Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 01-01-2020 Uruchomiony przez ppp (administrator) PPP-KOMPUTER (ASUSTeK Computer Inc. K52Je) (01-01-2020 19:38:38) Uruchomiony z C:\Users\ppp\Documents\Downloads Załadowane profile: ppp (Dostępne profile: ppp) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe (AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Razer USA Ltd. -> Razer Inc) C:\Program Files\Razer\Razer Services\GMS\GameManagerService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files\Razer\Razer Cortex\RzKLService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files\Razer\Razer Services\Razer Central\RazerCentralService.exe (Spotify AB -> Spotify Ltd) C:\Users\ppp\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Valve -> Valve Corporation) C:\Program Files\Razer\Razer Services\GMS\SteamCmd\steamcmd.exe (Valve -> Valve Corporation) C:\Program Files\Razer\Razer Services\GMS\SteamCmd\steamcmd.exe.old ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\...\Run: [] => [X] HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4360392 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [2427400 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP) HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\...\Run: [Spotify Web Helper] => C:\Users\ppp\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2018-05-26] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13643880 2018-05-24] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\...\Run: [AvastBrowserAutoLaunch_1747E2D0D1833B12ED2B44B997B7F8DA] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software) HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\...\MountPoints2: {1279b2c2-d271-11e7-9050-20cf306a6c61} - E:\AutoRun.exe HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\...\MountPoints2: {3eb486af-49e8-11e7-adb5-867fa1161c28} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\...\MountPoints2: {4596f8f3-1f9a-11e7-b0de-d0c2a63b904f} - E:\AutoRun.exe HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\...\MountPoints2: {4f551e9d-76a1-11e7-a535-c21b1885422a} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\...\MountPoints2: {8f5830df-9d1e-11e6-9905-806e6f6e6963} - E:\AutoRun.exe HKU\S-1-5-21-2252132449-3646690567-3808692471-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-26] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\77.2.2152.121\Installer\chrmstp.exe [2019-12-02] (AVAST Software s.r.o. -> AVAST Software) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0BB7C923-607A-48E2-9EE6-C8AF36583E39} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1051864 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {0F7D9DCA-5225-4415-BD7E-5C54BB1FA474} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\4.5.0\Scheduler.exe [1065248 2017-07-26] (IObit Information Technology -> IObit) Task: {1708C4B2-E220-4347-AE49-449F27AD5709} - System32\Tasks\{44426EFA-6BA9-45C3-9526-530F35D34ED1} => C:\Program Files\Google\Chrome\Application\chrome.exe Task: {2BF9C95F-BA2B-47F7-ABCC-BAFD9592C923} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13643880 2018-05-24] (Piriform Ltd -> Piriform Ltd) Task: {34923A27-0E47-423F-8B3D-FF2A9811F718} - System32\Tasks\{74E4F311-0452-481C-B2F9-F7C3E5C1DE5F} => C:\Program Files\Google\Chrome\Application\chrome.exe Task: {3A276F35-A919-4429-81C8-FE297627528D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [532176 2018-05-24] (Piriform Ltd -> Piriform Ltd) Task: {4BF38852-95AE-40DC-81D1-FDC198951A5E} - System32\Tasks\{C071E08B-E301-4BAF-BEF8-E9B66A84C6B5} => C:\Windows\system32\pcalua.exe -a C:\Users\ppp\Downloads\FacebookGameroom.exe -d C:\Users\ppp\Downloads Task: {612A758D-82C8-4981-BCE8-E9C7FB3F7A25} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-10-07] (AVAST Software s.r.o. -> AVAST Software) Task: {98DB5749-B654-441C-8CFD-91B60A5A6BF5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) Task: {9C2ED05D-6F01-4BCD-972E-81BB678054EC} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [3976712 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP) Task: {A79AF7C7-A0E6-46C9-B682-824F93B813B0} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software) Task: {C4052F93-EE66-4EC1-934A-DE3F6364B18C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.) Task: {C68CA1FC-0AA4-4012-8099-89ED5E5128AD} - System32\Tasks\{69B898C8-DAD3-46EB-AD44-07EB00222CB2} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\TeamSpeak 3 Client\package_inst.exe" -d C:\Users\ppp\Downloads -c "C:\Users\ppp\Downloads\soundboard-1.1b1-win32.ts3_plugin" Task: {CDB450F1-805D-4E02-ADAB-9B0110CCE70B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {D0FD0630-A443-442B-A51F-34F418455E2A} - System32\Tasks\Opera scheduled Autoupdate 1554563792 => C:\Users\ppp\AppData\Local\Programs\Opera\launcher.exe Task: {D6ABBC7C-8D1D-4079-B22D-B4606ADF9666} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin\InstallManagerApp.exe [9327304 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {D9C24D81-634D-4103-A397-9FD82800A24A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-03] (Google Inc -> Google Inc.) Task: {DD741FCF-B6AD-4AC6-BAA7-46007E4444C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\msoia.exe Task: {DFD50034-0594-4FBB-BF88-F3D00A591D70} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1542536 2019-09-20] (AVAST Software s.r.o. -> AVAST Software) Task: {EE72F4EA-D3DE-4DFF-B568-62642EBE3248} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-10-07] (AVAST Software s.r.o. -> AVAST Software) Task: {F23DF0C6-175C-446E-AFE2-EC0185697DED} - System32\Tasks\{C5C253F3-4B93-4E44-A845-5BF768EF845B} => C:\Program Files\Google\Chrome\Application\chrome.exe Task: {F700D79D-11D0-4198-8044-0F27BC866373} - System32\Tasks\Driver Booster SkipUAC (ppp) => C:\Program Files\IObit\Driver Booster\4.5.0\DriverBooster.exe [5586208 2017-07-28] (IObit Information Technology -> IObit) Task: {FCBAF230-17F2-47A5-8DCF-ADC04525580F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\msoia.exe Task: {FE09E155-D8FC-4CAD-ACAA-E2CB869B8EFE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{4B57DC79-CB71-4A5B-B714-E028C4173E77}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{D6C6051F-533B-450E-AE2A-8B15A42D0E05}: [DhcpNameServer] 192.168.8.1 Internet Explorer: ================== BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Brak pliku FireFox: ======== FF DefaultProfile: dwz99h1x.default FF ProfilePath: C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\dwz99h1x.default [2019-12-11] FF Extension: (AdBlock) - C:\Users\ppp\AppData\Roaming\Mozilla\Firefox\Profiles\dwz99h1x.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-05-09] FF Extension: (Brak nazwy) - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi [nie znaleziono] FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Brak pliku] FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc. -> RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) [Brak podpisu cyfrowego] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.pl/ CHR StartupUrls: Default -> "hxxps://www.google.pl/" CHR Notifications: Default -> hxxps://key-drop.pl; hxxps://pvpc.eu; hxxps://sprzedajemy.pl; hxxps://www.rmf24.pl CHR Profile: C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default [2019-12-29] CHR DownloadDir: D:\Bity\Russian Mix CHR Extension: (Prezentacje) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-14] CHR Extension: (Dokumenty) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-14] CHR Extension: (Dysk Google) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-14] CHR Extension: (YouTube) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-14] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-13] CHR Extension: (Arkusze) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-14] CHR Extension: (Dokumenty Google offline) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (AdBlock — best ad blocker) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-19] CHR Extension: (Cool Clock) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2018-06-14] CHR Extension: (Counter for Messenger) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldlagicdigidgnhniajpmoddkoakdoca [2019-03-28] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (Gmail) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29] CHR Extension: (Chrome Media Router) - C:\Users\ppp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-29] CHR Profile: C:\Users\ppp\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-20] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [216576 2016-02-26] (Advanced Micro Devices, Inc. -> AMD) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5106064 2019-12-19] (AVAST Software s.r.o. -> AVAST Software) S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-10-07] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-10-07] (AVAST Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\77.2.2152.121\elevation_service.exe [970088 2019-11-05] (AVAST Software s.r.o. -> AVAST Software) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3269224 2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-04] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 mracsvc; C:\Windows\System32\mracsvc.exe [7690000 2018-12-01] (Mail.Ru LLC -> LLC Mail.Ru) R2 Razer Game Manager Service; C:\Program Files\Razer\Razer Services\GMS\GameManagerService.exe [253776 2018-12-18] (Razer USA Ltd. -> Razer Inc) R2 RzActionSvc; C:\Program Files\Razer\Razer Services\Razer Central\RazerCentralService.exe [535424 2019-01-28] (Razer USA Ltd. -> Razer Inc.) R2 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [290352 2018-12-19] (Razer USA Ltd. -> Razer Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21758464 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [540672 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35512 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [174712 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [224008 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [169408 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [59368 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [211088 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41200 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [145048 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [95168 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73312 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691528 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [394856 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [176760 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277408 2019-10-06] (AVAST Software s.r.o. -> AVAST Software) R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-07-13] (Microsoft Windows -> Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [78848 2017-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2017-11-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2017-11-23] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2017-11-23] (Disc Soft Ltd -> Disc Soft Ltd) S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [95232 2017-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-11-23] (Martin Malik - REALiX -> REALiX(tm)) S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [6955760 2018-12-01] (Mail.Ru LLC -> LLC Mail.Ru) R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2017-11-23] (ASUSTeK Computer Inc. -> ASUS) R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [33024 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45144 2017-11-23] (Synaptics Incorporated -> Synaptics Incorporated) R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable_win7.sys [34024 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider) S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] () [Brak podpisu cyfrowego] U4 AppMgmt; Brak ImagePath U4 CscService; Brak ImagePath U4 PeerDistSvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-01-01 19:36 - 2020-01-01 19:40 - 000000000 ____D C:\FRST 2020-01-01 18:40 - 2020-01-01 18:40 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2020-01-01 18:40 - 2020-01-01 18:40 - 000002003 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk 2020-01-01 18:38 - 2019-10-06 17:34 - 000305032 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2019-12-19 20:44 - 2019-12-19 20:44 - 000003304 ____N C:\bootsqm.dat 2019-12-15 17:11 - 2019-12-29 23:32 - 000572606 _____ C:\Windows\ntbtlog.txt 2019-12-15 17:04 - 2019-12-15 17:04 - 000000000 ____D C:\Users\ppp\AppData\LocalLow\Oracle 2019-12-13 14:03 - 2019-12-13 14:35 - 000000000 ____D C:\Users\ppp\Desktop\wywołać ! ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-01-01 19:35 - 2009-07-14 05:34 - 000022432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-01-01 19:35 - 2009-07-14 05:34 - 000022432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-01-01 19:19 - 2018-07-21 20:37 - 000000000 ____D C:\Users\ppp\AppData\Local\AVAST Software 2020-01-01 19:19 - 2017-03-17 21:37 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2020-01-01 19:17 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-12-29 23:31 - 2016-10-26 21:03 - 000000000 ____D C:\Users\ppp 2019-12-29 23:10 - 2019-05-04 21:45 - 000000000 ____D C:\Program Files\Common Files\Oracle 2019-12-29 23:10 - 2019-05-04 21:44 - 000000000 ____D C:\Program Files\Common Files\Java 2019-12-29 23:10 - 2018-10-01 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2019-12-29 23:10 - 2017-11-23 19:16 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2019-12-29 23:10 - 2016-11-19 16:13 - 000000000 ____D C:\Program Files\Java 2019-12-29 23:10 - 2009-07-14 09:27 - 000000000 ___RD C:\Users\Public\Recorded TV 2019-12-29 23:10 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\registration 2019-12-29 23:10 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf 2019-12-19 20:54 - 2017-09-07 20:12 - 000000000 ____D C:\Program Files\Steam 2019-12-19 20:03 - 2017-05-03 19:42 - 000000000 ____D C:\Program Files\McAfee 2019-12-19 19:49 - 2016-11-13 13:10 - 000000000 ____D C:\Program Files\Common Files\McAfee 2019-12-15 22:11 - 2016-10-27 15:32 - 000000000 ____D C:\AMD 2019-12-15 13:34 - 2019-03-03 11:57 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2019-12-15 13:34 - 2019-03-03 11:57 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2019-12-13 11:39 - 2009-07-14 05:53 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2019-12-11 20:29 - 2018-12-27 16:52 - 000000000 ____D C:\Users\ppp\AppData\Local\Discord 2019-12-11 19:57 - 2018-10-08 15:50 - 000000000 ____D C:\Users\ppp\.junique 2019-12-10 18:06 - 2016-10-27 15:10 - 001683064 _____ C:\Windows\system32\PerfStringBackup.INI 2019-12-10 18:06 - 2009-07-14 09:07 - 000744994 _____ C:\Windows\system32\perfh015.dat 2019-12-10 18:06 - 2009-07-14 09:07 - 000158528 _____ C:\Windows\system32\perfc015.dat 2019-12-09 20:02 - 2019-04-06 16:16 - 000004108 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1554563792 2019-12-09 19:53 - 2016-11-06 13:48 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2019-12-02 18:31 - 2019-10-07 19:30 - 000003720 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) 2019-12-02 18:31 - 2019-10-07 19:30 - 000003138 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon) 2019-12-02 18:31 - 2019-10-07 19:30 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2019-12-02 18:31 - 2019-10-07 19:30 - 000002344 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk 2019-12-02 18:31 - 2019-10-07 19:30 - 000002344 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2018-10-08 15:49 - 2018-10-08 15:49 - 000000045 _____ () C:\Users\ppp\AppData\Roaming\.crystalinst 2017-02-05 14:05 - 2018-10-03 17:53 - 000012288 _____ () C:\Users\ppp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-11-06 16:49 - 2019-01-09 14:11 - 000007606 _____ () C:\Users\ppp\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2019-12-10 20:08 ==================== Koniec FRST.txt ========================