Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 15.09.2018 Uruchomiony przez Asus (administrator) ASUS-KOMPUTER (22-09-2018 19:47:21) Uruchomiony z C:\Users\Asus\Downloads Załadowane profile: Asus (Dostępne profile: Asus) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Safe Mode (with Networking) Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Microsoft Corporation) C:\Windows\System32\userinit.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor) HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [418280 2012-07-25] (Autodesk, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-04] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-20] (AVAST Software) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.) HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd) HKLM-x32\...\Run: [CamAppSTI.exe] => C:\Program Files (x86)\AVEO USB2.0 PC Camera\CamAppSTI.exe [28672 2009-01-04] (AVEO) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation) HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\Run: [AvastBrowserAutoLaunch_0C70D31C83A9BEF7F9DC53F498C8302E] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1711712 2018-09-17] (AVAST Software) HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: G - G:\AutoRun.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {031744cf-dcbe-11e3-a2a6-bcee7b749861} - G:\AutoRun.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {031744d5-dcbe-11e3-a2a6-bcee7b749861} - G:\AutoRun.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {0c70a783-e5f0-11e6-b714-bcee7b749861} - G:\Lenovo_Suite.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {0d392cea-5a28-11e4-93cc-bcee7b749861} - G:\AutoRun.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {1aa8c014-e52b-11e6-89b6-bcee7b749861} - G:\Lenovo_Suite.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {2811595e-6888-11e7-b3ae-bcee7b749861} - G:\Lenovo_Suite.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {401082e2-5f4a-11e4-a1e8-bcee7b749861} - G:\AutoRun.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {4af0fa54-f911-11e7-8cba-bcee7b749861} - G:\fifa.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {5b535709-7ba8-11e7-ae1d-bcee7b749861} - G:\Lenovo_Suite.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {62795cdc-f246-11e3-a05e-bcee7b749861} - G:\AutoRun.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {653e6f86-f939-11e4-aa87-bcee7b749861} - I:\Startme.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {ed973883-f2c0-11e3-a0dc-bcee7b749861} - G:\AutoRun.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {efbcb9e9-7ba6-11e7-a907-bcee7b749861} - G:\Lenovo_Suite.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {f96ae668-5a7a-11e4-ade7-bcee7b749861} - G:\AutoRun.exe HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\MountPoints2: {fcb25daa-c7f9-11e5-a427-bcee7b749861} - G:\LG_PC_Programs.exe HKU\S-1-5-18\...\Run: [] => [X] BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B22E29C8-6DAF-48E2-99CE-4B1DD2114F8E}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?PC=AV01 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2995873634-344271847-1804652514-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.pl/ SearchScopes: HKLM -> DefaultScope - brak wartości SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-2995873634-344271847-1804652514-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-2995873634-344271847-1804652514-1000 -> {ielnksrch} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-05-18] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-20] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-18] (Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-06-07] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-20] (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-07] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab FireFox: ======== FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\frzev38o.default [2018-09-22] FF user.js: detected! => C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\frzev38o.default\user.js [2015-06-01] FF Homepage: Mozilla\Firefox\Profiles\frzev38o.default -> hxxps://www.google.pl/?gws_rd=ssl FF NewTab: Mozilla\Firefox\Profiles\frzev38o.default -> about:newtab FF NewTabOverride: Mozilla\Firefox\Profiles\frzev38o.default -> Enabled: {66E978CD-981F-47DF-AC42-E3CF417C1467} FF Extension: (Video Downloader professional) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\frzev38o.default\Extensions\ffext_basicvideoext@startpage24.xpi [2017-07-27] FF Extension: (Forecastfox (fix version)) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\frzev38o.default\Extensions\forecastfox@s3_fix_version.xpi [2018-07-30] FF Extension: (Avast SafePrice) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\frzev38o.default\Extensions\sp@avast.com.xpi [2018-06-20] FF Extension: (Avast Online Security) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\frzev38o.default\Extensions\wrc@avast.com.xpi [2018-05-25] FF Extension: (New Tab Homepage) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\frzev38o.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2017-11-15] FF Extension: (Adblock Plus) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\frzev38o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12] FF Extension: (Firefox Monitor) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\frzev38o.default\features\{b8b2401d-0ad5-48bc-b60c-ff53acc4d391}\fxmonitor@mozilla.org.xpi [2018-09-21] FF Extension: (Telemetry coverage) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\frzev38o.default\features\{b8b2401d-0ad5-48bc-b60c-ff53acc4d391}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-21] [Przestarzałe] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-26] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-03-24] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Przestarzałe] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-2995873634-344271847-1804652514-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-12] () FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation) FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-18] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-12] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-07] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-07] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-09-12] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-09-12] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-08-02] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin HKU\S-1-5-21-2995873634-344271847-1804652514-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Asus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2018-09-22] CHR Extension: (Dokumenty Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-02] CHR Extension: (Dysk Google) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-02] CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-27] CHR Extension: (Google Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-02] CHR Extension: (Adobe Acrobat) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-27] CHR Extension: (Dokumenty Google offline) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-27] CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-02] CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-02] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] () S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-20] (AVAST Software) S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-25] (AVAST Software) S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-20] (AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-25] (AVAST Software) S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2017-10-01] (Creative Labs) [Brak podpisu cyfrowego] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-03-08] (Creative Labs) [Brak podpisu cyfrowego] S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [Brak podpisu cyfrowego] S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-04] (NVIDIA Corporation) S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Brak podpisu cyfrowego] S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Brak podpisu cyfrowego] S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation) S2 PCloudCleanerService; C:\Windows\SysWOW64\PCloudCleanerService.EXE [108792 2015-11-03] (Panda Security S.L.) S4 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2014-05-16] () S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [29696 2016-03-02] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2016-03-02] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2016-03-02] (LG Electronics Inc.) S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] () S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-06-20] (AVAST Software) S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-06-20] (AVAST Software) S0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-06-20] (AVAST Software) S0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-06-20] (AVAST Software) S0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-06-20] (AVAST Software) S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-06-20] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-06-20] (AVAST Software) S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-06-20] (AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-06-20] (AVAST Software) S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-06-20] (AVAST Software) S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-06-20] (AVAST Software) S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [465640 2018-08-24] (AVAST Software) S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-06-20] (AVAST Software) S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-06-20] (AVAST Software) S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [298752 2010-07-06] (AVEO Corp) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-06-21] (Bluestack System Inc. ) S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24032 2013-10-08] (IVT Corporation.) S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Windows (R) Win 7 DDK provider) S3 DFX12; C:\Windows\System32\drivers\dfx12x64.sys [29688 2015-11-12] (Windows (R) Win 7 DDK provider) S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.) S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.) S2 Kmm4xNT; C:\Windows\SysWow64\Drivers\Kmm4xNT.sys [95484 2002-04-26] (DATOM Dariusz Cielebąk) [Brak podpisu cyfrowego] R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () S0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2018-01-14] (Duplex Secure Ltd.) S3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] () S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB) S1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-12-25] (Zemana Ltd.) S1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-12-25] (Zemana Ltd.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-09-22 19:43 - 2015-09-14 13:03 - 000039672 _____ C:\Windows\system32\Drivers\ppadgdvl.sys 2018-09-22 11:41 - 2018-09-22 19:47 - 000026581 _____ C:\Users\Asus\Downloads\FRST.txt 2018-09-22 11:38 - 2018-09-22 11:38 - 002413568 _____ (Farbar) C:\Users\Asus\Downloads\FRST64.exe 2018-09-22 11:31 - 2018-09-22 11:31 - 030152552 _____ (mks_vir) C:\Users\Asus\Downloads\mks_vir_online.exe 2018-09-22 11:00 - 2015-11-03 16:46 - 000108792 _____ (Panda Security S.L.) C:\Windows\SysWOW64\PCloudCleanerService.EXE 2018-09-18 19:40 - 2018-09-18 19:40 - 000001447 _____ C:\Users\Asus\Desktop\Jurassic World.lnk 2018-09-18 13:48 - 2018-09-18 13:48 - 002869176 _____ C:\Users\Asus\Desktop\Załącznik do KZP3 - ul.Mokra.pdf 2018-09-14 12:46 - 2018-09-14 12:46 - 000001391 _____ C:\Users\Asus\Desktop\Dino War.lnk 2018-09-14 12:42 - 2018-09-14 12:42 - 000003506 _____ C:\Windows\System32\Tasks\BlueStacksHelper 2018-09-14 12:39 - 2018-09-14 12:39 - 000000647 _____ C:\Users\Public\Desktop\BlueStacks.lnk 2018-09-14 12:39 - 2018-09-14 12:39 - 000000647 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk 2018-09-14 12:39 - 2018-09-14 12:39 - 000000647 _____ C:\ProgramData\Desktop\BlueStacks.lnk 2018-09-14 12:38 - 2018-09-14 12:39 - 000000000 ____D C:\Program Files (x86)\BlueStacks 2018-09-14 12:35 - 2018-09-14 12:35 - 000000000 ____D C:\ProgramData\BlueStacks 2018-09-14 10:15 - 2018-09-14 10:15 - 000000000 ____D C:\Users\Asus\Documents\ROBLOX 2018-08-24 09:25 - 2018-08-24 09:25 - 000124181 _____ C:\Users\Asus\Desktop\zwrot spodni.pdf ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-09-22 19:47 - 2014-10-22 22:14 - 034085866 _____ C:\Windows\ntbtlog.txt 2018-09-22 19:47 - 2014-03-19 14:23 - 000000000 ____D C:\FRST 2018-09-22 19:43 - 2017-10-30 08:40 - 000025256 _____ C:\Windows\ZAM.krnl.trace 2018-09-22 19:43 - 2017-10-30 08:40 - 000002518 _____ C:\Windows\ZAM_Guard.krnl.trace 2018-09-22 19:43 - 2014-03-03 21:12 - 000000000 ____D C:\ProgramData\NVIDIA 2018-09-22 19:28 - 2011-04-12 15:21 - 000740422 _____ C:\Windows\system32\perfh015.dat 2018-09-22 19:28 - 2011-04-12 15:21 - 000155996 _____ C:\Windows\system32\perfc015.dat 2018-09-22 19:28 - 2009-07-14 07:13 - 001670518 _____ C:\Windows\system32\PerfStringBackup.INI 2018-09-22 19:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-09-22 19:27 - 2016-11-18 09:41 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla 2018-09-22 19:20 - 2015-06-11 23:54 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Temp 2018-09-22 11:32 - 2017-03-26 22:13 - 000001068 _____ C:\Users\Asus\Desktop\mks_vir skaner online.lnk 2018-09-22 11:09 - 2018-03-25 21:06 - 000000000 ____D C:\Users\Asus\AppData\Local\AVAST Software 2018-09-22 11:00 - 2018-01-14 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports 2018-09-22 11:00 - 2016-12-25 02:02 - 000000750 _____ C:\Windows\SysWOW64\BroomData.bit 2018-09-22 10:13 - 2009-07-14 06:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-09-22 10:13 - 2009-07-14 06:45 - 000022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-09-22 09:57 - 2009-07-14 07:08 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-09-22 09:57 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-09-20 08:13 - 2014-12-25 20:50 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2018-09-20 08:12 - 2018-08-20 08:47 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-09-19 19:13 - 2018-03-25 21:07 - 000002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2018-09-14 12:38 - 2016-10-17 19:51 - 000000000 ____D C:\Users\Asus\AppData\Local\Bluestacks 2018-09-14 12:35 - 2016-01-24 13:31 - 000000000 ____D C:\ProgramData\BlueStacksSetup 2018-09-14 10:38 - 2018-08-20 19:34 - 000000000 ____D C:\Users\Asus\AppData\Local\Roblox 2018-09-14 10:16 - 2018-08-19 15:28 - 000000250 _____ C:\Users\Asus\AppData\LocalLow\rbxcsettings.rbx 2018-09-14 10:09 - 2018-08-19 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox 2018-09-13 13:32 - 2014-03-03 21:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-09-12 09:50 - 2018-03-13 21:50 - 000004570 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-09-12 09:50 - 2014-03-03 20:57 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-09-12 09:50 - 2014-03-03 20:57 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-09-12 09:50 - 2014-03-03 20:57 - 000004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-09-12 09:50 - 2014-03-03 20:57 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-09-12 09:50 - 2014-03-03 20:57 - 000000000 ____D C:\Windows\system32\Macromed 2018-09-08 11:51 - 2017-06-14 15:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-09-05 14:53 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp 2018-09-05 14:40 - 2014-03-05 17:21 - 000000000 ____D C:\Users\Asus\AppData\Local\cache 2018-08-24 17:04 - 2014-03-03 21:02 - 000465640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2018-08-23 20:36 - 2017-08-15 19:42 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-12-16 16:41 - 2014-12-16 23:04 - 000000098 _____ () C:\Users\Asus\AppData\Roaming\LauncherSettings_live.cfg 2014-09-24 11:44 - 2016-11-04 09:43 - 000059977 _____ () C:\Users\Asus\AppData\Roaming\QBLADE.ini 2014-12-16 17:16 - 2014-12-16 17:19 - 000000039 _____ () C:\Users\Asus\AppData\Roaming\TheHunterSettings_live.cfg 2018-02-01 14:03 - 2018-02-01 14:03 - 000001030 _____ () C:\Users\Asus\AppData\Local\recently-used.xbel 2014-10-22 21:43 - 2014-10-22 21:43 - 000000017 _____ () C:\Users\Asus\AppData\Local\resmon.resmoncfg 2016-12-23 19:20 - 2016-12-23 19:37 - 025416816 _____ (One Click Root) C:\Users\Asus\AppData\Local\TempOneClickRoot.exe 2014-03-08 13:25 - 2014-03-19 13:47 - 000005918 _____ () C:\Users\Asus\AppData\Local\unins000.dat 2014-03-19 13:47 - 2014-03-19 13:47 - 000707504 _____ () C:\Users\Asus\AppData\Local\unins000.exe 2014-03-08 13:25 - 2014-03-19 13:47 - 000011761 _____ () C:\Users\Asus\AppData\Local\unins000.msg ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2014-03-10 12:53 ==================== Koniec FRST.txt ============================