FRST.txt

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 01-04-2025
Uruchomiony przez przem (administrator)  T430 (LENOVO 2349GCG) (17-04-2025 09:05:50)
Uruchomiony z C:\Users\przem\Downloads\FRST64.exe
Załadowane profile: przem
Platforma: Microsoft Windows 10 Pro Wersja 22H2 19045.5608 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Vivaldi
Tryb startu: Normal

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\backup\C1BDAB63-2E02-412E-ACDA-E4D4C4C6CEF7\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5676_none_7dfafd007c9b4e44\TiWorker.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-05-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-05-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-05-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [11859680 2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-25] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [367456 2023-08-12] (University of California, Berkeley -> Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [10191200 2023-08-12] (University of California, Berkeley -> Space Sciences Laboratory)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [970536 2023-07-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [1309992 2023-07-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2756368 2023-08-09] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-188071550-750147813-4044158501-1001\...\Run: [GG] => C:\Users\przem\AppData\Local\GG\Application\gghub.exe [4078144 2022-12-28] (GG Network S.A. -> GG Network S.A.)
HKU\S-1-5-21-188071550-750147813-4044158501-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45875504 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-188071550-750147813-4044158501-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12307864 2025-03-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-188071550-750147813-4044158501-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-188071550-750147813-4044158501-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIWCE.EXE [421736 2021-11-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-188071550-750147813-4044158501-1001\...\Run: [ALLUpdate] => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" (Brak pliku)
HKU\S-1-5-21-188071550-750147813-4044158501-1001\...\Run: [GalaxyClient] => [X]
HKLM\...\Print\Monitors\EPSON PC-FAX Driver2 64Monitor: C:\WINDOWS\system32\EFXLM16A.DLL [182784 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON WF-2810 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBWCE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.85\Installer\chrmstp.exe [2025-04-15] (Google LLC -> Google LLC)
Startup: C:\Users\przem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WTW.lnk [2023-05-02]
ShortcutTarget: WTW.lnk -> C:\Program Files\K2T\WTW\wtw.exe (K2T.eu, Kaworu) [Brak podpisu cyfrowego]
GroupPolicy: Ograniczenia ? <==== UWAGA
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA

==================== Zaplanowane zadania (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {B15A0956-73E7-468C-85FA-E862C0096DB1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {BD779588-F446-43F4-BB26-8DEC1E12C57B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {941A7DF6-CA93-4501-A68A-25302BF65D08} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "a202bf7b-b76e-43d3-a147-a71f5fb9edfe" --version "6.34.0.11482" --silent
Task: {358CFC28-2832-48DA-A912-86A42C92109A} - System32\Tasks\CCleanerSkipUAC - przem => C:\Program Files\CCleaner\CCleaner.exe [39616304 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {5F742558-723E-4809-A6B7-696F1F23476D} - System32\Tasks\EPSON WF-2810 Series Update {86606377-4439-46AC-BB77-2538F86D2034} => C:\Windows\System32\spool\drivers\x64\3\E_YTSWCE.EXE [680440 2017-06-06] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {F64D2E74-D45E-4D70-A697-CF031ED8E5EC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7115.0{370B4491-14A6-4D3D-8B37-484EAD8FAF59} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7115.0\updater.exe [7360096 2025-04-08] (Google LLC -> Google LLC)
Task: {4530EC7E-4420-4CF7-88D5-89C1FD34EEFD} - System32\Tasks\IObit B5Sale (One-time) => "C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\b5saleml.exe"  -> C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\\/rpop
Task: {082E78BB-9D9F-4C05-B882-4DC87E06649B} - System32\Tasks\Launch Adobe CCXProcess => "C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"  (Brak pliku)
Task: {05643589-60EA-45DE-BE79-D2020F3EA573} - System32\Tasks\Lenovo\Power Manager\Background monitor => "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe"  (Brak pliku)
Task: {85CC3AB4-FA26-46D7-AE8E-0F6760140BC9} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [67424 2024-06-26] (Lenovo -> )
Task: {C46211EA-7831-4381-A8E4-C012E054C51C} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3765FBF7-5159-4626-8DC0-EFF4D8E2FC15} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {07835175-016C-4F1A-BA78-29C0D0DF3726} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {393306EA-AAC8-4539-9CBE-B255C72B5E69} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [68328 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {50C5F831-8F58-4E1F-9F90-5C185721E8B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {09FBE568-D2E0-49D0-92C6-D6D6C09795B4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6202D8F-5D94-43D7-9F63-D6AEDB6150CD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF0AE83F-CAC6-48D2-A484-91F542CE4238} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [204400 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3BD50366-384C-427C-9371-A01C7AA37531} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4FACF93B-4A92-470A-B347-3CE8C5630BF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82E52460-32CA-4B03-AFC9-CFBEA2F5629E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0F5488A5-EF96-4C32-AC91-7352E36B0BF7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96A94092-867E-447C-86DA-45919133A395} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {42271742-33D2-41C6-8115-35811FC197F0} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1723FC6-3992-4D1F-80CE-C33C6897EC9B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-188071550-750147813-4044158501-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6335505-1BEB-43DF-997B-D6D43AAAA2BC} - System32\Tasks\OneDrive Startup Task-S-1-5-21-188071550-750147813-4044158501-1001 => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {87BD0F67-D634-4995-B2E4-8646EA6FA0E0} - System32\Tasks\VivaldiUpdateCheck-107e41e464eb9f93 => C:\Users\przem\AppData\Local\Vivaldi\Application\update_notifier.exe [4155504 2025-04-15] (Vivaldi Technologies AS -> Vivaldi Technologies AS) -> C:\Users\przem\AppData\Local\Vivaldi\Application\--from-scheduler

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\EPSON WF-2810 Series Update {86606377-4439-46AC-BB77-2538F86D2034}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWCE.EXE:/EXE:{86606377-4439-46AC-BB77-2538F86D2034} /F:UpdateWORKGROUP\T430$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt
Tcpip\Parameters: [DhcpNameServer] 178.235.153.33 178.235.153.32
Tcpip\..\Interfaces\{997ce23b-3d59-43f3-9485-77aea701fd21}: [DhcpNameServer] 178.235.153.33 178.235.153.32
Tcpip\..\Interfaces\{997ce23b-3d59-43f3-9485-77aea701fd21}: [DhcpDomain] wroclaw-fabryczna.vectranet.pl
Tcpip\..\Interfaces\{997ce23b-3d59-43f3-9485-77aea701fd21}\05C403030313F507C65737: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{997ce23b-3d59-43f3-9485-77aea701fd21}\05C403030313F5E414D4: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{997ce23b-3d59-43f3-9485-77aea701fd21}\4505D2C494E4B4F5344434432463: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{997ce23b-3d59-43f3-9485-77aea701fd21}\655636472716D2759664965374D2735313735473: [DhcpNameServer] 178.235.153.33 178.235.153.32
Tcpip\..\Interfaces\{997ce23b-3d59-43f3-9485-77aea701fd21}\655636472716D2759664965374D2735313735473: [DhcpDomain] wroclaw-fabryczna.vectranet.pl
Tcpip\..\Interfaces\{997ce23b-3d59-43f3-9485-77aea701fd21}\E414D4D21363631323335363: [DhcpNameServer] 192.168.4.1

Edge:
=======
Edge Profile: C:\Users\przem\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-15]
Edge Extension: (Dokumenty Google offline) - C:\Users\przem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-28]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\przem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-04-15] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\przem\AppData\Local\Google\Chrome\User Data\Default [2025-04-17]
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\przem\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-17]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\przem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\przem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-09-13]hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-188071550-750147813-4044158501-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Vivaldi:
=======
VIV DefaultProfile: Default
VIV Profile: C:\Users\przem\AppData\Local\Vivaldi\User Data\Default [2025-04-17]
VIV DefaultSearchKeyword: Default -> g
VIV DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
VIV Extension: (uBlock Origin) - C:\Users\przem\AppData\Local\Vivaldi\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-03-21]hxxps://clients2.google.com/service/update2/crx
VIV Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\przem\AppData\Local\Vivaldi\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-17]hxxps://clients2.google.com/service/update2/crx
VIV Extension: (MyJDownloader Browser Extension) - C:\Users\przem\AppData\Local\Vivaldi\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2023-10-26]hxxps://clients2.google.com/service/update2/crx
VIV Extension: (Menedżer Haseł Bitwarden) - C:\Users\przem\AppData\Local\Vivaldi\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2025-04-15]hxxps://clients2.google.com/service/update2/crx

==================== Usługi (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2567304 2024-04-17] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13862104 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
S2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-07-04] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncHelper.exe [3543888 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2368848 2025-01-16] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7627600 2025-01-16] (GOG  sp. z o.o -> GOG.com)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [13004248 2023-11-30] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9486464 2025-03-25] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-03-25] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [732992 2023-09-11] (MiniTool Software Limited -> )
S2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [225088 2023-09-11] (MiniTool Software Limited -> )
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.051.0317.0003\OneDriveUpdaterService.exe [3891536 2025-04-15] (Microsoft Corporation -> Microsoft Corporation)
R2 PlexUpdateService; C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe [903944 2024-08-23] (Plex, Inc. -> Plex, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559328 2025-03-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [21605176 2024-05-03] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S2 TeraCopyService.exe; C:\Program Files\TeraCopy\TeraCopyService.exe [315720 2023-06-29] (Code Sector -> )
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [802752 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Sterowniki (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [36736 2023-05-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [282624 2023-11-14] (Microsoft Corporation) [Brak podpisu cyfrowego]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2023-11-14] (Microsoft Corporation) [Brak podpisu cyfrowego]
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [84864 2024-11-04] (Microsoft Windows Hardware Compatibility Publisher -> wch.cn)
S3 GD32VCP; C:\WINDOWS\system32\DRIVERS\usbser.sys [81408 2023-11-14] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-15] (Microsoft Windows -> Microsoft Corporation)
R3 LnvHIDHW; C:\WINDOWS\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo(Japan)Ltd. -> Lenovo)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2021-03-26] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2021-03-26] (MiniTool Solution Ltd -> )
R3 risdxc; C:\WINDOWS\System32\drivers\risdxc64.sys [106496 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [251776 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [262648 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1060600 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 GPU-Z-v2; \??\C:\Users\przem\AppData\Local\Temp\GPU-Z-v2.sys [X] <==== UWAGA
U3 uxtdipow; \??\C:\Users\przem\AppData\Local\Temp\uxtdipow.sys [X] <==== UWAGA

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc (utworzone) (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2025-04-17 09:05 - 2025-04-17 09:06 - 000026709 _____ C:\Users\przem\Downloads\FRST.txt
2025-04-17 08:58 - 2025-04-17 08:58 - 000000000 ___HD C:\$WinREAgent
2025-04-17 08:45 - 2025-04-17 08:45 - 000371282 _____ C:\Users\przem\Downloads\gmer.zip
2025-04-17 08:45 - 2025-04-17 08:45 - 000000000 ____D C:\Users\przem\Downloads\gmer
2025-04-17 08:44 - 2025-04-17 09:06 - 000000000 ____D C:\FRST
2025-04-17 08:42 - 2025-04-17 08:42 - 000001765 _____ C:\Users\przem\OneDrive\Desktop\AdwCleaner[C00].txt
2025-04-17 08:41 - 2025-04-17 08:42 - 000000000 ____D C:\AdwCleaner
2025-04-17 08:34 - 2025-04-17 08:34 - 009568256 _____ (Malwarebytes) C:\Users\przem\Downloads\adwcleaner.exe
2025-04-17 08:33 - 2025-04-17 08:33 - 002404864 _____ (Farbar) C:\Users\przem\Downloads\FRST64.exe
2025-04-15 20:44 - 2025-04-15 20:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-03-29 20:46 - 2025-03-29 20:46 - 000487341 _____ C:\Users\przem\Downloads\50 pomysłów na publikacje dla Fotografów na Insstagramie- FotoBlysk.pdf
2025-03-25 21:00 - 2025-04-17 08:35 - 000000000 ____D C:\Users\przem\AppData\Local\Malwarebytes
2025-03-25 21:00 - 2025-03-25 21:00 - 000002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-03-25 20:59 - 2025-03-25 20:59 - 002834160 _____ (Malwarebytes) C:\Users\przem\Downloads\MBSetup.exe
2025-03-25 20:59 - 2025-03-25 20:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-03-25 20:59 - 2025-03-25 20:59 - 000000000 ____D C:\Program Files\Malwarebytes

==================== Jeden miesiąc (zmodyfikowane) ==================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2025-04-17 08:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-17 08:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-17 08:58 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-17 08:57 - 2024-11-01 20:38 - 000000000 ____D C:\Program Files (x86)\dotnet
2025-04-17 08:57 - 2023-05-02 11:49 - 000000000 ____D C:\ProgramData\Package Cache
2025-04-17 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-17 08:42 - 2023-02-26 00:06 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2025-04-17 08:42 - 2023-02-26 00:06 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2025-04-17 08:40 - 2023-05-02 11:07 - 000000000 ____D C:\Users\przem\AppData\Local\Vivaldi
2025-04-17 08:21 - 2025-02-24 19:16 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-04-17 08:21 - 2023-05-02 20:17 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-04-17 08:16 - 2023-05-02 11:08 - 000002397 _____ C:\Users\przem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2025-04-17 08:16 - 2023-05-02 11:08 - 000000527 _____ C:\Users\przem\.vivaldi_reporting_data
2025-04-17 08:15 - 2023-07-28 20:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-17 08:15 - 2023-02-26 00:05 - 000000000 __SHD C:\Users\przem\IntelGraphicsProfiles
2025-04-15 22:08 - 2023-07-28 20:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-15 20:43 - 2023-02-25 23:17 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-15 20:42 - 2023-10-21 21:26 - 000000000 ____D C:\Program Files\Microsoft Office
2025-04-15 20:36 - 2023-02-25 23:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-15 20:30 - 2023-05-02 20:16 - 000000000 ____D C:\Program Files\CCleaner
2025-04-15 20:27 - 2025-02-24 19:21 - 000003540 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-188071550-750147813-4044158501-1001
2025-04-15 20:27 - 2024-09-13 16:22 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-15 20:27 - 2023-10-21 21:31 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-188071550-750147813-4044158501-1001
2025-04-15 20:27 - 2023-10-21 21:31 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-04-15 20:27 - 2023-10-01 18:54 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-04-15 20:26 - 2024-11-13 19:53 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-15 20:26 - 2023-10-23 00:20 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-15 20:22 - 2023-10-25 19:06 - 000000000 ____D C:\Users\przem\AppData\Local\CrashDumps
2025-04-15 20:22 - 2023-07-28 20:51 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-15 20:22 - 2023-07-28 20:51 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-15 20:22 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2025-04-15 20:21 - 2023-07-28 20:51 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-03-29 22:41 - 2023-12-04 19:15 - 000000000 ____D C:\Program Files (x86)\Steam
2025-03-29 22:41 - 2023-05-02 11:51 - 000000000 ____D C:\Users\przem\AppData\Roaming\Winamp
2025-03-28 22:34 - 2023-10-04 20:33 - 000000000 ____D C:\Program Files\RUXIM
2025-03-25 21:00 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-03-25 20:18 - 2023-12-04 19:21 - 000000000 ____D C:\Users\przem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-03-25 20:03 - 2025-03-06 20:53 - 000000000 ____D C:\Program Files\Altap Salamander
2025-03-25 18:59 - 2023-07-28 20:52 - 001678238 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-25 18:59 - 2019-12-07 17:09 - 000748964 _____ C:\WINDOWS\system32\perfh015.dat
2025-03-25 18:59 - 2019-12-07 17:09 - 000144674 _____ C:\WINDOWS\system32\perfc015.dat
2025-03-25 18:52 - 2023-07-28 20:45 - 000611448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-25 18:51 - 2024-05-26 12:41 - 000000000 ____D C:\Program Files\TeamViewer
2025-03-25 18:51 - 2023-07-28 20:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-25 18:51 - 2023-02-25 23:16 - 000008192 ___SH C:\DumpStack.log.tmp
2025-03-25 18:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-03-25 18:51 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-03-25 18:50 - 2024-01-22 19:06 - 000000000 ___SD C:\WINDOWS\system32\lxss
2025-03-25 18:50 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-03-25 18:50 - 2019-12-07 17:10 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-25 18:50 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-25 18:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-25 18:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-25 18:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-25 18:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-25 18:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-25 18:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-25 18:50 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2025-03-23 10:58 - 2023-07-28 20:48 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-23 10:11 - 2023-11-07 21:07 - 000000000 ____D C:\Users\przem\AppData\Local\SquirrelTemp
2025-03-23 10:11 - 2023-02-25 23:36 - 000000000 ____D C:\Users\przem\AppData\Local\Packages
2025-03-23 10:11 - 2023-02-25 23:36 - 000000000 ____D C:\ProgramData\Packages
2025-03-21 19:40 - 2023-10-01 18:53 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk

==================== Pliki w katalogu głównym wybranych folderów ========

2023-08-26 16:11 - 2023-08-26 16:11 - 000002200 _____ () C:\Users\przem\AppData\Roaming\CoolTerm_Prefs.plist
2023-10-18 21:01 - 2025-03-06 21:39 - 000000128 _____ () C:\Users\przem\AppData\Roaming\winscp.rnd
2024-08-18 18:06 - 2024-08-18 18:06 - 000000128 _____ () C:\Users\przem\AppData\Local\PUTTY.RND
2024-11-30 15:11 - 2024-11-30 15:11 - 000001840 _____ () C:\Users\przem\AppData\Local\recently-used.xbel
2023-03-18 15:16 - 2023-03-18 15:16 - 000007635 _____ () C:\Users\przem\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

==================== Koniec  FRST.txt ========================