Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19-05.2019 Uruchomiony przez JOANNA (administrator) AS (ASUSTeK Computer Inc. K70IC) (23-05-2019 14:46:15) Uruchomiony z D:\C POBRANE Załadowane profile: JOANNA (Dostępne profile: JOANNA) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1") Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (SRS Labs, Inc -> SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18368512 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2563200682-88368706-2228718400-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.87\Installer\chrmstp.exe [2019-04-20] (AVAST Software s.r.o. -> AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2015-12-28] ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (SRS Labs, Inc -> Acresso Software Inc.) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0514FC83-8E5C-4828-A744-CB53E90C8CA2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0873EDA3-8792-4DC3-8277-22710E47D22C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0AFB1187-FCBE-4880-A8F7-097ACCC2ADC0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2563200682-88368706-2228718400-1000 Task: {12C2F722-A523-4975-977F-66E12BFBB62E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {18E194EE-D2E4-43EC-BCEF-8E005B588D6E} - System32\Tasks\{DAE6D38D-DC33-428E-8536-A7D4BC3BE602} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\ Task: {216E166F-F5A0-4E11-BC68-55D6413073A1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {349D609F-4414-4A28-8D21-0F8D3B70CF1F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768 2007-11-30] (ASUSTeK Computer Inc. -> ) Task: {41D58235-53CE-4724-9C05-63D8AB176E23} - \AvastUpdateTaskMachineCore -> Brak pliku <==== UWAGA Task: {50EC0BAD-6A7F-4700-89C7-BD93CF15295D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {612836F2-EACF-454F-B27F-665F3CA94E59} - System32\Tasks\{6D50BFB9-6ADC-4C81-B331-28C0C3794C83} => D:\GAME\Colin McRae Rally 2003\RunRally_3PC.exe [33792 2015-12-26] (CD Projekt) [Brak podpisu cyfrowego] Task: {670F81CE-B54E-42CD-A867-F70523CD4A2E} - \Avast Secure Browser Heartbeat Task (Logon) -> Brak pliku <==== UWAGA Task: {69F42514-128C-4B2E-BA79-3617C69387ED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-05-21] (AVAST Software s.r.o. -> AVAST Software) Task: {6B08F398-0055-48E6-B5F6-C376A1EAE6C0} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {6B9B30EB-1826-4966-ACF6-42BBE781D98D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [1286144 2017-09-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {6E692683-987E-4112-B88A-440758C79B4D} - System32\Tasks\CCleanerSkipUAC => D:\APP\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd) Task: {756B7FB9-F059-4B53-8A7F-E9CDF6B1B427} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {8FB983A4-20DA-40EC-9937-4B0C868E4BF6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {947558F4-5E0D-425E-A05C-CDC7F3ED36E5} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {A155DD30-F308-43B8-BB84-01DF12F409E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.) Task: {AB77C1AB-8F09-47EB-BB7E-401D92DAD221} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BDF17340-E2E5-409E-9EC3-11D1F7F2EC51} - \Avast Secure Browser Heartbeat Task (Hourly) -> Brak pliku <==== UWAGA Task: {C711A28E-372F-47C2-8AD5-CA1681F83644} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-21] (Adobe Inc. -> Adobe) Task: {DB0664B3-704A-44D0-A608-0C0D6D243D90} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DE1D67DE-CFA5-4341-A517-EC07090301CE} - System32\Tasks\SafeZone scheduled Autoupdate 1458373398 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {E16DBEF5-8514-4916-A238-7F2118D4D83F} - \AvastUpdateTaskMachineUA -> Brak pliku <==== UWAGA Task: {E2D56385-74D7-4E3A-9ABF-2928BD1F7D39} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EAE02AD6-C9DD-4A5A-A385-1F35EC92F086} - System32\Tasks\{EEAA2E5A-8423-417C-A645-3B036C00F125} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\ Task: {EB890C74-A8FA-4D2D-8A88-48359129C42B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F4BE1D99-550A-4162-909C-B6469B35C0B5} - System32\Tasks\CCleaner Update => D:\APP\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F9FDE71B-5F4A-4EDD-824B-1CF06D9702EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206 Tcpip\..\Interfaces\{1400D621-F935-4671-A879-9B6E6682D79D}: [DhcpNameServer] 217.172.224.160 89.231.1.206 Internet Explorer: ================== HKU\S-1-5-21-2563200682-88368706-2228718400-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/ SearchScopes: HKU\S-1-5-21-2563200682-88368706-2228718400-1000 -> DefaultScope {47E3D5FB-BCDB-44AA-8B2D-9AC6DA3D27ED} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-2563200682-88368706-2228718400-1000 -> {47E3D5FB-BCDB-44AA-8B2D-9AC6DA3D27ED} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-09] (Google Inc -> Google Inc.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-09] (Google Inc -> Google Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-09] (Google Inc -> Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-09] (Google Inc -> Google Inc.) DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1482523525179 FireFox: ======== FF ProfilePath: C:\Users\JOANNA\AppData\Roaming\TomTom\HOME\Profiles\ly5ke97y.default [2019-04-08] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-04-08] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.pl/" CHR Profile: C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default [2019-05-21] CHR Extension: (Prezentacje) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-18] CHR Extension: (Dokumenty) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-18] CHR Extension: (Dysk Google) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21] CHR Extension: (YouTube) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21] CHR Extension: (Google Search) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21] CHR Extension: (Video Downloader professional) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-12] CHR Extension: (Arkusze) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-18] CHR Extension: (Dokumenty Google offline) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-02] CHR Extension: (Mountain River) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hldnnpdpbcplkacehcbafmncblojlead [2019-02-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04] CHR Extension: (Gmail) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15] CHR Extension: (Chrome Media Router) - C:\Users\JOANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-10] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-04-20] (AVAST Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-04-20] (AVAST Software s.r.o. -> AVAST Software) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S3 AvastSecureBrowserElevationService; "C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.87\elevation_service.exe" [X] R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> ) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation ) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12528 2015-12-25] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Brak podpisu cyfrowego] S3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSG664.sys [56832 2009-06-10] (Microsoft Windows -> Silicon Integrated Systems Corp.) S1 epp; \??\C:\Program Files\Emsisoft Anti-Malware\epp.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-05-23 11:47 - 2019-05-23 11:47 - 000003588 _____ C:\Users\JOANNA\AppData\Local\recently-used.xbel 2019-05-22 19:38 - 2019-05-22 19:39 - 000000000 _____ C:\Windows\system32\cd 2019-05-22 18:56 - 2019-05-22 19:04 - 000192788 _____ C:\Windows\ntbtlog.txt 2019-05-22 15:45 - 2019-05-22 15:52 - 000000000 ____D C:\Windows\SysWOW64\catroot2.bak 2019-05-21 18:42 - 2019-05-21 19:15 - 000002119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2019-05-21 18:41 - 2019-05-21 19:15 - 000000000 ____D C:\Program Files\Microsoft Security Client 2019-05-21 18:41 - 2019-05-21 19:14 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client 2019-05-21 11:55 - 2019-05-21 11:55 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software 2019-05-21 11:54 - 2019-05-21 16:32 - 000000000 ____D C:\Program Files\Common Files\AVAST Software 2019-05-12 18:08 - 2019-05-12 18:08 - 012019984 _____ (OPSWAT, Inc.) C:\Users\JOANNA\Downloads\appremover-3-1-34-1.exe 2019-05-07 13:28 - 2019-05-07 13:28 - 000000000 ____D C:\ProgramData\VS Revo Group 2019-05-05 10:12 - 2019-05-22 10:43 - 000000000 ____D C:\Program Files\VS Revo Group ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-05-23 14:46 - 2016-12-22 12:37 - 000000000 ____D C:\FRST 2019-05-23 14:33 - 2009-07-14 06:45 - 000010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-05-23 14:33 - 2009-07-14 06:45 - 000010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-05-23 14:26 - 2015-12-16 16:13 - 000000000 ____D C:\ProgramData\NVIDIA 2019-05-23 14:25 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-05-22 19:35 - 2018-03-23 11:48 - 000000000 ____D C:\Windows\pss 2019-05-22 17:38 - 2015-12-14 17:59 - 000000000 ____D C:\Users\JOANNA\AppData\Local\ElevatedDiagnostics 2019-05-21 21:37 - 2015-12-21 18:07 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-05-21 19:15 - 2019-04-09 14:21 - 000001912 _____ C:\Windows\epplauncher.mif 2019-05-21 16:41 - 2019-04-20 16:05 - 000000000 ____D C:\ProgramData\AVAST Software 2019-05-21 16:34 - 2018-06-21 11:18 - 000000000 ____D C:\Users\JOANNA\AppData\Local\AVAST Software 2019-05-21 14:58 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-05-21 12:13 - 2017-11-12 10:47 - 000003850 _____ C:\Windows\System32\Tasks\CCleaner Update 2019-05-21 12:13 - 2017-01-17 17:01 - 000000636 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-05-21 12:11 - 2018-04-24 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-05-21 12:11 - 2015-12-29 12:35 - 000004414 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2019-05-21 12:11 - 2015-12-11 12:01 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-05-21 12:11 - 2015-12-11 12:01 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-05-21 12:10 - 2015-12-11 12:01 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-05-21 12:10 - 2015-12-11 12:01 - 000000000 ____D C:\Windows\system32\Macromed 2019-05-15 14:20 - 2015-12-10 15:23 - 000000000 ____D C:\Windows\system32\MRT 2019-05-15 14:14 - 2015-12-10 15:23 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-05-15 14:08 - 2015-12-13 22:24 - 001641796 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2019-05-15 14:08 - 2009-08-03 21:55 - 000740348 _____ C:\Windows\system32\perfh015.dat 2019-05-15 14:08 - 2009-08-03 21:55 - 000155890 _____ C:\Windows\system32\perfc015.dat 2019-05-15 14:07 - 2009-07-14 07:13 - 001641796 _____ C:\Windows\system32\PerfStringBackup.INI 2019-05-15 10:29 - 2015-12-21 18:06 - 000003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2019-05-15 10:29 - 2015-12-21 18:06 - 000003354 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2019-05-15 10:21 - 2015-12-12 10:44 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Pliki w katalogu głównym wybranych folderów ======= 2018-10-16 22:04 - 2018-10-16 22:57 - 000006144 _____ () C:\Users\JOANNA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-05-23 11:47 - 2019-05-23 11:47 - 000003588 _____ () C:\Users\JOANNA\AppData\Local\recently-used.xbel 2018-02-22 14:10 - 2018-03-05 19:22 - 000007589 _____ () C:\Users\JOANNA\AppData\Local\Resmon.ResmonCfg ==================== SigCheck =============================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2019-05-13 17:02 ==================== Koniec FRST.txt ============================