Hej, mam dokładnie ten sam problem.. Próbowałem sam coś ugrać wg odpowiedzi- niestety bezskutecznie. Bardzo proszę o pomoc. Wydzielono z https://www.elektroda.pl/rtvforum/topic3890060.html
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 08-05-2022
Uruchomiony przez rrgoz (administrator) LAPTOP-2H0VUKEC (HP HP Laptop 15s-eq1xxx) (10-05-2022 01:38:47)
Uruchomiony z C:\Users\rrgoz\Downloads
Załadowane profile: rrgoz
Platform: Microsoft Windows 11 Home Wersja 21H2 22000.613 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe - & gt; ) (Express Vpn LLC - & gt; ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22115.300.1313.2464_x64__8wekyb3d8bbwe\msteams.exe - & gt; ) (Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.39\msedgewebview2.exe & lt; 13 & gt;
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe - & gt; ) (Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\SysInfoCap.exe - & gt; ) (HP Inc. - & gt; HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\BridgeCommunication.exe
(DriverStore\FileRepository\u0369631.inf_amd64_88e1f90c6b221b8e\B369439\atiesrxx.exe - & gt; ) (Advanced Micro Devices Inc. - & gt; AMD) C:\Windows\System32\DriverStore\FileRepository\u0369631.inf_amd64_88e1f90c6b221b8e\B369439\atieclxx.exe
(ETDService.exe - & gt; ) (ELAN MICROELECTRONICS CORPORATION - & gt; ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe - & gt; ) (Google LLC - & gt; Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe & lt; 27 & gt;
(Express Vpn LLC - & gt; ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(services.exe - & gt; ) (Adobe Inc. - & gt; Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe - & gt; ) (Advanced Micro Devices Inc. - & gt; AMD) C:\Windows\System32\DriverStore\FileRepository\u0369631.inf_amd64_88e1f90c6b221b8e\B369439\atiesrxx.exe
(services.exe - & gt; ) (ELAN MICROELECTRONICS CORPORATION - & gt; ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe - & gt; ) (Express Vpn LLC - & gt; ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe - & gt; ) (HP Inc. - & gt; HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe - & gt; ) (HP Inc. - & gt; HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a6e24179070178de\x64\TouchpointAnalyticsClientService.exe
(services.exe - & gt; ) (HP Inc. - & gt; HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\AppHelperCap.exe
(services.exe - & gt; ) (HP Inc. - & gt; HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\DiagsCap.exe
(services.exe - & gt; ) (HP Inc. - & gt; HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\NetworkCap.exe
(services.exe - & gt; ) (HP Inc. - & gt; HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\SysInfoCap.exe
(services.exe - & gt; ) (Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe - & gt; ) (Microsoft Windows Hardware Compatibility Publisher - & gt; Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe - & gt; ) (Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe - & gt; ) (Microsoft Windows Publisher - & gt; Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe - & gt; ) (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe - & gt; ) (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_19d333f59f2c41d3\RtkAudUService64.exe & lt; 3 & gt;
(services.exe - & gt; ) (Sound Research Corporation - & gt; Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe - & gt; ) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\win32\HPBackgroundProcess.exe
(svchost.exe - & gt; ) (HP Inc. - & gt; HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe - & gt; ) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe - & gt; ) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe - & gt; ) (Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe & lt; 4 & gt;
(svchost.exe - & gt; ) (Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe - & gt; ) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.305.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
==================== Rejestr (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [RtkAudUService] = & gt; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_19d333f59f2c41d3\RtkAudUService64.exe [3496544 2022-03-13] (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor)
HKLM-x32\...\Run: [ExpressVPNNotificationService] = & gt; C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC - & gt; ExpressVPN)
HKU\S-1-5-21-409315849-465992100-82019831-1001\...\Run: [HPSEU_Host_Launcher] = & gt; C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2022-02-06] (HP Inc.) [Brak podpisu cyfrowego]
HKU\S-1-5-21-409315849-465992100-82019831-1001\...\Run: [OneDrive] = & gt; C:\Program Files\Microsoft OneDrive\OneDrive.exe [2637200 2022-05-09] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files\Google\Chrome\Application\101.0.4951.54\Installer\chrmstp.exe [2022-05-09] (Google LLC - & gt; Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] - & gt;
==================== Zaplanowane zadania (filtrowane) ============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {0FC0A1AB-82B0-4100-B35B-0CC29800CC34} - System32\Tasks\Microsoft\Office\Office Performance Monitor = & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-05-04] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {130A6BDB-56A9-4F43-9C93-9E4D86ACC49B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker = & gt; C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145944 2022-03-28] (HP Inc. - & gt; HP Inc.)
Task: {26A63677-A931-4F9D-92CE-5CBE58104192} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-08] (Google LLC - & gt; Google LLC)
Task: {2CD84AE0-279A-4302-8FB4-CD55FEC714A0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 = & gt; C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8376824 2022-05-04] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {2F773069-EB12-49AD-A668-71CD4843BD67} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-05-04] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {357E36FF-F3B8-4C1A-A4EB-815BF8B06798} - System32\Tasks\HPAudioSwitch = & gt; C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. - & gt; HP Inc.)
Task: {413318FD-B51B-4C37-88E4-2EEAAF78B808} - System32\Tasks\Microsoft\Office\Office Feature Updates = & gt; C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-04] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {48FB7936-C097-46F0-8736-306856AA63D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {4F108072-BCEB-4489-9250-0E45705F7EDA} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-08] (Google LLC - & gt; Google LLC)
Task: {6AD06A4A-ABD3-4827-B010-E82BE4A03F9A} - System32\Tasks\HP\Consent Manager Launcher = & gt; sc start hptouchpointanalyticsservice
Task: {73ECC91F-881D-4167-9335-4A1EA36DDF1F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 = & gt; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-05-04] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {782DC93D-E6CB-4687-BC65-EC7B7B510A4D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {84D78B68-3CC2-4D5C-9C08-BE661FF65E78} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon = & gt; C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-04] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {8C9BFCEA-76D0-4F5B-A7E5-C9BD1AA189A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {977534FE-97AB-412A-9924-C7FA4D36E860} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 = & gt; C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8376824 2022-05-04] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {ACAC329E-D863-464A-B586-69724E14733E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-409315849-465992100-82019831-1001 = & gt; C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4215696 2022-05-09] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {BCD29722-B876-4EB2-A942-3B693D5C63BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {C0D4DF2C-946C-4C67-BA4F-36762E96A38C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan = & gt; C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145944 2022-03-28] (HP Inc. - & gt; HP Inc.)
Task: {C2B0384D-7EF6-412E-9A48-4B5FB7BBAA6A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task = & gt; C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4215696 2022-05-09] (Microsoft Corporation - & gt; Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser = & gt; C:\WINDOWS\System32\MbaeParserTask.exe (Brak pliku)
Task: {CF868024-038B-49B6-B1DE-44274F4107E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report = & gt; C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-03-28] (HP Inc. - & gt; HP Inc.)
Task: {F46EB1A7-F0A4-4698-87EE-576DBB81C6AC} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. - & gt; Adobe Inc.)
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60ec6949-ef74-481c-a292-88b311c33bf1}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\rrgoz\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-10]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-10] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin: Adobe Acrobat - & gt; C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. - & gt; Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-02] (Microsoft Corporation - & gt; Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\rrgoz\AppData\Local\Google\Chrome\User Data\Default [2022-05-10]
CHR Notifications: Default - & gt; hxxps://www.facebook.com
CHR Extension: (Dokumenty Google offline) - C:\Users\rrgoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-24]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\rrgoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-08]
==================== Usługi (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. - & gt; Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11758536 2022-05-04] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC - & gt; ExpressVPN)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.089.0426.0003\FileSyncHelper.exe [3406224 2022-05-09] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. - & gt; HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\AppHelperCap.exe [764448 2022-03-30] (HP Inc. - & gt; HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\DiagsCap.exe [763480 2022-03-30] (HP Inc. - & gt; HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\NetworkCap.exe [759336 2022-03-30] (HP Inc. - & gt; HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_82b4ea84f6cb4b64\x64\SysInfoCap.exe [762904 2022-03-30] (HP Inc. - & gt; HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a6e24179070178de\x64\TouchpointAnalyticsClientService.exe [497328 2022-03-30] (HP Inc. - & gt; HP Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.089.0426.0003\OneDriveUpdaterService.exe [3843472 2022-05-09] (Microsoft Corporation - & gt; Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-12] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-12] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
===================== Sterowniki (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_4f059863a425c74d\amdacpafd.sys [356328 2021-12-28] (Advanced Micro Devices Inc. - & gt; Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0369631.inf_amd64_88e1f90c6b221b8e\B369439\amdkmdag.sys [83123008 2021-09-06] (Advanced Micro Devices Inc. - & gt; Advanced Micro Devices, Inc.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [135296 2020-09-17] (Alcorlink Corp. - & gt; )
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC - & gt; ExpressVPN)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. - & gt; HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-20] (Microsoft Windows - & gt; Microsoft Corporation)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC - & gt; The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-12] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-12] (Microsoft Windows - & gt; Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-12] (Microsoft Windows - & gt; Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. - & gt; HP)
S3 MpKsl103b5d69; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B80FA1C9-852D-49A7-85AD-0D8B7212493F}\MpKslDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc (utworzone) (filtrowane) =========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2022-05-10 01:38 - 2022-05-10 01:39 - 000018734 _____ C:\Users\rrgoz\Downloads\FRST.txt
2022-05-10 01:09 - 2022-05-10 01:33 - 000000000 ____D C:\Users\rrgoz\Downloads\Nowy folder
2022-05-10 01:06 - 2022-05-10 01:38 - 000000000 ____D C:\FRST
2022-05-10 01:06 - 2022-05-10 01:06 - 000000000 ____D C:\Users\rrgoz\Downloads\FRST-OlderVersion
2022-05-10 01:05 - 2022-05-10 01:06 - 002366976 _____ (Farbar) C:\Users\rrgoz\Downloads\FRST64.exe
2022-05-10 00:44 - 2022-05-10 00:46 - 000000000 ____D C:\ProgramData\WinThruster
2022-05-10 00:43 - 2022-05-10 00:43 - 006472000 _____ (Solvusoft ) C:\Users\rrgoz\Downloads\Setup_WinThruster_2022.exe
2022-05-10 00:27 - 2022-05-10 00:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2022-05-09 23:46 - 2022-05-09 23:46 - 016807233 _____ C:\Users\rrgoz\Downloads\Demo_AZEP.zip
2022-05-09 23:46 - 2022-05-09 23:46 - 000000000 ____D C:\Users\rrgoz\Downloads\Demo_AZEP
2022-05-09 23:37 - 2022-05-09 23:37 - 011140776 _____ (McAfee, LLC) C:\Users\rrgoz\Downloads\MCPR.exe
2022-05-09 22:35 - 2022-05-09 22:35 - 001933246 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2022-05-09 22:35 - 2022-05-09 22:35 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-05-09 22:35 - 2022-05-09 22:35 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-05-09 22:35 - 2022-05-09 22:35 - 000000000 ____D C:\Program Files\MSBuild
2022-05-09 22:35 - 2022-05-09 22:35 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-05-09 22:35 - 2022-05-09 22:35 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-05-06 23:18 - 2022-05-06 23:18 - 000000000 ____D C:\Users\rrgoz\Desktop\Szkolenie- trening w szyjnym
2022-05-04 12:58 - 2022-05-04 12:58 - 000603076 _____ C:\Users\rrgoz\Desktop\Ewidencja-sprzedaży-kwiecien.pdf
2022-04-29 16:59 - 2022-04-29 16:59 - 000130072 _____ (Zoom Video Communications, Inc.) C:\Users\rrgoz\Downloads\Zoom_cm_fo42anktZ9vvrZo4_mAHcP7BwErSV-+o6Bctxf1WLQN2bSmd1NYg4v@X2zt165ZID64BlpK_k650e59d31358f808_.exe
2022-04-24 14:36 - 2022-03-13 23:38 - 000018824 _____ C:\WINDOWS\system32\RtEventLog.dll
2022-04-24 14:36 - 2022-03-13 23:28 - 049969675 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2022-04-24 14:36 - 2021-11-01 20:36 - 000408576 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCtrlHelper.exe
2022-04-24 14:33 - 2022-04-24 14:33 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-24 14:33 - 2022-04-24 14:33 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-24 14:33 - 2022-04-24 14:33 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-24 14:32 - 2022-04-24 14:32 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-24 14:32 - 2022-04-24 14:32 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll
2022-04-24 14:32 - 2022-04-24 14:32 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-04-24 14:30 - 2022-04-24 14:30 - 000000000 ___HD C:\$WinREAgent
==================== Jeden miesiąc (zmodyfikowane) ==================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2022-05-10 01:33 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-05-10 01:27 - 2022-01-08 14:41 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-10 01:09 - 2022-01-08 14:32 - 000000000 ____D C:\Users\rrgoz\AppData\Local\D3DSCache
2022-05-10 00:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-05-10 00:39 - 2022-01-15 22:18 - 001998826 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-10 00:39 - 2021-06-05 19:35 - 000870104 _____ C:\WINDOWS\system32\perfh015.dat
2022-05-10 00:39 - 2021-06-05 19:35 - 000194120 _____ C:\WINDOWS\system32\perfc015.dat
2022-05-10 00:39 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-05-10 00:36 - 2022-01-08 14:33 - 000000000 ___RD C:\Users\rrgoz\OneDrive
2022-05-10 00:35 - 2022-01-15 22:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-05-10 00:35 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-05-10 00:35 - 2021-06-05 14:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-05-10 00:35 - 2020-05-06 10:58 - 000012288 ___SH C:\DumpStack.log.tmp
2022-05-10 00:32 - 2022-01-08 14:32 - 000000000 ____D C:\Users\rrgoz\AppData\Local\Packages
2022-05-10 00:32 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-05-10 00:32 - 2021-05-15 16:41 - 000000000 ____D C:\ProgramData\Packages
2022-05-09 23:43 - 2022-01-15 22:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-05-09 23:07 - 2021-06-05 14:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-05-09 23:07 - 2021-06-05 14:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-05-09 22:56 - 2022-02-08 21:19 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-05-09 22:56 - 2022-01-15 22:13 - 000000000 ____D C:\Users\rrgoz
2022-05-09 22:35 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-05-09 22:35 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-05-09 22:35 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-09 22:24 - 2022-01-08 14:41 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-09 22:24 - 2022-01-08 14:41 - 000002219 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-05-09 22:24 - 2021-01-05 11:44 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-09 22:24 - 2021-01-05 11:44 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-05-09 22:15 - 2022-02-06 18:20 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-05-09 22:15 - 2022-02-06 18:20 - 000002183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-05-09 22:15 - 2022-01-15 22:16 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-409315849-465992100-82019831-1001
2022-05-06 22:36 - 2022-03-12 19:59 - 000000000 ____D C:\Users\rrgoz\Desktop\Szkolenie - kręgosłup 12.03
2022-05-04 13:04 - 2022-02-06 18:38 - 000000000 ____D C:\Program Files\Microsoft Office
2022-04-26 22:28 - 2022-01-16 21:47 - 000000000 ____D C:\Users\rrgoz\Desktop\Radek
2022-04-24 22:46 - 2022-01-15 22:12 - 000594584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-24 22:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-24 19:41 - 2022-02-06 13:47 - 000000000 ____D C:\Users\rrgoz\Desktop\Ewidencja sprzedaży
2022-04-24 15:27 - 2022-01-17 22:29 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-24 14:36 - 2022-01-17 22:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-24 14:35 - 2022-01-17 22:28 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-24 14:32 - 2022-01-15 22:16 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-24 14:22 - 2022-01-15 22:16 - 000003570 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-04-24 14:22 - 2022-01-15 22:16 - 000003446 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-04-18 17:57 - 2022-02-06 13:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-18 17:57 - 2022-02-06 13:34 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-18 17:57 - 2022-02-06 13:34 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-04-12 21:03 - 2020-05-06 10:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-12 20:53 - 2022-01-15 22:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-04-10 21:46 - 2022-01-15 22:25 - 000003416 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d80a4c79875fbd
2022-04-10 21:46 - 2022-01-15 22:16 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
==================== SigCheck ============================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
==================== Koniec FRST.txt ========================