6430) (11-04-2022 22:31:31)
Uruchomiony z C:\Users\Sławek\Downloads
Załadowane profile: Sławek
Platform: Microsoft Windows 7 Enterprise Service Pack 1 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Alps Electric Co., LTD. - & gt; Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Autonomy - & gt; Autonomy Corporation plc) C:\Program Files (x86)\Autonomy\Connected BackupPC\Agent.exe
(AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - & gt; ) (Oracle America, Inc. - & gt; Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - & gt; ) (Piriform Software Ltd - & gt; Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - & gt; ) (Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe - & gt; ) (GN AUDIO A/S - & gt; GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\SoftphoneIntegrations.exe
(C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe - & gt; ) (McAfee, Inc. - & gt; McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\saHookMain.exe
(C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe - & gt; ) (McAfee, Inc. - & gt; McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\x64\saHookMain.exe
(C:\Program Files\DellTPad\Apoint.exe - & gt; ) (Alps Electric Co., LTD. - & gt; Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe - & gt; ) (Alps Electric Co., LTD. - & gt; Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\Microsoft Application Virtualization\Client\AppVClient.exe - & gt; ) (Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization\Client\AppVStreamingUX.exe
(C:\Program Files\mks_vir\bin\mks_virmon.exe - & gt; ) (Arcabit Sp. z o.o. - & gt; ) C:\Program Files\mks_vir\bin\scanenginecon.exe
(C:\Program Files\mks_vir\bin\mks_virmon.exe - & gt; ) (Arcabit Sp. z o.o. - & gt; Arcabit/mks_vir) C:\Program Files\mks_vir\bin\mks_virapps.exe
(C:\Program Files\mks_vir\bin\mks_virsv.exe - & gt; ) (Arcabit Sp. z o.o. - & gt; mks_vir) C:\Program Files\mks_vir\bin\mks_virmenu.exe
(C:\Program Files\mks_vir\bin\mks_virsv.exe - & gt; ) (Arcabit Sp. z o.o. - & gt; mks_vir) C:\Program Files\mks_vir\bin\mks_virmon.exe
(C:\Users\SAWEK~1\AppData\Local\Temp\24qrrXHyyao7PIDSMXbgocvqIlv\services.exe - & gt; ) (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\Sławek\AppData\Roaming\.dllbackups\data\modules\dll-propagation\dll-propagation_2.9.8.exe
(C:\Users\Sławek\AppData\Roaming\.dllbackups\data\modules\dll-propagation\dll-propagation_2.9.8.exe - & gt; ) (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Users\SAWEK~1\AppData\Local\Temp\1xq0MkKMTM0YtEl1JnXJ2x0ArfP\dll-propagation.exe & lt; 4 & gt;
(C:\Users\Sławek\AppData\Roaming\.dllbackups\dllservices.exe - & gt; ) (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Users\SAWEK~1\AppData\Local\Temp\24qrrXHyyao7PIDSMXbgocvqIlv\services.exe & lt; 5 & gt;
(explorer.exe - & gt; ) (Alps Electric Co., LTD. - & gt; Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(explorer.exe - & gt; ) (Broadcom Corporation - & gt; Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(explorer.exe - & gt; ) (Dell Inc - & gt; Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(explorer.exe - & gt; ) (Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe & lt; 30 & gt;
(explorer.exe - & gt; ) (Intel Corporation - & gt; Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe - & gt; ) (Intel Corporation - & gt; Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe - & gt; ) (Microsoft Corporation - & gt; Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(explorer.exe - & gt; ) (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\Sławek\AppData\Roaming\.dllbackups\dllservices.exe
(explorer.exe - & gt; ) (Microsoft Windows Hardware Compatibility Publisher - & gt; IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(explorer.exe - & gt; ) (SEIKO EPSON CORPORATION - & gt; Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE
(GN AUDIO A/S - & gt; GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe & lt; 5 & gt;
(Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Kontiki, Inc - & gt; Kontiki Inc.) C:\Program Files (x86)\Kontiki\KHost.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\fvenotify.exe
(Oracle America, Inc. - & gt; Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Podatnik S.A. - & gt; Podatnik S.A.) C:\Program Files (x86)\Podatnik.info\PIT pro 2019\Widget.exe
(Seiko Epson Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe - & gt; ) (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe - & gt; ) (Arcabit Sp. z o.o. - & gt; mks_vir) C:\Program Files\mks_vir\bin\mks_virsv.exe
(services.exe - & gt; ) (Aternity Systems LTD.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Aternity Information Systems\Assistant\A180AA.exe
(services.exe - & gt; ) (Autonomy - & gt; Autonomy Corporation plc) C:\Program Files (x86)\Autonomy\Connected BackupPC\AgentService.exe
(services.exe - & gt; ) (AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe - & gt; ) (Broadcom Corporation - & gt; Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(services.exe - & gt; ) (Dell Inc - & gt; Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(services.exe - & gt; ) (Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe - & gt; ) (Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe - & gt; ) (Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe - & gt; ) (Intel Corporation - & gt; Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe - & gt; ) (Intel® Upgrade Service - & gt; Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe - & gt; ) (Kontiki, Inc - & gt; Kontiki Inc.) C:\Program Files (x86)\Kontiki\KService.exe
(services.exe - & gt; ) (McAfee, Inc. - & gt; McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe
(services.exe - & gt; ) (McAfee, Inc. - & gt; McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(services.exe - & gt; ) (Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(services.exe - & gt; ) (Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(services.exe - & gt; ) (Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization\Client\AppVClient.exe
(services.exe - & gt; ) (Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft Forefront Identity Manager\2010\Password Reset Client Service\PwdMgmtProxy.exe
(services.exe - & gt; ) (Microsoft Corporation - & gt; Microsoft Corporation) C:\Windows\CCM\CcmExec.exe
(services.exe - & gt; ) (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(services.exe - & gt; ) (Microsoft Windows Hardware Compatibility Publisher - & gt; IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe - & gt; ) (Podatnik S.A. - & gt; Podatnik S.A.) C:\Program Files (x86)\Podatnik.info\PIT pro 2019\pproupd.exe
(services.exe - & gt; ) (Samsung Electronics CO., LTD. - & gt; DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe - & gt; ) (SEIKO EPSON Corporation - & gt; SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(services.exe - & gt; ) (SEIKO EPSON CORPORATION - & gt; Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe - & gt; ) (Skype Software Sarl - & gt; Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(services.exe - & gt; ) (Wondershare Technology Co.,Ltd - & gt; Wondershare) C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe
(services.exe - & gt; ) (Wondershare Technology Co.,Ltd - & gt; Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
(svchost.exe - & gt; ) (Broadcom Corporation - & gt; Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(svchost.exe - & gt; ) (Intel Corporation - & gt; Intel Corporation) C:\Windows\System32\igfxext.exe
(svchost.exe - & gt; ) (Intel Corporation - & gt; Intel Corporation) C:\Windows\System32\igfxsrvc.exe
==================== Rejestr (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [SysTrayApp] = & gt; C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-02-13] (Microsoft Windows Hardware Compatibility Publisher - & gt; IDT, Inc.)
HKLM\...\Run: [Apoint] = & gt; C:\Program Files\DellTPad\Apoint.exe [626552 2012-01-25] (Alps Electric Co., LTD. - & gt; Alps Electric Co., Ltd.)
HKLM\...\Run: [PasswordRegistration] = & gt; C:\WINDOWS\system32\MsPwdRegistration.exe [32344 2014-09-01] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM\...\Run: [Windows Mobile Device Center] = & gt; C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] = & gt; C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech - & gt; Logitech, Inc.)
HKLM-x32\...\Run: [IAStorIcon] = & gt; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation - & gt; Intel Corporation)
HKLM-x32\...\Run: [IMSS] = & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation - & gt; Intel Corporation)
HKLM-x32\...\Run: [SoftGridTray] = & gt; C:\Program Files (x86)\Microsoft Application Virtualization Client\SFTTray.exe [859304 2013-08-21] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated)
HKLM-x32\...\Run: [AgentUiRunKey] = & gt; " C:\Program Files (x86)\Autonomy\Connected BackupPC\Agent.exe " -ni -sss -e hxxp://localhost:16386/ (Brak pliku)
HKLM-x32\...\Run: [kdx] = & gt; C:\Program Files (x86)\Kontiki\KHost.exe [1379448 2014-03-07] (Kontiki, Inc - & gt; Kontiki Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. - & gt; Oracle Corporation)
HKLM-x32\...\Run: [WidgetPodatnikInfo] = & gt; C:\Program Files (x86)\Podatnik.info\PIT pro 2019\Widget.exe [267160 2021-04-01] (Podatnik S.A. - & gt; Podatnik S.A.)
HKLM-x32\...\Run: [EEventManager] = & gt; C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [Jabra Direct] = & gt; C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [106801536 2021-02-01] (GN AUDIO A/S - & gt; GN Audio A/S)
HKLM-x32\...\Run: [CMS] = & gt; C:\Program Files (x86)\CMS\CMS.exe [3821568 2019-03-12] () [Brak podpisu cyfrowego]
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] & lt; ==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia & lt; ==== UWAGA
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [Spotify] = & gt; C:\Users\Sławek\AppData\Roaming\Spotify\Spotify.exe [20025272 2022-03-25] (Spotify AB - & gt; Spotify Ltd)
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [CCleaner Smart Cleaning] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd - & gt; Piriform Software Ltd)
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [735336 2019-01-25] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [InstMP_Service] = & gt; C:\Users\Sławek\AppData\Local\InstallShield\InstMP.exe [10240 2019-08-21] () [Brak podpisu cyfrowego]
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [EPLTarget\P0000000000000000] = & gt; C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION - & gt; Seiko Epson Corporation)
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [iCloudServices] = & gt; C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-07-24] (Apple Inc. - & gt; Apple Inc.)
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [ApplePhotoStreams] = & gt; C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-07-24] (Apple Inc. - & gt; Apple Inc.)
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [iCloudDrive] = & gt; C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-07-24] (Apple Inc. - & gt; Apple Inc.)
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [iCloudPhotos] = & gt; C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-07-24] (Apple Inc. - & gt; Apple Inc.)
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [electron.app.dllservices] = & gt; C:\Users\Sławek\AppData\Roaming\.dllbackups\dllservices.exe [63160117 2022-02-27] (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] & lt; ==== UWAGA
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\Run: [electron.app.services] = & gt; C:\Users\Sławek\AppData\Roaming\.dllbackups\dllservices.exe [63160117 2022-02-27] (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] & lt; ==== UWAGA
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\RunOnce: [FlashPlayerUpdate] = & gt; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. - & gt; Adobe)
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\MountPoints2: {293ae45c-2095-11e9-aff2-b00594f3c5f7} - F:\Fairlight\Installer.exe
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\MountPoints2: {7f41c89d-ecd5-11e7-b731-b00594f3c5f7} - F:\SETUP.EXE
HKU\S-1-5-21-3589725667-2707424421-2716767340-1006\...\MountPoints2: {7f41c8a1-ecd5-11e7-b731-b00594f3c5f7} - G:\SETUP.EXE
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd - & gt; Piriform Software Ltd)
HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\WINDOWS\System32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher - & gt; Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\System32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego]
HKLM\...\Print\Monitors\rica1Ilm: C:\WINDOWS\System32\rica1Ilm.dll [27136 2010-12-07] (RICOH CO.,Ltd.) [Brak podpisu cyfrowego]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{23170F69-40C1-2702-0920-000001000000}] - & gt; msiexec /fu {23170F69-40C1-2702-0920-000001000000} /qn
HKLM\Software\Microsoft\Active Setup\Installed Components: [{26A24AE4-039D-4CA4-87B4-2F86417025FF}] - & gt; C:\Program Files\Java\jre7\Copy_Data_File.EXE [2013-08-13] () [Brak podpisu cyfrowego]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] - & gt; C:\WINDOWS\system32\cmd.exe /D /C start C:\WINDOWS\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-06] (Google LLC - & gt; Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [CHATR000321ENGC1] - & gt; c:\programdata\CHATR000321ENGC1\UserConfig.bat [2014-03-28] () [Brak podpisu cyfrowego]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [CONAD000518ENGC1] - & gt; msiexec.exe /fpu {4680CD8D-8B27-466C-BB11-3F43F56BA53B} /qn
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [OFFICE02013GENC2] - & gt; c:\programdata\OFFICE02013GENC2\PinToTaskbarOffice.vbs [2014-03-12] () [Brak podpisu cyfrowego]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{270B1484-AD76-4558-9039-2F675807F6AA}] - & gt; msiexec /fu {270B1484-AD76-4558-9039-2F675807F6AA} /qn
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8271EF83-FBE3-4359-99FE-7797384D3B94}] - & gt; msiexec /fu {8271EF83-FBE3-4359-99FE-7797384D3B94}
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{E85CF23C-BAB9-4255-8CEB-A66EE817CF1F}] - & gt; msiexec /fu {E85CF23C-BAB9-4255-8CEB-A66EE817CF1F}
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{FD7FD5E1-412D-4166-8445-9E193EE24F77}] - & gt; msiexec /fu {FD7FD5E1-412D-4166-8445-9E193EE24F77}
HKLM\Software\...\Authentication\Credential Providers: [{3DD6481A-A712-4c4c-88FF-6DDCAB28DE86}] - & gt; C:\WINDOWS\System32\MsPwdCredProv.dll [2014-09-01] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] - & gt; C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2012-02-22] (Broadcom Corporation - & gt; Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] - & gt; C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2012-02-22] (Broadcom Corporation - & gt; Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FFF4AC6F-8A88-4070-90F6-3F55631826BB}] - & gt; C:\WINDOWS\System32\MsPwdCredProv.dll [2014-09-01] (Microsoft Corporation - & gt; Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-13]
ShortcutTarget: Bluetooth.lnk - & gt; C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation - & gt; Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Chatter Desktop.lnk [2014-03-28]
ShortcutTarget: Chatter Desktop.lnk - & gt; C:\Program Files (x86)\salesforce.com\Chatter Desktop\Chatter Desktop.exe (Brak pliku)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk [2013-11-13]
ShortcutTarget: Dell System Manager.lnk - & gt; C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc - & gt; Dell Inc.)
Startup: C:\Users\slawomir.lipina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chatter Desktop.lnk [2018-06-18]
ShortcutTarget: Chatter Desktop.lnk - & gt; C:\Program Files (x86)\salesforce.com\Chatter Desktop\Chatter Desktop.exe (Brak pliku)
Startup: C:\Users\slawomir.lipina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-09-02]
ShortcutTarget: Send to OneNote.lnk - & gt; C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Brak pliku)
Startup: C:\Users\Sławek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chatter Desktop.lnk [2018-03-11]
ShortcutTarget: Chatter Desktop.lnk - & gt; C:\Program Files (x86)\salesforce.com\Chatter Desktop\Chatter Desktop.exe (Brak pliku)
Startup: C:\Users\Sławek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-04-30]
ShortcutTarget: Send to OneNote.lnk - & gt; C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Brak pliku)
Startup: C:\Users\usys-admn-marcin.wdo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chatter Desktop.lnk [2018-06-24]
ShortcutTarget: Chatter Desktop.lnk - & gt; C:\Program Files (x86)\salesforce.com\Chatter Desktop\Chatter Desktop.exe (Brak pliku)
GroupPolicy: Ograniczenia ? & lt; ==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia & lt; ==== UWAGA
Policies: C:\Users\slawomir.lipina\NTUSER.pol: Ograniczenia & lt; ==== UWAGA
Policies: C:\Users\usys-admn-marcin.wdo\NTUSER.pol: Ograniczenia & lt; ==== UWAGA
HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA
==================== Zaplanowane zadania (filtrowane) ============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {00009D2F-5A09-4110-8997-E20DF1957CEB} - System32\Tasks\{54392DDC-7290-4EFD-A9D8-99A57D2B8B24} = & gt; C:\Users\Sławek\Desktop\SH\Sensual_Haunting\!Start.exe (Brak pliku)
Task: {040B4C35-590A-4A7B-895A-4516FE3A4F3B} - System32\Tasks\{6F0A1312-AE3B-49B1-B68A-485BE6E21591} = & gt; G:\Sławek\Game\MOHW.exe (Brak pliku)
Task: {070F6C6A-1D00-487D-8032-C9C819BDDDB1} - System32\Tasks\{9546C56B-8245-4932-AE22-305E4FBB506D} = & gt; C:\Program Files (x86)\Activision\Call of Duty 2\CoD2SP_s.exe (Brak pliku)
Task: {093AC37B-5753-4AC1-8686-8CF16D746358} - System32\Tasks\Admin-Rights-Remover = & gt; \S2.MS.UNILEVER.COM\SysVol\S2.MS.UNILEVER.COM\Policies\{E910EC8E-AF66-4BB3-9DF4-EDA00A484107}\User\Scripts\Logon\Admin-Rights-Remover.vbs (Brak pliku)
Task: {0B81E4BC-F21F-47FD-928A-425E3037B2B2} - System32\Tasks\{25A4F415-A61B-469E-B89D-67E9AF26FA0E} = & gt; E:\setup.exe (Brak pliku)
Task: {11E1BDF1-0C65-40A1-A581-3F322E139018} - System32\Tasks\CorelUpdateHelperTaskCore = & gt; C:\Program Files (x86)\Corel\CUH\v2\CUH.exe /t (Brak pliku)
Task: {1FB015C7-CA35-4D53-9DA9-8353BCFF7E27} - System32\Tasks\{8116AC3E-F270-4846-8F2D-AF869F96B13A} = & gt; C:\Users\Sławek\Downloads\Mafia.II.Digital.Deluxe.Edition.RUS.ENG.MULTi.RePack.-VickNet\setup.exe (Brak pliku)
Task: {24F1DABB-DE8B-4AE3-93D6-17C668706568} - System32\Tasks\{B195B3B0-F176-4879-B30F-566554DC8659} = & gt; C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {26BC801E-2F7F-48EB-BD7F-D92393F9032F} - System32\Tasks\Adobe Flash Player PPAPI Notifier = & gt; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. - & gt; Adobe)
Task: {2BCC6E5C-6AC6-4542-8E69-BE05FDDE0FA5} - System32\Tasks\Disable-Wifi-On-Lan-Copy = & gt; \S2.MS.UNILEVER.COM\SysVol\S2.MS.UNILEVER.COM\Policies\{904D96B4-F5B5-4F83-9057-C981E455395D}\Machine\Scripts\Startup\CopyLocal.vbs (Brak pliku)
Task: {2EA3AB55-E74D-474C-97B6-7055DC418996} - System32\Tasks\{1DE16936-8AA4-4A37-8898-4BF6CD0AFE3E} = & gt; F:\DVDCheck.exe (Brak pliku)
Task: {2F20A466-0728-47EE-AA85-8EF1FC43B828} - \Spooler SubSystem App - & gt; Brak pliku & lt; ==== UWAGA
Task: {30190741-6E40-4925-B6F4-DC32B56F86FC} - System32\Tasks\wininit = & gt; C:\ProgramData\unsecapp\spoolsv.exe (Brak pliku)
Task: {3275C04B-A937-4500-92AA-AE92E7833618} - System32\Tasks\Adobe Flash Player NPAPI Notifier = & gt; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. - & gt; Adobe)
Task: {40F2104C-137D-45CA-A202-27700050636B} - System32\Tasks\FreedomeReset = & gt; C:\Program Files (x86)\F-Secure\Freedome\Freset.exe (Brak pliku)
Task: {42329015-216C-462D-9872-C99CE83144D0} - System32\Tasks\{C2B521EC-6C3A-4112-B2A7-339F9C30B862} = & gt; G:\Sławek\Game\MOHW.exe (Brak pliku)
Task: {464B4106-A925-4347-8B87-924027AE26C7} - System32\Tasks\{F718109D-C601-4EE6-A859-50DE34303606} = & gt; E:\setup.exe (Brak pliku)
Task: {47F14852-9F1D-46C2-AE0C-166FA4A5BEAC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat = & gt; C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Brak pliku)
Task: {48716F4A-AC12-4FE7-98D9-0395CC3356A0} - System32\Tasks\{1785D882-039D-40AB-8391-1F74B3653CAF} = & gt; F:\Slav\AM\Sensual Haunting\Sensual_Haunting\!Start.exe (Brak pliku)
Task: {4B5D6F54-073F-4C33-B00D-FECBA8617D6C} - System32\Tasks\UACEnable = & gt; C:\Windows\System32\cscript.exe C:\ProgramData\RemoveMachineFromAD.vbs
Task: {4D4D5619-FCE0-4F29-80B2-ED51BDC7475A} - System32\Tasks\e-pity2019_styczen = & gt; C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [2248984 2020-02-29] (e-file sp. z o.o. - & gt; e-file sp. z o.o. sp. k.)
Task: {5558821A-4DE1-4D9A-A07B-0434430E891B} - System32\Tasks\{539EDF12-1C4C-424E-ACE6-6CF0E0D064AC} = & gt; F:\Slav\AM\Sensual Haunting\Sensual_Haunting\!Start.exe (Brak pliku)
Task: {56DC5905-3F2E-4EC8-BA0E-6D6E82F29D1F} - System32\Tasks\CCleaner Update = & gt; C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd - & gt; Piriform)
Task: {616BFF00-CE9C-4BBA-A2AB-894DD63C0604} - System32\Tasks\EPSON L3150 Series Update {4172BE64-2B3F-4752-91F2-014F5D21642B} = & gt; C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION - & gt; Seiko Epson Corporation)
Task: {6ADCB6AA-1341-48BA-A15D-8F963075EC42} - System32\Tasks\CCleanerSkipUAC - Sławek = & gt; C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd - & gt; Piriform Software Ltd)
Task: {6B905CE9-DDE5-4644-8370-6776C3986C5E} - System32\Tasks\{E65839FB-E883-451C-80F4-BE580B7E6565} = & gt; C:\WINDOWS\system32\pcalua.exe -a C:\Windows\NetSurveillance\uninstall.exe -c " /U:C:\WINDOWS\NetSurveillance\Uninstall\uninstall.xml "
Task: {710259AE-739C-4B44-B541-D9C8F4333E38} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection = & gt; {4ca7a766-13d8-4652-8016-b01a03117903}
Task: {77A12981-C352-4FD0-A7ED-475EA5424C87} - System32\Tasks\e-pity2019a_kwiecien = & gt; C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [2248984 2020-02-29] (e-file sp. z o.o. - & gt; e-file sp. z o.o. sp. k.)
Task: {7AF53218-C1CD-49F4-8363-2121B9204DB4} - System32\Tasks\FreedomeTrialReset = & gt; C:\ProgramData\F-Secure\Freedome\FreedomeTrialReset.exe (Brak pliku)
Task: {80F09F1C-8CB9-4F03-91BD-01F1E296D2AC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB = & gt; C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {84CEAA17-1788-4AE8-A1B8-90FFD38AA65E} - System32\Tasks\{222CA262-4464-4E17-A882-682240615846} = & gt; C:\Users\Sławek\Desktop\SH\Sensual_Haunting\!Start.exe (Brak pliku)
Task: {86E3CC80-C061-48D1-BDF8-F5A8CC27AE96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn = & gt; C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {8DAB1938-0EE6-44F3-B578-2DE5FCC0EFF0} - System32\Tasks\{B1096A8A-4A2C-4DE6-B745-EC48B3DBC3FF} = & gt; C:\Users\slawomir.lipina\Downloads\iTunes64Setup.exe (Brak pliku)
Task: {91CC3EF4-074C-4D06-B1E0-3E316B06F186} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1715567821-1659004503-839522115-608146 = & gt; {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746880 2010-11-21] (Microsoft Windows - & gt; Microsoft Corporation)
Task: {9E4B774E-4AE9-4220-A8CE-8418149DF968} - System32\Tasks\{2AEC9BD4-4369-47FB-AF61-7DB28B478F4B} = & gt; G:\Sławek\Game\MOHW.exe (Brak pliku)
Task: {9E724C75-88B5-4396-A317-E7429988FF44} - System32\Tasks\{D6E7F4C1-B20A-4EE2-B769-6136EB853155} = & gt; C:\WINDOWS\system32\pcalua.exe -a F:\DirectX9\dxsetup.exe -d F:\DirectX9
Task: {A46F4508-1B6A-4068-BD20-A0832DBD37D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack = & gt; C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {A70ED778-285C-4985-8AE0-18230B4BDC00} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-12] (Google Inc - & gt; Google Inc.)
Task: {A745BDA6-C913-41B5-A433-725B9BAF5959} - System32\Tasks\{892902D1-B78D-4BDF-9A1D-BE03A335F0ED} = & gt; D:\MTKV26B1 Aktywator POLECAM !!!\Microsoft Toolkit.exe (Brak pliku)
Task: {AC11D0C5-7E0E-4D1E-A4F5-3D6A7731B099} - System32\Tasks\Adobe Flash Player Updater = & gt; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. - & gt; Adobe)
Task: {AEBB44AC-2333-4FE6-A19D-80688758F069} - System32\Tasks\HealthCheckTool = & gt; C:\WINDOWS\System32\cscript.exe " C:\Program Files\SMS\HealthCheckTool\Scripts\HealthCheckTool.wsf "
Task: {B006EE64-67F9-4837-B9AF-8B3D7AC5C1A0} - System32\Tasks\Boot Time Logger = & gt; \S2.MS.UNILEVER.COM\SYSVOL\S2.MS.UNILEVER.COM\Policies\{06C0B6B1-36EB-4029-9127-00F122100C30}\Machine\Scripts\StartUp\EventLogBoottimeWMI.VBS (Brak pliku)
Task: {B9B2ED91-250D-4A8C-B98F-4EB08642EE0F} - System32\Tasks\csrss = & gt; C:\Users\Sławek\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\WmiPrvSE\svchost.exe (Brak pliku) & lt; ==== UWAGA
Task: {BD05BB98-AAC1-4033-BA47-AB888F1A2E49} - System32\Tasks\{4284D231-ADD0-4DCB-A418-8CE6E54207C9} = & gt; E:\setup.exe (Brak pliku)
Task: {C0AB57B5-24D7-4B69-A566-7C0CF5EFA9E1} - System32\Tasks\{39DB776B-2116-451B-A676-AC9D156AF3A4} = & gt; C:\Users\Sławek\Desktop\CoD2SP_s.exe (Brak pliku)
Task: {C5C61329-1EA2-458C-9D0D-CAA099D69A34} - System32\Tasks\{81199E38-26E7-43A3-B9A4-75AA24C1AF8B} = & gt; C:\WINDOWS\system32\pcalua.exe -a G:\setup.exe -d G:\
Task: {CB9A7ED8-1D7A-4328-AB0A-C4FBFA161686} - System32\Tasks\{849F7C56-92E3-450E-AB41-A76B2C800DAB} = & gt; F:\DVDCheck.exe (Brak pliku)
Task: {CFDD59F3-F538-4B9E-8A96-948428B26CDE} - System32\Tasks\Disable-Wifi-On-Lan-Run = & gt; C:\Windows\System32\cscript.exe c:\windows\Temp\Disable-Wifi-On-Lan.vbs & lt; ==== UWAGA
Task: {D739B5B4-B256-4B54-8CE3-F8E4280F48E3} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation = & gt; C:\WINDOWS\CCM\ccmeval.exe [1057464 2015-04-14] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {DC14BAFA-D838-4DEB-9538-F2D4279FD1F8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for {faf5b70c-1d66-4f58-ae3d-8cd538cc27aa} KCBLW78J2CRY1.S2.MS.UNILEVER.com = & gt; C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe (Brak pliku)
Task: {E02B2D8C-E765-451A-8918-6CCE7BC71968} - \Windows\Services\Management Service - & gt; Brak pliku & lt; ==== UWAGA
Task: {EFA7953A-2FE8-40AE-B5DE-12E18EDA0F79} - System32\Tasks\{CE450C95-72C3-4EBF-8502-5D57DCEAAA38} = & gt; E:\setup.exe (Brak pliku)
Task: {F7CD1B2F-F5DD-4C08-8EE2-64A87AD5E886} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB = & gt; C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task " 308046B0AF4A39CB "
Task: {FA97818C-3523-4623-8F1D-A31752716EFF} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-12] (Google Inc - & gt; Google Inc.)
Task: {FDFEFAEF-79D1-4840-A808-F004154842FC} - \Windows\Services\Windows Extension library for rastls - & gt; Brak pliku & lt; ==== UWAGA
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
Task: C:\WINDOWS\Tasks\Admin-Rights-Remover.job = & gt; 25\\S2 MS UNILEVER COM SysVol S2 MS UNILEVER COM Policies\ E910EC8E AF66 4BB3 9DF4 EDA00A484107 \User Scripts Logon Admin Rights Remover vbsaleksandra tworek0
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {4172BE64-2B3F-4752-91F2-014F5D21642B}.job = & gt; C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{4172BE64-2B3F-4752-91F2-014F5D21642B} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 & lt; ==== UWAGA (Ograniczenia - ProxySettings)
AutoConfigURL: [.DEFAULT] = & gt; hxxp://sum.edu.pl/proxy.pac
AutoConfigURL: [S-1-5-21-3589725667-2707424421-2716767340-1006] = & gt; hxxp://sum.edu.pl/proxy.pac
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2190BEA6-6A64-4C05-9587-CDF5481B2A26}: [DhcpNameServer] 192.168.100.254
Tcpip\..\Interfaces\{91587922-C9EA-4F2A-A63D-D72D1B0647C8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CA08B60B-9306-40B1-93AF-6DAFD75E7A4D}: [DhcpNameServer] 8.8.8.8
ManualProxies: 0hxxp://sum.edu.pl/proxy.pac
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia & lt; ==== UWAGA
FireFox:
========
FF DefaultProfile: ltyg8qlr.default
FF ProfilePath: C:\Users\Sławek\AppData\Roaming\Mozilla\Firefox\Profiles\ltyg8qlr.default [2022-02-27]
FF ProfilePath: C:\Users\Sławek\AppData\Roaming\Mozilla\Firefox\Profiles\z3qhj0bj.default-release [2022-04-11]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi = & gt; nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise
FF Extension: (Brak nazwy) - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise [2019-03-25] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox = & gt; nie znaleziono
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi = & gt; nie znaleziono
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. - & gt; )
FF Plugin: @java.com/DTPlugin,version=10.25.2 - & gt; C:\WINDOWS\system32\npDeployJava1.dll [2013-11-13] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-11-13] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. - & gt; )
FF Plugin-x32: @adobe.com/ShockwavePlayer - & gt; C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Brak podpisu cyfrowego]
FF Plugin-x32: @aternity.com/FPI - & gt; C:\ProgramData\Application Data\Aternity\hooks\npHtmlHook.dll [2014-11-05] (Aternity Information Systems LTD - & gt; Aternity Ltd)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-05] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-05] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - & gt; C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-26] (Adobe Systems, Incorporated - & gt; Adobe Systems Inc.)
FF Plugin-x32: JFGuide - & gt; C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll [Brak pliku]
FF Plugin-x32: JFWeb - & gt; C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll [Brak pliku]
FF Plugin HKU\S-1-5-21-3589725667-2707424421-2716767340-1006: @zoom.us/ZoomVideoPlugin - & gt; C:\Users\Sławek\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-12-01] (Zoom Video Communications, Inc. - & gt; Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3589725667-2707424421-2716767340-1006: SkypeForBusinessPlugin-16.2 - & gt; C:\Users\Sławek\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3589725667-2707424421-2716767340-1006: SkypeForBusinessPlugin64-16.2 - & gt; C:\Users\Sławek\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation - & gt; Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default [2022-04-09]
CHR Extension: (Google Translate) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-16]
CHR Extension: (Slides) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Docs) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-23]
CHR Extension: (Google Drive) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (YouTube) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-12]
CHR Extension: (Sheets) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (e-pity - dodatek) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2021-04-24]
CHR Extension: (Gmail) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-05]
CHR Profile: C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-09]
CHR Profile: C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-04-11]
CHR Notifications: Profile 1 - & gt; hxxps://www.leroymerlin.pl
CHR Extension: (Prezentacje) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-16]
CHR Extension: (Dokumenty) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-16]
CHR Extension: (Dysk Google) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-16]
CHR Extension: (YouTube) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-16]
CHR Extension: (Arkusze) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-29]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-16]
CHR Extension: (Gmail) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-16]
CHR Profile: C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-04-09]
CHR Extension: (Slides) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-07]
CHR Extension: (Kaspersky Protection) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-01-07]
CHR Extension: (Docs) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-07]
CHR Extension: (Google Drive) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-07]
CHR Extension: (YouTube) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-07]
CHR Extension: (McAfee SiteAdvisor Enterprise) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cmendinpapjjojakimjlmkkkcmnojefg [2022-01-07]
CHR Extension: (Sheets) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-07]
CHR Extension: (Google Docs Offline) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-07]
CHR Extension: (e-pity - dodatek) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2022-01-07]
CHR Extension: (Gmail) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-07]
CHR Profile: C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-04-09]
CHR Extension: (Slides) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-02]
CHR Extension: (Kaspersky Protection) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-02-02]
CHR Extension: (Docs) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-02]
CHR Extension: (Google Drive) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-02]
CHR Extension: (YouTube) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-02]
CHR Extension: (McAfee SiteAdvisor Enterprise) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cmendinpapjjojakimjlmkkkcmnojefg [2022-02-02]
CHR Extension: (Sheets) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-02]
CHR Extension: (Google Docs Offline) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-02]
CHR Extension: (e-pity - dodatek) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ofoeigeaodhbjogdigckajfhjbonaofg [2022-02-02]
CHR Extension: (Gmail) - C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-02]
CHR Profile: C:\Users\Sławek\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-09]
CHR HKLM\...\Chrome\Extension: [feobgjncdknhelkhjpiejdbpliekmfaj] - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McChPlg.crx & lt; nie znaleziono & gt;
CHR HKLM-x32\...\Chrome\Extension: [cmendinpapjjojakimjlmkkkcmnojefg]
CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg]
==================== Usługi (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 A180AA; C:\Program Files (x86)\Aternity Information Systems\Assistant\A180AA.exe [11776 2014-08-07] (Aternity Systems LTD.) [Brak podpisu cyfrowego]
S2 A180WD; C:\Program Files (x86)\Aternity Information Systems\Agent\A180WD.exe [298496 2014-11-05] (Aternity Systems LTD.) [Brak podpisu cyfrowego]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640 2013-09-05] (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. - & gt; Adobe)
R2 AgentService; C:\Program Files (x86)\Autonomy\Connected BackupPC\AgentService.exe [6789408 2013-08-02] (Autonomy - & gt; Autonomy Corporation plc)
R2 AppVClient; C:\Program Files\Microsoft Application Virtualization\Client\AppVClient.exe [726696 2013-11-07] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Skype Software Sarl - & gt; Microsoft Corporation)
R2 CcmExec; C:\WINDOWS\CCM\CcmExec.exe [1773240 2015-04-14] (Microsoft Corporation - & gt; Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation - & gt; Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2015-06-19] (Microsoft Dynamic Code Publisher - & gt; Microsoft Corporation)
S4 CmRcService; C:\WINDOWS\CCM\RemCtrl\CmRcService.exe [671928 2015-04-14] (Microsoft Corporation - & gt; Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-01-25] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-19] (SEIKO EPSON CORPORATION - & gt; Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation - & gt; SEIKO EPSON CORPORATION)
R2 FIMPasswordReset; C:\Program Files\Microsoft Forefront Identity Manager\2010\Password Reset Client Service\PwdMgmtProxy.exe [80448 2014-09-01] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
R2 KService; C:\Program Files (x86)\Kontiki\KService.exe [5356160 2014-03-07] (Kontiki, Inc - & gt; Kontiki Inc.)
S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 McAfee SiteAdvisor Enterprise Service; C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [161136 2014-09-23] (McAfee, Inc. - & gt; McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Brak podpisu cyfrowego]
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185280 2014-04-03] (McAfee, Inc. - & gt; McAfee, Inc.)
R2 mks_virsv; C:\Program Files\mks_vir\bin\mks_virsv.exe [4204944 2022-02-27] (Arcabit Sp. z o.o. - & gt; mks_vir)
R2 pproupd; C:\Program Files (x86)\Podatnik.info\PIT pro 2019\pproupd.exe [62208 2021-12-20] (Podatnik S.A. - & gt; Podatnik S.A.)
R2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 smstsmgr; C:\WINDOWS\CCM\TSManager.exe [316600 2015-04-14] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. - & gt; DEVGURU Co., LTD.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [313856 2012-02-13] (Microsoft Windows Hardware Compatibility Publisher - & gt; IDT, Inc.)
R2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-11-14] (Microsoft Windows - & gt; Microsoft Corporation)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd - & gt; Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [130336 2019-10-30] (Wondershare Technology Co.,Ltd - & gt; Wondershare)
===================== Sterowniki (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R3 arcaapps; C:\WINDOWS\system32\drivers\arcaapps.sys [40984 2022-02-27] (Arcabit Sp. z o.o. - & gt; Arcabit/mks_vir)
R3 ArcaFsAv; C:\WINDOWS\System32\DRIVERS\arcafsav.sys [27120 2022-04-10] (Arcabit Sp. z o.o. - & gt; Windows (R) Win 7 DDK provider)
R1 arcawfp; C:\WINDOWS\System32\drivers\arcawfp.sys [65608 2022-02-27] (Arcabit Sp. z o.o. - & gt; NetFilterSDK.com)
S3 DCamUSBVM; C:\WINDOWS\System32\Drivers\usbVM31b.sys [142336 2005-09-19] (Microsoft Windows Hardware Compatibility Publisher - & gt; Vimicro Corporation)
S3 DFX12; C:\WINDOWS\System32\drivers\dfx12x64.sys [29688 2020-09-28] (Power Technology - & gt; Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [42256 2019-01-25] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\DRIVERS\dtliteusbbus.sys [59360 2019-01-25] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
S3 fsfreedometap; C:\WINDOWS\System32\DRIVERS\fsfreedometap.sys [36592 2019-08-24] (F-Secure Corporation - & gt; The OpenVPN Project)
R2 LV_Tracker; C:\WINDOWS\System32\DRIVERS\LV_Tracker64.sys [54824 2012-05-17] (Iron Mountain Inc - & gt; )
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [180272 2014-04-03] (McAfee, Inc. - & gt; McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [311600 2014-04-03] (McAfee, Inc. - & gt; McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [782968 2014-04-03] (McAfee, Inc. - & gt; McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [107032 2014-04-03] (McAfee, Inc. - & gt; McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344176 2014-04-03] (McAfee, Inc. - & gt; McAfee, Inc.)
S3 percsas2; C:\WINDOWS\system32\drivers\percsas2.sys [53584 2012-06-02] (LSI Corporation - & gt; LSI Corporation)
S3 phantomtap; C:\WINDOWS\System32\DRIVERS\phantomtap.sys [35664 2019-06-05] (Avira Operations GmbH & Co. KG - & gt; The OpenVPN Project)
S3 prepdrvr; C:\WINDOWS\System32\DRIVERS\prepdrv.sys [26984 2015-04-14] (Microsoft Corporation - & gt; Microsoft Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2020-05-17] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Brak podpisu cyfrowego]
R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfswin7.sys [768680 2013-08-21] (Microsoft Corporation - & gt; Microsoft Corporation)
R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplaywin7.sys [273576 2013-08-21] (Microsoft Corporation - & gt; Microsoft Corporation)
R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [29864 2013-08-21] (Microsoft Corporation - & gt; Microsoft Corporation)
R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolwin7.sys [23208 2013-08-21] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [22128 2011-07-15] (STMicroelectronics - & gt; ST Microelectronics)
R3 STHDA; C:\WINDOWS\System32\DRIVERS\stwrt64.sys [535552 2012-02-13] (Microsoft Windows Hardware Compatibility Publisher - & gt; IDT, Inc.)
R3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. - & gt; The OpenVPN Project)
S3 tapoas; C:\WINDOWS\System32\DRIVERS\tapoas.sys [30720 2012-07-15] (OpenVPN Technologies, Inc. - & gt; The OpenVPN Project)
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 NgFilter; system32\DRIVERS\ngfilter.sys [X]
S3 NgLog; system32\DRIVERS\nglog.sys [X]
S3 NgVpn; system32\DRIVERS\ngvpn.sys [X]
S3 NgWfp; system32\DRIVERS\ngwfp.sys [X]
U4 SecurityHealthService; Brak ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc (utworzone) (filtrowane) =========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2022-04-11 22:20 - 2022-04-11 22:31 - 000067190 _____ C:\Users\Sławek\Downloads\Addition.txt
2022-04-11 22:15 - 2022-04-11 22:33 - 000054025 _____ C:\Users\Sławek\Downloads\FRST.txt
2022-04-11 22:15 - 2022-04-11 22:33 - 000000000 ___DC C:\FRST
2022-04-11 22:15 - 2022-04-11 22:15 - 002365952 _____ (Farbar) C:\Users\Sławek\Downloads\FRST64.exe
2022-04-11 22:14 - 2022-02-27 20:52 - 000040984 _____ (Arcabit/mks_vir) C:\WINDOWS\system32\Drivers\arcaapps.sys
2022-04-11 20:47 - 2022-04-11 20:47 - 019713957 _____ C:\Users\Sławek\Downloads\raport_techniczny.pdf
2022-04-11 20:39 - 2022-04-11 20:39 - 026361154 _____ C:\Users\Sławek\Downloads\RaportKoncowyTu-154M.pdf
2022-04-11 20:38 - 2022-04-11 20:38 - 000048826 _____ C:\Users\Sławek\Downloads\Publikacja-raportu-w-sprawie-katastrofy-samolotu-TU-154M-pod-Smolenskiem.pdf
2022-04-11 07:38 - 2022-04-11 08:12 - 000011077 _____ C:\Users\Sławek\Documents\Kalkulacje_Accounts.xlsx
2022-04-09 10:23 - 2022-04-09 10:35 - 001673639 _____ C:\Users\Sławek\Downloads\LidlparagonMC.jpeg
2022-04-06 09:59 - 2022-04-06 09:59 - 000000000 ___DC C:\Program Files\Mozilla Firefox
2022-04-03 12:22 - 2022-04-03 12:23 - 000001379 _____ C:\Users\Sławek\Desktop\test.txt
2022-03-29 19:14 - 2022-03-29 19:14 - 000057635 _____ C:\Users\Sławek\Documents\ZUS_Emerytura_Potrącenia.pdf
2022-03-29 19:00 - 2022-03-29 19:00 - 000990053 _____ C:\Users\Sławek\Documents\Halina_Lipina_PIT11A_2021.pdf
2022-03-29 18:56 - 2022-03-29 18:56 - 000056460 _____ C:\Users\Sławek\Documents\ZUS_Emerytura.pdf
2022-03-24 08:40 - 2022-03-24 08:40 - 000083523 _____ C:\Users\Sławek\Downloads\Faktura PROFORMA 38711_2022.pdf
2022-03-12 13:53 - 2022-03-12 13:53 - 000000000 ____D C:\Users\Sławek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urządzenia interfejsu Bluetooth
==================== Jeden miesiąc (zmodyfikowane) ==================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2022-04-11 22:33 - 2014-05-19 13:01 - 000000000 ____D C:\ProgramData\Kontiki
2022-04-11 22:22 - 2021-09-05 13:10 - 000000000 ____D C:\Users\Sławek\AppData\Roaming\dll-propagation
2022-04-11 22:17 - 2009-07-14 06:45 - 000015168 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-04-11 22:17 - 2009-07-14 06:45 - 000015168 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-04-11 22:16 - 2021-04-01 09:26 - 000000000 ____D C:\Users\Sławek\AppData\Roaming\Jabra Direct
2022-04-11 22:11 - 2019-02-24 20:55 - 000000000 ____D C:\Users\Sławek\AppData\Roaming\uTorrent
2022-04-11 22:10 - 2016-12-12 19:15 - 000000000 ___DC C:\Program Files\CCleaner
2022-04-11 22:03 - 2016-12-12 19:15 - 000000000 ___DC C:\Program Files (x86)\Google
2022-04-11 21:53 - 2020-08-26 16:53 - 000000911 _____ C:\WINDOWS\Tasks\EPSON L3150 Series Update {4172BE64-2B3F-4752-91F2-014F5D21642B}.job
2022-04-11 18:27 - 2017-01-16 13:27 - 000000000 ____D C:\Users\Sławek\AppData\Roaming\Spotify
2022-04-11 15:59 - 2020-06-21 12:54 - 000000000 ____D C:\Users\Sławek\AppData\LocalLow\Mozilla
2022-04-11 13:47 - 2017-01-16 13:29 - 000000000 ____D C:\Users\Sławek\AppData\Local\Spotify
2022-04-10 10:33 - 2022-02-27 20:52 - 000027120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\arcafsav.sys
2022-04-09 08:11 - 2013-12-27 23:31 - 000000000 ____D C:\WINDOWS\Minidump
2022-04-07 08:05 - 2021-10-17 19:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-06 08:08 - 2016-12-12 19:17 - 000002196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-31 21:16 - 2019-06-20 16:41 - 000000000 ____D C:\Users\Sławek\Documents\Alaska
2022-03-21 22:59 - 2020-07-19 11:53 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-21 22:04 - 2011-04-19 18:18 - 000000000 ____D C:\WINDOWS\ccmsetup
2022-03-21 21:59 - 2011-04-19 18:18 - 000000536 _____ C:\WINDOWS\SMSCFG.INI
2022-03-21 21:51 - 2016-12-12 18:57 - 000000000 ____D C:\Users\Sławek\AppData\Roaming\SoftGrid Client
2022-03-21 21:50 - 2013-11-28 09:25 - 000000456 _____ C:\WINDOWS\Tasks\Admin-Rights-Remover.job
2022-03-21 21:50 - 2009-07-14 07:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-21 21:50 - 2009-07-14 06:45 - 000523960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-17 20:24 - 2018-09-30 18:44 - 000003870 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-03-12 12:33 - 2020-01-15 08:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-12 12:33 - 2013-11-14 01:59 - 001542296 _____ C:\WINDOWS\system32\perfh015.dat
2022-03-12 12:33 - 2013-11-14 01:59 - 000435980 _____ C:\WINDOWS\system32\perfc015.dat
2022-03-12 12:33 - 2009-07-14 07:13 - 000007026 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-12 12:14 - 2020-01-15 08:19 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Pliki w katalogu głównym wybranych folderów ========
2013-12-05 10:16 - 2014-02-26 09:52 - 000000225 _____ () C:\ProgramData\RemoveMachineFromAD.vbs
2013-12-05 10:15 - 2013-03-19 09:25 - 000349184 _____ () C:\ProgramData\UAC_Enable_Payload.exe
2020-11-26 19:58 - 2020-11-26 19:59 - 000058492 ____C () C:\Program Files (x86)\CMS Setup Log.txt
2020-11-26 19:16 - 2020-11-26 19:16 - 000230626 ____C () C:\Program Files (x86)\VMS Setup Log.txt
2020-11-26 19:53 - 2020-11-26 19:54 - 000103578 ____C () C:\Program Files (x86)\VMS Uninstall Log.txt
2019-01-23 14:19 - 2019-01-23 14:19 - 000000220 _____ () C:\Users\Sławek\AppData\Roaming\KCBLW78J2CRY1.MTBF.txt
2018-10-04 11:53 - 2020-12-30 11:42 - 000007607 _____ () C:\Users\Sławek\AppData\Local\resmon.resmoncfg
==================== FLock ==============================
2019-05-18 10:04 C:\ProgramData\Filtering Platform Update
2020-04-30 12:56 C:\ProgramData\MService
2021-03-27 01:38 C:\ProgramData\StartTileData
2020-03-23 21:27 C:\Users\Sławek\AppData\Roaming\x86_microsoft-windows-m..-r-backcompat-tlb28_31bf3856ad364e35_10.0.17134.1_none_0b0c37972a37a6cf
==================== SigCheck ============================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
LastRegBack: 2022-04-09 10:58
==================== Koniec FRST.txt ========================