Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 26-02-2020 Uruchomiony przez Bartek (administrator) BARTEK-KOMPUTER (Dell Inc. Vostro 1440) (03-03-2020 19:23:19) Uruchomiony z C:\Users\Bartek\Downloads Załadowane profile: Bartek (Dostępne profile: Bartek & 3 & Gość) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Dell Inc.) [Brak podpisu cyfrowego] C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE (Dell Inc.) [Brak podpisu cyfrowego] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.) [Brak podpisu cyfrowego] C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Google Inc -> Google Inc.) C:\Users\Bartek\AppData\Local\Google\Update\GoogleUpdate.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Temp\GUMA6BA.tmp\GoogleUpdate.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{82B5386F-EA9B-437D-A132-CF0385DCDB50}\GoogleUpdateSetup.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (OpenOffice.org) [Brak podpisu cyfrowego] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) [Brak podpisu cyfrowego] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [6476288 2012-06-20] (Dell Inc.) [Brak podpisu cyfrowego] HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [791512 2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [585176 2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228136 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKU\S-1-5-21-2108473784-4053231178-3037657491-1000\...\Run: [Google Update] => C:\Users\Bartek\AppData\Local\Google\Update\1.3.35.442\GoogleUpdateCore.exe [217544 2020-02-21] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.) Startup: C:\Users\3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2015-10-04] ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () [Brak podpisu cyfrowego] Startup: C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012-09-07] ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () [Brak podpisu cyfrowego] ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {029CBC1A-7CE5-4BC0-A234-539EDEDB2BA1} - System32\Tasks\{321567E9-DC0F-4492-8FE9-58673FBC044F} => D:\Program Files\Sports Interactive\Football Manager 2008\fm.exe [22242560 2008-02-17] (Sega Europe Limited -> Sports Interactive) [Brak podpisu cyfrowego] Task: {09949C44-6793-4973-B6B3-FA363F000F9B} - System32\Tasks\{6EB78EC8-7617-46E8-97EC-89C74FBF7698} => D:\VirtualDub-1.10.2\VirtualDub.exe [2960896 2012-08-04] () [Brak podpisu cyfrowego] Task: {18868731-F28B-43C0-B6A8-A17A59BBF35D} - System32\Tasks\{EF0EED71-D4A2-4D27-BD2F-3E8CB0F1FC3F} => C:\Program Files (x86)\Sports Interactive\Football Manager 2008 Gold Demo\fm.exe [38703104 2007-09-27] (Sports Interactive) [Brak podpisu cyfrowego] Task: {2184834F-09C0-4121-A723-382A816229A4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe Task: {3FF353AD-4C7C-47A8-914E-21B7E73EF0D0} - System32\Tasks\{1E36FF10-3399-43AD-AFA4-B56384E57DEA} => C:\Windows\system32\pcalua.exe -a "C:\Users\Bartek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HXB3ILOQ\jre-8u151-windows-i586.exe" -d C:\Users\Bartek\Desktop Task: {4E6B98B4-1A32-4573-835B-CC2E5BE95D8F} - System32\Tasks\{F6703F5F-8F71-433C-8AE1-C8E018E4BB27} => C:\Users\Bartek\AppData\Local\Programs\TSTrader\TSTrader.exe [71275944 2019-03-03] (Tradovate, LLC -> Tradovate, LLC) Task: {539F0410-E9EB-4355-9374-C190D8853775} - System32\Tasks\{19DECB24-F3FA-4DD7-BC82-46007101A631} => C:\Users\Bartek\AppData\Local\Programs\TSTrader\TSTrader.exe [71275944 2019-03-03] (Tradovate, LLC -> Tradovate, LLC) Task: {7353D73E-30DB-4304-A409-EB32E1898B5B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-21] (Adobe Inc. -> Adobe) Task: {8D502A9C-7A16-4F8C-8CEA-F2B0461AC4E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2108473784-4053231178-3037657491-1000Core => C:\Users\Bartek\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {A368F780-58B9-4123-B1BB-60C088F1E1DF} - \MicrosoftEdgeUpdateTaskMachineCore -> Brak pliku <==== UWAGA Task: {AA3D3A03-7A52-46D5-B330-ED53C44DA77D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2108473784-4053231178-3037657491-1000UA => C:\Users\Bartek\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {B94A7828-C4B9-496B-96EC-838CCE075838} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {C493B598-4376-45B2-92AE-EC16A9384A28} - System32\Tasks\{E0310FD5-049E-4032-9EEA-52499A05AAD0} => C:\Users\Bartek\AppData\Local\Programs\TSTrader\TSTrader.exe [71275944 2019-03-03] (Tradovate, LLC -> Tradovate, LLC) Task: {EDC5BDE9-9E80-4CB2-ABDA-673DD1ADCE10} - System32\Tasks\{5C232575-574D-4D12-B163-62D5D032F720} => C:\Program Files (x86)\Sports Interactive\Football Manager 2008 Gold Demo\fm.exe [38703104 2007-09-27] (Sports Interactive) [Brak podpisu cyfrowego] Task: {F2ABC5B4-426A-4FF3-8497-DC1AB423698B} - System32\Tasks\{4C6A1653-BFE3-44B3-BE6E-052BB2073547} => D:\VirtualDub-1.10.2\VirtualDub.exe [2960896 2012-08-04] () [Brak podpisu cyfrowego] Task: {F4E6B4A2-D17B-406A-82D8-C8602D79C915} - \AviraSystemSpeedupUpdate -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{36EE0EEB-31BB-4A93-B4C9-FA261CF74671}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{548D5196-F54C-4036-8DC5-8001AF83FB88}: [DhcpNameServer] 150.254.65.22 150.254.65.21 Tcpip\..\Interfaces\{E52A3280-2B89-46E5-B60C-B5870FB89094}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-03-27] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-03-27] (Oracle America, Inc. -> Oracle Corporation) DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1583186075418 DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FireFox: ======== FF DefaultProfile: 1y2l3560.default-1466718734798 FF ProfilePath: C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\1y2l3560.default-1466718734798 [2020-03-03] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_330.dll [2020-02-23] (Adobe Inc. -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_330.dll [2020-02-23] (Adobe Inc. -> ) FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2019-05-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-16] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2108473784-4053231178-3037657491-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Bartek\AppData\Local\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin HKU\S-1-5-21-2108473784-4053231178-3037657491-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Bartek\AppData\Local\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default [2020-03-03] CHR HomePage: Default -> hxxp://www.google.com/ CHR Extension: (James White) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2012-06-20] CHR Extension: (YouTube) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02] CHR Extension: (Avira Password Manager) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2020-03-02] CHR Extension: (Avira Safe Shopping) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-03-02] CHR Extension: (Google Search) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Adobe Acrobat) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-19] CHR Extension: (Gmail) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25] CHR Extension: (Chrome Media Router) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-01] CHR Profile: C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-10-20] CHR HKU\S-1-5-21-2108473784-4053231178-3037657491-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] StartMenuInternet: Google Chrome - C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208848 2020-02-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-02-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-02-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574952 2020-02-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223336 2020-03-02] (Microsoft Corporation -> Microsoft Corporation) S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223336 2020-03-02] (Microsoft Corporation -> Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [301568 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5820928 2012-06-20] (Dell Inc.) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ALSysIO; Brak ImagePath S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222696 2020-02-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) S3 mtkmbim; C:\Windows\System32\DRIVERS\mtkmbim7_x64.sys [208896 2012-12-13] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [528384 2011-05-27] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 wdf_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [81408 2014-03-04] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-03-03 19:23 - 2020-03-03 19:25 - 000025307 _____ C:\Users\Bartek\Downloads\FRST.txt 2020-03-03 19:12 - 2020-03-03 19:13 - 002279424 _____ (Farbar) C:\Users\Bartek\Downloads\FRST64.exe 2020-03-03 09:00 - 2019-06-10 11:04 - 003566216 _____ C:\Users\Bartek\Desktop\Gemalto.Minidriver.IDPrime_64.msi 2020-03-02 23:13 - 2020-03-02 23:13 - 003837440 _____ C:\Users\Bartek\Downloads\IDGo800_PKCS11_Library_x64.msi 2020-03-02 23:07 - 2020-03-02 23:08 - 060370176 _____ (Google LLC) C:\Users\Bartek\Downloads\ChromeStandaloneSetup64.exe 2020-03-02 22:56 - 2020-03-02 22:56 - 000000000 ____D C:\Users\3\Downloads\Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB3175443) 2020-03-02 22:56 - 2020-03-02 22:56 - 000000000 ____D C:\53d4c9c57c039059485c4ee3 2020-03-02 19:27 - 2020-03-02 19:27 - 001852168 _____ (Microsoft Corporation) C:\Users\3\Downloads\MicrosoftEdgeSetup.exe 2020-03-02 19:17 - 2020-03-02 19:17 - 000000000 ____D C:\Windows\Downloaded Installations 2020-03-02 19:16 - 2020-03-02 19:16 - 000000000 ____D C:\Users\3\Documents\SCR3xxx_win_installer_V8.52 2020-03-02 18:10 - 2020-03-02 18:10 - 000000000 ____D C:\Users\3\AppData\Local\Google 2020-03-02 18:10 - 2020-03-02 18:10 - 000000000 ____D C:\Program Files (x86)\Google 2020-03-02 18:09 - 2020-03-02 18:09 - 001288408 _____ (Google LLC) C:\Users\3\Downloads\ChromeSetup.exe 2020-03-02 06:56 - 2020-03-03 09:31 - 000000000 ____D C:\Program Files (x86)\Gemalto 2020-03-02 06:56 - 2020-03-02 06:56 - 000000000 ____D C:\ProgramData\Gemalto 2020-03-02 00:28 - 2020-03-03 09:36 - 000000000 ____D C:\Users\Bartek\AppData\Local\Citrix 2020-03-02 00:28 - 2020-03-02 00:28 - 000000000 ____D C:\Users\Bartek\AppData\Roaming\ICAClient 2020-03-02 00:11 - 2020-03-02 00:11 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf 2020-03-02 00:11 - 2019-03-20 18:50 - 000078600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2020-03-02 00:11 - 2019-03-20 18:50 - 000035376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys 2020-03-02 00:10 - 2020-02-13 21:40 - 000222696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2020-03-02 00:10 - 2019-09-19 09:07 - 000175808 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2020-03-02 00:10 - 2019-06-07 14:09 - 000068152 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys 2020-03-02 00:10 - 2019-03-20 18:50 - 000036072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2020-03-02 00:02 - 2020-03-02 00:02 - 000000000 ____D C:\Users\Bartek\AppData\Local\Avira 2020-03-02 00:01 - 2020-03-02 19:11 - 000000000 ____D C:\Users\Public\Speedup Sessions 2020-03-02 00:00 - 2020-03-02 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2020-03-02 00:00 - 2020-03-02 00:00 - 000001192 _____ C:\Users\Public\Desktop\Avira.lnk 2020-03-02 00:00 - 2020-03-02 00:00 - 000001192 _____ C:\ProgramData\Desktop\Avira.lnk 2020-03-01 23:32 - 2020-03-02 00:10 - 000000000 ____D C:\Program Files (x86)\Avira 2020-03-01 23:29 - 2020-03-01 23:29 - 003837440 _____ C:\Users\3\Downloads\IDGo800_PKCS11_Library_x64.msi 2020-03-01 23:24 - 2020-03-01 23:24 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf 2020-03-01 23:19 - 2020-03-02 00:10 - 000000000 ____D C:\ProgramData\Avira 2020-03-01 23:19 - 2020-03-01 23:19 - 000000000 ____D C:\Users\3\AppData\Roaming\ICAClient 2020-03-01 23:19 - 2020-03-01 23:19 - 000000000 ____D C:\Users\3\AppData\Local\Citrix 2020-03-01 23:19 - 2020-03-01 23:19 - 000000000 ____D C:\ProgramData\Citrix 2020-03-01 23:18 - 2020-03-01 23:18 - 000002581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Workspace.lnk 2020-03-01 23:17 - 2020-03-01 23:17 - 004017192 _____ (Avira Operations GmbH & Co. KG) C:\Users\3\Downloads\avira_en_sptl1_5e5c34539ea22__pavwws-spotlight-release.exe 2020-03-01 23:16 - 2020-03-01 23:16 - 000000000 ____D C:\Program Files (x86)\Citrix 2020-03-01 20:17 - 2020-03-01 20:17 - 000000000 ____D C:\Users\Bartek\AppData\Roaming\Pointstone 2020-03-01 20:17 - 2020-03-01 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Cleaner 4 2020-03-01 20:17 - 2020-03-01 20:17 - 000000000 ____D C:\Program Files (x86)\Pointstone 2020-03-01 17:14 - 2020-03-01 17:14 - 062008080 _____ (Microsoft Corporation) C:\Users\3\Downloads\NDP462-KB3151800-x86-x64-AllOS-ENU.exe 2020-03-01 17:09 - 2020-03-01 17:09 - 000000000 ____D C:\82737b8cb3d0d256e00038 2020-02-27 07:14 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2020-02-27 06:54 - 2020-02-27 06:54 - 123551704 _____ (Citrix Systems, Inc.) C:\Users\3\Downloads\CitrixWorkspaceApp.exe 2020-02-23 15:40 - 2020-02-23 15:40 - 006350904 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2020-02-19 19:38 - 2020-02-19 19:38 - 000000000 ____D C:\Users\3\Desktop\Stare dane programu Firefox 2020-02-18 19:23 - 2020-02-18 19:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-03-03 19:24 - 2015-11-15 14:44 - 000000000 ____D C:\FRST 2020-03-03 09:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2020-03-03 09:15 - 2015-08-06 17:09 - 000007621 _____ C:\Users\Bartek\AppData\Local\Resmon.ResmonCfg 2020-03-03 09:15 - 2009-07-14 05:45 - 000022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-03-03 09:15 - 2009-07-14 05:45 - 000022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-03-03 09:10 - 2018-09-13 13:50 - 000000443 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2020-03-03 09:07 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-03-03 08:58 - 2011-04-12 14:21 - 000748336 _____ C:\Windows\system32\perfh015.dat 2020-03-03 08:58 - 2011-04-12 14:21 - 000161906 _____ C:\Windows\system32\perfc015.dat 2020-03-03 08:58 - 2009-07-14 06:13 - 001680726 _____ C:\Windows\system32\PerfStringBackup.INI 2020-03-02 22:54 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\Downloaded Program Files 2020-03-02 22:32 - 2016-12-24 23:30 - 000000000 ____D C:\Users\3\AppData\LocalLow\Mozilla 2020-03-02 20:29 - 2012-06-20 22:46 - 000000000 __RHD C:\Users\Bartek\Desktop\Do wszystkiego 2020-03-02 19:45 - 2012-11-24 20:50 - 000000000 ____D C:\Users\Bartek\AppData\Roaming\EasyTask 2020-03-02 00:48 - 2012-10-08 15:34 - 000064944 _____ C:\Users\3\AppData\Local\GDIPFONTCACHEV1.DAT 2020-03-02 00:27 - 2012-06-20 22:24 - 000064944 _____ C:\Users\Bartek\AppData\Local\GDIPFONTCACHEV1.DAT 2020-03-02 00:25 - 2009-07-14 05:45 - 000296984 _____ C:\Windows\system32\FNTCACHE.DAT 2020-03-01 23:18 - 2017-03-29 19:17 - 000000000 ____D C:\ProgramData\Package Cache 2020-03-01 22:23 - 2012-06-21 18:59 - 001644996 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2020-03-01 19:46 - 2016-11-21 00:11 - 000000000 ____D C:\Users\Bartek\AppData\LocalLow\Mozilla 2020-02-27 23:01 - 2012-06-20 22:37 - 000002402 _____ C:\Users\Bartek\Desktop\Google Chrome.lnk 2020-02-27 23:01 - 2012-06-20 22:30 - 000002439 _____ C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-02-23 15:40 - 2012-06-20 21:35 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2020-02-23 15:40 - 2012-06-20 21:35 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-02-23 15:40 - 2012-06-20 21:35 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-02-23 15:40 - 2012-06-20 21:35 - 000000000 ____D C:\Windows\system32\Macromed 2020-02-21 20:43 - 2012-06-20 22:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-02-16 00:15 - 2015-06-27 00:17 - 000000000 ____D C:\Users\Bartek\AppData\Roaming\BESTplayer 2020-02-03 21:11 - 2019-01-02 07:48 - 000000000 ____D C:\Program Files (x86)\MetaTrader Standard ==================== Pliki w katalogu głównym wybranych folderów ======== 2013-05-27 17:23 - 2013-05-27 17:23 - 000003584 _____ () C:\Users\Bartek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-08-06 17:09 - 2020-03-03 09:15 - 000007621 _____ () C:\Users\Bartek\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2018-06-27 20:34 ==================== Koniec FRST.txt ========================