Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17.03.2019 Uruchomiony przez Paweł (administrator) DESKTOP-CSPS4KR (19-03-2019 13:55:35) Uruchomiony z G:\ Załadowane profile: Paweł (Dostępne profile: Paweł) Platform: Windows 10 Home Wersja 1803 17134.523 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\271cb5d2519ef53b1f84fc3801aff751\WindowsUpdateBox.exe (Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\setuphost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-297230247-521389304-3291219411-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-297230247-521389304-3291219411-1001\...\Run: [DriverAgent Plus] => C:\ProgramData\DriverAgentPlus\DriverAgentPlus.exe [6145528 2016-12-26] (eSupport.com, Inc. -> ) HKU\S-1-5-21-297230247-521389304-3291219411-1001\...\Run: [UpdateReminder] => C:\ProgramData\DriverAgentPlus\UpdateReminder\UpdateReminder.exe [680952 2016-12-01] (eSupport.com, Inc. -> eSupport.com) HKU\S-1-5-21-297230247-521389304-3291219411-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3205408 2018-07-24] (Valve -> Valve Corporation) HKU\S-1-5-21-297230247-521389304-3291219411-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-297230247-521389304-3291219411-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [1447936 2018-07-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKU\S-1-5-21-297230247-521389304-3291219411-1001\...\MountPoints2: {1400a09a-eccf-11e8-ade8-408d5cbb27ab} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-297230247-521389304-3291219411-1001\...\Winlogon: [Shell] %comspec% <==== UWAGA HKU\S-1-5-21-297230247-521389304-3291219411-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist ( start /MIN "" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.75\Installer\chrmstp.exe [2019-03-12] (Google LLC -> Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\Installer\chrmstp.exe [2019-03-09] (AVAST Software s.r.o. -> AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-04-15] ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [Brak podpisu cyfrowego] ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{5f361e54-f8af-4d50-98af-afd14044bbb1}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKU\S-1-5-21-297230247-521389304-3291219411-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-07-24] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-07-24] (Oracle America, Inc. -> Oracle Corporation) Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2003-03-19] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation) [Brak podpisu cyfrowego] FireFox: ======== FF DefaultProfile: g7zo6jyk.default FF ProfilePath: C:\Users\Paweł\AppData\Roaming\Mozilla\Firefox\Profiles\g7zo6jyk.default [2019-03-19] FF Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Paweł\AppData\Roaming\Mozilla\Firefox\Profiles\g7zo6jyk.default\Extensions\sp@avast.com.xpi [2019-02-05] FF Extension: (Avast Online Security) - C:\Users\Paweł\AppData\Roaming\Mozilla\Firefox\Profiles\g7zo6jyk.default\Extensions\wrc@avast.com.xpi [2018-06-25] FF Extension: (DownThemAll!) - C:\Users\Paweł\AppData\Roaming\Mozilla\Firefox\Profiles\g7zo6jyk.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29] [Przestarzałe] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-24] (Adobe Systems Incorporated -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Brak pliku] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-24] (Adobe Systems Incorporated -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-07-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-07-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc -> Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-21] (Google Inc -> Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.pl/ CHR Profile: C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default [2019-03-17] CHR Extension: (Prezentacje) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Dokumenty) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Dysk Google) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-16] CHR Extension: (YouTube) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-16] CHR Extension: (Arkusze) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Dokumenty Google offline) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22] CHR Extension: (AdBlock) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-25] CHR Extension: (Avast Online Security) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-20] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04] CHR Extension: (Adblock Pro) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-11-10] CHR Extension: (Gmail) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-16] CHR Extension: (Chrome Media Router) - C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-14] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-30] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-19] (AVAST Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-30] (AVAST Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe [1070600 2019-03-06] (AVAST Software s.r.o. -> AVAST Software) S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-19] (AVAST Software s.r.o. -> AVAST Software) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-04-13] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation - Rapid Storage Technology -> Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [335872 2003-03-19] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2018-06-06] (Even Balance, Inc. -> ) R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [103736 2018-06-06] (Even Balance, Inc. -> ) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205608 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254408 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196304 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320904 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58168 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42496 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169104 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034640 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476256 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220632 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380160 2019-03-19] (AVAST Software s.r.o. -> AVAST Software) R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [314016 2018-11-06] (Tages SA -> ) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-04-24] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-04-24] (Disc Soft Ltd -> Disc Soft Ltd) S3 gdrv; C:\Windows\gdrv.sys [26192 2016-04-15] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43680 2018-11-06] (Tages SA -> ) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-10-10] (Realtek Semiconductor Corp -> Realtek ) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-03-19 11:02 - 2019-03-19 11:02 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2019-03-16 18:01 - 2019-03-16 18:01 - 000001225 _____ C:\Users\Paweł\Desktop\MetroExodus — skrót .lnk 2019-03-16 18:01 - 2019-03-16 18:01 - 000000000 ____D C:\Users\Paweł\AppData\Roaming\CPY_SAVES 2019-03-16 16:19 - 2019-03-16 16:21 - 000000000 ___HD C:\Users\Paweł\Desktop\mazda6 2019-03-16 15:59 - 2019-03-16 17:03 - 000000614 _____ C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Metro Exodus.lnk 2019-03-14 14:43 - 2019-03-14 14:43 - 000000000 ____D C:\Users\Paweł\AppData\Local\Origin 2019-03-14 13:45 - 2019-03-14 13:45 - 000000689 _____ C:\Users\Public\Desktop\The Sims 4 x64.lnk 2019-03-14 13:45 - 2019-03-14 13:45 - 000000677 _____ C:\Users\Public\Desktop\The Sims 4.lnk 2019-03-14 12:52 - 2019-03-14 12:52 - 006220854 _____ C:\Users\Paweł\Desktop\4.bmp 2019-03-14 12:51 - 2019-03-14 12:51 - 006220854 _____ C:\Users\Paweł\Desktop\3.bmp 2019-03-14 12:51 - 2019-03-14 12:51 - 006220854 _____ C:\Users\Paweł\Desktop\2.bmp 2019-03-14 12:51 - 2019-03-14 12:51 - 006220854 _____ C:\Users\Paweł\Desktop\1.bmp 2019-03-12 19:51 - 2019-03-14 14:43 - 000000000 ____D C:\Users\Paweł\Documents\Electronic Arts 2019-03-12 19:48 - 2019-03-12 19:48 - 000001106 _____ C:\Users\Public\Desktop\The Sims 3 Complete Collection.lnk 2019-03-12 19:48 - 2019-03-12 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Complete Collection 2019-03-02 06:42 - 2019-03-02 06:42 - 000000000 ____D C:\Users\Paweł\Documents\CPY_SAVES 2019-03-02 06:42 - 2019-03-02 06:42 - 000000000 ____D C:\Users\Paweł\Documents\Assassin's Creed Odyssey 2019-03-02 06:41 - 2019-03-14 14:41 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2019-03-02 01:05 - 2019-03-05 14:34 - 000001056 _____ C:\Users\Public\Desktop\Assassin's Creed - Odyssey.lnk 2019-03-02 01:05 - 2019-03-02 03:37 - 000000000 ____D C:\Program Files (x86)\Assassin's Creed - Odyssey 2019-02-25 16:07 - 2019-02-25 16:07 - 000000000 ____D C:\ProgramData\RELOADED 2019-02-25 16:06 - 2019-02-25 16:06 - 000001378 _____ C:\Users\Paweł\Desktop\CoJ Gunslinger.lnk 2019-02-25 11:03 - 2019-03-14 19:46 - 000000000 ____D C:\Users\Paweł\AppData\Roaming\uTorrent 2019-02-25 11:03 - 2019-03-02 00:49 - 000000896 _____ C:\Users\Paweł\Desktop\µTorrent.lnk 2019-02-25 11:02 - 2019-02-25 11:02 - 002892544 _____ (BitTorrent Inc.) C:\Users\Paweł\Downloads\uTorrent.exe 2019-02-19 08:06 - 2019-02-19 08:07 - 000000000 ____D C:\ProgramData\Mozilla 2019-02-19 07:43 - 2019-03-19 11:02 - 000249152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys 2019-02-19 07:43 - 2019-02-19 07:43 - 000249672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbbc4d2192e718d4f.tmp ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-03-19 13:55 - 2016-12-15 20:30 - 000000000 ____D C:\FRST 2019-03-19 13:54 - 2018-09-15 18:23 - 000000000 ___HD C:\$WINDOWS.~BT 2019-03-19 13:41 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-03-19 12:40 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-03-19 12:37 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-03-19 12:25 - 2017-05-26 22:17 - 000000000 ____D C:\ProgramData\NVIDIA 2019-03-19 11:13 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-03-19 11:13 - 2016-04-16 17:46 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-03-19 11:11 - 2016-04-16 17:46 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-03-19 11:07 - 2018-11-20 14:59 - 000000000 ____D C:\Program Files\rempl 2019-03-19 11:07 - 2018-05-16 08:12 - 001766926 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-03-19 11:07 - 2018-04-12 16:51 - 000783372 _____ C:\WINDOWS\system32\perfh015.dat 2019-03-19 11:07 - 2018-04-12 16:51 - 000152032 _____ C:\WINDOWS\system32\perfc015.dat 2019-03-19 11:07 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2019-03-19 11:03 - 2018-05-16 08:21 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2019-03-19 11:02 - 2019-01-15 13:22 - 000254408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2019-03-19 11:02 - 2019-01-09 06:21 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys 2019-03-19 11:02 - 2019-01-09 06:21 - 000196304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2019-03-19 11:02 - 2019-01-09 06:21 - 000058168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2019-03-19 11:02 - 2019-01-09 06:21 - 000037320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2019-03-19 11:02 - 2018-11-22 13:45 - 000042496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2019-03-19 11:02 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-03-19 11:02 - 2017-11-20 08:05 - 000205608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2019-03-19 11:02 - 2016-04-16 15:03 - 001034640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2019-03-19 11:02 - 2016-04-16 15:03 - 000476256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2019-03-19 11:02 - 2016-04-16 15:03 - 000380160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2019-03-19 11:02 - 2016-04-16 15:03 - 000220632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2019-03-19 11:02 - 2016-04-16 15:03 - 000169104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2019-03-19 11:02 - 2016-04-16 15:03 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2019-03-19 11:02 - 2016-04-16 15:03 - 000088152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2019-03-19 11:00 - 2018-05-16 08:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-03-19 11:00 - 2018-05-16 08:04 - 000000000 ____D C:\Users\Paweł 2019-03-19 11:00 - 2018-05-16 07:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-03-19 10:53 - 2018-11-23 21:05 - 000000000 ____D C:\Program Files\CCleaner 2019-03-19 10:53 - 2016-10-21 22:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-03-19 10:53 - 2016-05-16 11:18 - 000000000 ____D C:\Program Files\WinRAR 2019-03-19 10:53 - 2016-04-18 17:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-03-17 14:25 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-03-17 09:59 - 2018-11-23 21:05 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2019-03-17 09:59 - 2018-11-23 21:05 - 000002234 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2019-03-17 09:59 - 2018-07-24 20:45 - 000003546 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2019-03-17 09:59 - 2018-05-16 08:21 - 000003848 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier 2019-03-17 09:59 - 2018-05-16 08:21 - 000003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-03-17 09:59 - 2018-05-16 08:21 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-03-17 09:59 - 2018-05-16 08:21 - 000003272 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2019-03-17 09:59 - 2018-05-16 08:21 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-03-17 09:59 - 2018-05-16 08:21 - 000003140 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-03-17 09:59 - 2018-05-16 08:21 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-03-17 09:59 - 2018-05-16 08:21 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-03-17 09:59 - 2018-05-16 08:21 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-03-17 09:59 - 2018-05-16 08:21 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-297230247-521389304-3291219411-1001 2019-03-17 09:59 - 2018-05-16 08:21 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-03-17 09:59 - 2018-05-16 08:21 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-03-17 08:50 - 2018-05-16 08:21 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2019-03-16 18:02 - 2018-05-16 21:10 - 000000000 ____D C:\Users\Paweł\AppData\Local\D3DSCache 2019-03-16 11:03 - 2017-01-28 13:14 - 000000000 ____D C:\Users\Paweł\AppData\Local\Ubisoft Game Launcher 2019-03-14 15:00 - 2016-05-16 11:18 - 000000000 ____D C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-03-14 15:00 - 2016-05-16 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-03-14 14:43 - 2016-04-22 17:11 - 000000000 ____D C:\Users\Paweł\AppData\Local\CrashDumps 2019-03-14 14:42 - 2016-04-15 19:20 - 000000000 ____D C:\ProgramData\Package Cache 2019-03-12 21:27 - 2016-04-16 15:04 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-03-12 21:27 - 2016-04-16 15:04 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-03-12 19:48 - 2016-04-15 19:42 - 000000000 ____D C:\temp 2019-03-11 07:42 - 2016-04-16 15:03 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3476c9cbdbead48c.tmp 2019-03-09 15:19 - 2018-05-16 08:04 - 000002407 _____ C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-03-09 15:19 - 2016-04-15 19:17 - 000000000 ___RD C:\Users\Paweł\OneDrive 2019-03-09 15:17 - 2018-03-30 11:01 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2019-03-05 17:11 - 2016-12-18 02:52 - 000000000 ____D C:\Users\Paweł\AppData\LocalLow\Mozilla 2019-03-05 12:46 - 2016-04-18 17:33 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-03-03 17:54 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-03-03 17:54 - 2018-04-12 00:41 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-02-25 15:52 - 2016-04-24 12:06 - 000000000 ____D C:\Users\Paweł\AppData\Roaming\DAEMON Tools Lite 2019-02-25 11:13 - 2017-11-04 08:33 - 000000000 ____D C:\Users\Paweł\AppData\Local\Packages 2019-02-25 11:12 - 2016-11-18 01:12 - 000000000 ____D C:\Users\Paweł\AppData\Local\GG 2019-02-19 07:43 - 2016-04-16 15:03 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4381ead2f3ed4f65.tmp 2019-02-19 07:41 - 2016-04-16 15:03 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8ee2a24ff1146aea.tmp 2019-02-19 07:41 - 2016-04-16 15:03 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5914c41d38dc049e.tmp 2019-02-19 07:41 - 2016-04-16 15:03 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2518851b58f6ce26.tmp 2019-02-19 07:41 - 2016-04-16 15:03 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw48be232df8625c80.tmp 2019-02-19 07:40 - 2019-01-15 13:22 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw12461fe2748f0a0a.tmp 2019-02-19 07:40 - 2019-01-09 06:21 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf4b198f708768687.tmp 2019-02-19 07:40 - 2019-01-09 06:21 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2209033e948d45db.tmp 2019-02-19 07:40 - 2019-01-09 06:21 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc7eecfbe14ad1b34.tmp 2019-02-19 07:40 - 2019-01-09 06:21 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw49f9932908c55c76.tmp 2019-02-19 07:40 - 2018-11-22 13:45 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9826fbe4d1565ba8.tmp 2019-02-19 07:40 - 2017-11-20 08:05 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw6e687e82033aabec.tmp 2019-02-19 07:40 - 2016-04-16 15:03 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2da39fb4d730dff9.tmp ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-05-27 07:33 - 2016-05-27 07:33 - 266040255 _____ () C:\Users\Paweł\AppData\Local\ACCCx3_6_0_248.zip.aamdownload 2016-05-27 07:33 - 2016-05-27 07:33 - 000003014 _____ () C:\Users\Paweł\AppData\Local\ACCCx3_6_0_248.zip.aamdownload.aamd 2018-04-19 11:24 - 2018-04-19 11:24 - 000000093 _____ () C:\Users\Paweł\AppData\Local\fusioncache.dat 2017-03-22 20:09 - 2017-03-22 20:09 - 000000858 _____ () C:\Users\Paweł\AppData\Local\recently-used.xbel ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dllhost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dllhost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-05-16 07:58 ==================== Koniec FRST.txt ============================