Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-03-2020 Uruchomiony przez Kornel (administrator) KORNEL-KOMPUTER (ASUSTeK Computer Inc. K53SD) (22-03-2020 17:09:09) Uruchomiony z C:\Users\Kornel\Downloads Załadowane profile: Kornel (Dostępne profile: Kornel) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Communications Inc. -> Atheros Communications) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications Inc. -> Atheros) [Brak podpisu cyfrowego] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Browny02\BrYNSvc.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Trusted Connect Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.INSERTGT\MSSQL\Binn\sqlservr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1063200 2000-01-01] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18368512 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [325704 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications Inc. -> Atheros Communications) [Brak podpisu cyfrowego] HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-14] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\MountPoints2: {4c7e62e6-d270-11e9-abce-0008ca699dbd} - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\MountPoints2: {4c7e62ed-d270-11e9-abce-0008ca699dbd} - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\MountPoints2: {61b1975c-dde1-11e9-a1a6-0008ca699dbd} - G:\cdstart.exe HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\MountPoints2: {8f2352ac-34e1-11e8-8c7c-c8600033f196} - G:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\MountPoints2: {d8eff6f3-eea8-11e9-9015-0008ca699dbd} - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\MountPoints2: {d8eff718-eea8-11e9-9015-0008ca699dbd} - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\MountPoints2: {d8eff71c-eea8-11e9-9015-0008ca699dbd} - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\MountPoints2: {d924f99c-bc91-11e7-9a7d-c8600033f196} - G:\start.exe HKU\S-1-5-21-3537411006-1111225352-3029918725-1000\...\MountPoints2: {ed0249ad-de1b-11e9-8d28-0008ca699dbd} - H:\cdstart.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-18] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.75\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2000-01-01] (NVIDIA CORPORATION -> NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2000-01-01] (NVIDIA CORPORATION -> NVIDIA Corporation) Startup: C:\Users\Kornel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shorte.st Miner.lnk [2020-02-15] ShortcutTarget: Shorte.st Miner.lnk -> C:\Users\Kornel\AppData\Local\ShortestMiner\ShortestMinerLauncher.exe (Red Sky Sp. z o.o. -> ) Startup: C:\Users\Kornel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk [2020-02-26] ShortcutTarget: Wysyłanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0779A59D-ED17-4925-AC3D-B7BB6E6B2F18} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {088058FE-14D3-4AB5-827B-06ED41388E96} - System32\Tasks\Opera scheduled Autoupdate 1530028125 => C:\Users\Kornel\AppData\Local\Programs\Opera\launcher.exe Task: {24D44A6F-42CD-4E38-9452-7AE2F257F3F1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-11] (Adobe Inc. -> Adobe) Task: {2624C508-3ED9-457B-9377-666489374630} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672 2017-07-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {290BFFB9-3D07-485F-8E3C-C43CBC57789D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {33BE3537-CDA5-4F7B-BF21-3A355A3F9A79} - System32\Tasks\Opera scheduled Autoupdate 1509039524 => C:\Users\Kornel\AppData\Local\Programs\Opera\launcher.exe Task: {39B46FC0-9E43-4191-84E8-4A942D4AECE2} - System32\Tasks\Opera scheduled Autoupdate 1532418812 => C:\Users\Kornel\AppData\Local\Programs\Opera\launcher.exe Task: {46D80896-3E12-415C-8A91-3F58B98E1106} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe) Task: {7015C311-EE52-4621-9CA9-13D98F28F5FF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {72C40FA7-4726-458A-B933-E8A9981C5176} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-16] (Google Inc -> Google Inc.) Task: {83406D93-2F61-41A1-9475-753F8067BDDA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649152 2017-07-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {89E54039-AAF9-423E-A4C8-2627FC585E6F} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe Task: {8F7950C1-D402-44C1-91DC-DC2726F17C85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-16] (Google Inc -> Google Inc.) Task: {9E17BF6B-F462-4ECB-B8DC-EA5C5439A6DA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649152 2017-07-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A357CD14-8F83-49C1-A2F4-A6BFD9D4C012} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies) Task: {AA39201F-AF4C-419F-81A4-FB20ABC3A3BF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {B164EE49-2E00-4FF5-8C0F-6EBF6C943D4E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [732096 2017-07-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B700CDC9-6F4A-43D3-8DE6-1573A0CF301B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {C1D0522D-5475-4280-9B41-F926A93D6299} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation) Task: {C9765FF1-7E2D-4779-A428-EDDD162E57CF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [732096 2017-07-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\AdvancedUpdater" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\AdvancedWindowsManager" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3537411006-1111225352-3029918725-1000" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1509039524" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1530028125" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1532418812" /ENABLE Task: {CA2FA895-3EF4-436E-81DB-E8B7A396F9F5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {CE945FC0-2225-41AC-9CB8-0725B19AF607} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3942704 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {DAD40AE1-0966-4549-A774-BF1A8CC69127} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-14] (Piriform Ltd -> Piriform Ltd) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{4DF56D15-76B8-4DA8-92A4-AAF959FC5040}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = BHO: YoutubeAdBlock -> {399E90C8-8940-4576-941A-BB7320CFDC35} -> C:\Program Files (x86)\ItMzimkWPIE\tIl1guLA.dll => Brak pliku BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-03-13] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2020-03-10] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-13] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2020-03-10] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-10] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-10] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-10] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-10] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-10] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: ftmnvkex.default-1551814200476 FF ProfilePath: C:\Users\Kornel\AppData\Roaming\Mozilla\Firefox\Profiles\ftmnvkex.default-1551814200476 [2020-03-22] FF Notifications: Mozilla\Firefox\Profiles\ftmnvkex.default-1551814200476 -> hxxps://tecknity.com FF Extension: (Tecknity Cookies) - C:\Users\Kornel\AppData\Roaming\Mozilla\Firefox\Profiles\ftmnvkex.default-1551814200476\Extensions\{92415ac9-584a-4f96-8042-61af270afb30}.xpi [2019-03-05] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [Brak pliku] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [Brak pliku] FF Plugin HKU\S-1-5-21-3537411006-1111225352-3029918725-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kornel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-09] (Unity Technologies SF -> Unity Technologies ApS) StartMenuInternet: Firefox-E86E93163372BD5B - D:\Programy\Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default [2020-03-22] CHR Notifications: Default -> hxxp://gatustox.net; hxxp://v3m.uuzu.com; hxxps://brainly.pl; hxxps://mail-notification.info; hxxps://www1p.bethanyharrell.pro; hxxps://www2a.debrahinton.pro; hxxps://www3a.bethanyharrell.pro CHR Extension: (Prezentacje) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-16] CHR Extension: (Dokumenty) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-16] CHR Extension: (Dysk Google) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-12] CHR Extension: (YouTube) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-16] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-02-26] CHR Extension: (ARC Welder) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2019-12-07] CHR Extension: (Arkusze) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-16] CHR Extension: (Dokumenty Google offline) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-12] CHR Extension: (Black red shards) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2018-01-16] CHR Extension: (Adblocker for Youtube™) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\knhlmjmhmopnilaiobepeigjfcihpmae [2020-03-12] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== UWAGA CHR Extension: (App Runtime for Chrome (Beta)) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2019-12-07] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-13] CHR Extension: (Gmail) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16] CHR Extension: (Chrome Media Router) - C:\Users\Kornel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20] CHR Extension: (Steam) - C:\Users\Kornel\Documents\Downloads\steam-2.1.3.apk_export_xCahF [2019-12-07] Opera: ======= StartMenuInternet: (HKLM) OperaStable - C:\Users\Kornel\AppData\Local\Programs\Opera\Launcher.exe ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros Communications Inc. -> Atheros) [Brak podpisu cyfrowego] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [Brak podpisu cyfrowego] R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [413544 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6094272 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-09-24] (BattlEye Innovations e.K. -> ) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] R2 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R2 MSSQL$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL12.INSERTGT\MSSQL\Binn\sqlservr.exe [372416 2016-06-18] (Microsoft Corporation -> Microsoft Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7677008 2017-10-16] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) S4 SQLAgent$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL12.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [613056 2016-06-18] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37928 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [206160 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [271704 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [207192 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [64344 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [43560 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [175472 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111144 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84096 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [849256 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [459192 2020-03-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [235280 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [316840 2020-03-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [42256 2019-09-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [59344 2019-09-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2000-01-01] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2000-01-01] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-07-19] (NVIDIA Corporation -> NVIDIA Corporation) R1 RsFx0320; C:\Windows\System32\DRIVERS\RsFx0320.sys [250048 2016-06-18] (Microsoft Corporation -> Microsoft Corporation) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2017-12-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-03-22 17:09 - 2020-03-22 17:11 - 000035209 ____C C:\Users\Kornel\Downloads\FRST.txt 2020-03-22 17:03 - 2020-03-22 17:03 - 000000000 __RDC C:\Users\Kornel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2020-03-22 16:55 - 2020-03-22 17:01 - 000010666 ____C C:\Users\Kornel\Desktop\Fixlog.txt 2020-03-22 16:54 - 2020-03-22 16:55 - 000004502 ____C C:\Users\Kornel\Downloads\ituclcujizjaavpi.txt 2020-03-22 16:51 - 2020-03-22 16:51 - 000671232 ____C C:\Users\Kornel\Downloads\MicrosoftFixit50688.msi 2020-03-22 15:31 - 2020-03-22 15:32 - 000262144 ____C C:\Windows\Minidump\032220-28516-01.dmp 2020-03-22 13:33 - 2020-03-22 13:33 - 000042570 ____C C:\Users\Kornel\Desktop\Shortcut.txt 2020-03-22 13:29 - 2020-03-22 13:33 - 000049435 ____C C:\Users\Kornel\Desktop\Addition.txt 2020-03-22 13:27 - 2020-03-22 13:33 - 000049657 ____C C:\Users\Kornel\Desktop\FRST.txt 2020-03-22 13:26 - 2020-03-22 17:10 - 000000000 ___DC C:\FRST 2020-03-22 13:24 - 2020-03-22 13:24 - 002279936 ____C (Farbar) C:\Users\Kornel\Downloads\FRST64.exe 2020-03-22 12:57 - 2020-03-22 13:04 - 000003868 ____C C:\Users\Kornel\Desktop\zadania nie usuwać.txt 2020-03-22 11:53 - 2020-03-22 11:53 - 001311170 ____C C:\Users\Kornel\Downloads\Fiz_SP_4_8_Swiat_fizyki_Kl_7_Kartkowka_5.1 siły.pdf 2020-03-21 21:54 - 2020-03-21 21:55 - 000001611 ____C C:\Users\Kornel\Desktop\Ligalegend.lnk 2020-03-21 19:27 - 2020-03-21 19:27 - 000262144 ____C C:\Windows\Minidump\032120-19780-01.dmp 2020-03-21 17:24 - 2020-03-21 17:25 - 000262144 ____C C:\Windows\Minidump\032120-18392-01.dmp 2020-03-21 16:48 - 2020-03-21 16:48 - 000262144 ____C C:\Windows\Minidump\032120-23353-01.dmp 2020-03-21 15:48 - 2020-03-21 15:48 - 000262144 ____C C:\Windows\Minidump\032120-20950-01.dmp 2020-03-21 15:01 - 2020-03-21 15:02 - 000262144 ____C C:\Windows\Minidump\032120-26972-01.dmp 2020-03-21 11:53 - 2020-03-21 11:54 - 000262144 ____C C:\Windows\Minidump\032120-21886-01.dmp 2020-03-20 21:28 - 2020-03-20 21:28 - 000262144 ____C C:\Windows\Minidump\032020-27315-01.dmp 2020-03-20 18:22 - 2020-03-20 20:32 - 000000000 ___DC C:\Users\Kornel\AppData\Local\Riot Games 2020-03-20 12:32 - 2020-03-20 12:32 - 000262144 ____C C:\Windows\Minidump\032020-22042-01.dmp 2020-03-19 14:25 - 2020-03-19 14:25 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2020-03-19 14:25 - 2008-07-12 08:18 - 003851784 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2020-03-19 14:25 - 2008-07-12 08:18 - 001493528 ____C (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2020-03-19 14:25 - 2008-07-12 08:18 - 000467984 ____C (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2020-03-18 22:36 - 2020-03-18 22:36 - 000262144 ____C C:\Windows\Minidump\031820-17222-01.dmp 2020-03-18 21:33 - 2020-03-18 21:33 - 000262144 ____C C:\Windows\Minidump\031820-20592-01.dmp 2020-03-18 19:33 - 2020-03-18 19:33 - 000262144 ____C C:\Windows\Minidump\031820-18423-01.dmp 2020-03-18 17:26 - 2020-03-18 21:19 - 000000000 ___DC C:\Users\Kornel\AppData\Roaming\TS3Client 2020-03-18 17:26 - 2020-03-18 17:26 - 000000584 ____C C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2020-03-18 17:26 - 2020-03-18 17:26 - 000000584 ____C C:\ProgramData\Desktop\TeamSpeak 3 Client.lnk 2020-03-18 17:26 - 2020-03-18 17:26 - 000000534 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk 2020-03-18 17:26 - 2020-03-18 17:26 - 000000000 ___DC C:\Users\Kornel\AppData\Local\TeamSpeak 3 2020-03-18 17:23 - 2020-03-18 17:24 - 088060112 ____C (TeamSpeak Systems GmbH) C:\Users\Kornel\Downloads\TeamSpeak3-Client-win64-3.3.2.exe 2020-03-18 17:04 - 2020-03-18 17:04 - 000262144 ____C C:\Windows\Minidump\031820-23836-01.dmp 2020-03-18 15:31 - 2020-03-18 15:32 - 000262144 ____C C:\Windows\Minidump\031820-23025-01.dmp 2020-03-18 10:53 - 2020-03-18 10:53 - 000000889 ____C C:\Users\Kornel\Desktop\Game Center.lnk 2020-03-18 10:53 - 2020-03-18 10:53 - 000000568 ____C C:\Users\Kornel\Desktop\World of Tanks EU.lnk 2020-03-18 10:53 - 2020-03-18 10:53 - 000000000 ___DC C:\Users\Kornel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net 2020-03-18 10:49 - 2020-03-18 10:49 - 000000000 ___DC C:\ProgramData\Wargaming.net 2020-03-18 09:58 - 2020-03-18 09:58 - 000262144 ____C C:\Windows\Minidump\031820-21200-01.dmp 2020-03-17 22:02 - 2020-03-17 22:02 - 000262144 ____C C:\Windows\Minidump\031720-23649-01.dmp 2020-03-17 12:20 - 2020-03-17 12:23 - 000000000 __RDC C:\Users\Kornel\Documents\Scanned Documents 2020-03-17 12:20 - 2020-03-17 12:20 - 000000000 ___DC C:\Users\Kornel\Documents\Fax 2020-03-13 16:37 - 2020-03-13 16:37 - 000129088 ____C (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2020-03-13 16:37 - 2020-03-13 16:37 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2020-03-13 16:36 - 2020-03-13 16:36 - 000000000 ___DC C:\Program Files\Java 2020-03-13 16:33 - 2020-03-13 16:35 - 076845600 ____C (Oracle Corporation) C:\Users\Kornel\Downloads\jre-8u241-windows-x64.exe 2020-03-13 11:15 - 2020-03-13 11:15 - 000262144 ____C C:\Windows\Minidump\031320-19484-01.dmp 2020-03-13 10:54 - 2020-03-13 10:55 - 000262144 ____C C:\Windows\Minidump\031320-28610-01.dmp 2020-03-13 07:49 - 2020-03-13 07:49 - 000004726 ____C C:\Users\Kornel\Downloads\zdj steam.jpeg 2020-03-12 14:40 - 2020-03-12 14:40 - 000000000 ___DC C:\ProgramData\AdvancedWindowsManager 2020-03-12 14:29 - 2020-03-22 17:00 - 000000008 _RSHC C:\Users\Kornel\ntuser.pol 2020-03-12 14:22 - 2020-03-12 14:22 - 000002083 ____C C:\Users\Kornel\Downloads\default.cfg 2020-03-12 14:20 - 2020-03-12 14:20 - 003554136 ____C (Alexander Roshal) C:\Users\Kornel\Downloads\winrar-x64-590b3nl.exe 2020-03-12 13:18 - 2020-03-22 17:00 - 000000008 _RSHC C:\ProgramData\ntuser.pol 2020-03-12 12:55 - 2020-03-12 12:55 - 000000000 ___DC C:\Users\Kornel\AppData\Local\UmbrellaDesign 2020-03-12 12:53 - 2020-03-12 12:53 - 000000000 ___DC C:\Windows\SysWOW64\scripts 2020-03-12 12:53 - 2020-03-12 12:53 - 000000000 ___DC C:\Windows\SysWOW64\launcher_logs 2020-03-11 14:48 - 2020-03-11 14:48 - 000266288 ____C C:\Windows\Minidump\031120-32479-01.dmp 2020-03-10 20:38 - 2020-03-13 09:54 - 000000000 ___DC C:\Windows\ShellNew 2020-03-09 15:24 - 2020-03-07 15:21 - 000368088 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2020-03-07 15:22 - 2020-03-07 15:21 - 000235280 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2020-03-07 15:22 - 2020-03-07 15:21 - 000175472 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2020-03-02 21:21 - 2020-03-02 21:21 - 000080408 ____C C:\Users\Kornel\Downloads\PIT Izabela Trzeciak.zip ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-03-22 17:00 - 2017-10-21 18:09 - 000000000 ___DC C:\ProgramData\NVIDIA 2020-03-22 17:00 - 2017-10-21 16:40 - 000000000 ___DC C:\Users\Kornel 2020-03-22 16:59 - 2009-07-14 06:08 - 000000006 ___HC C:\Windows\Tasks\SA.DAT 2020-03-22 16:57 - 2018-03-15 20:53 - 000000000 ___DC C:\Users\Kornel\AppData\LocalLow\Temp 2020-03-22 16:55 - 2009-07-14 04:20 - 000000000 ___DC C:\Windows\system32\GroupPolicy 2020-03-22 16:16 - 2009-07-14 05:45 - 000022752 ____C C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-03-22 16:16 - 2009-07-14 05:45 - 000022752 ____C C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-03-22 15:33 - 2019-03-24 14:49 - 000003190 ____C C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3537411006-1111225352-3029918725-1000 2020-03-22 15:33 - 2018-07-24 08:53 - 000003926 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1532418812 2020-03-22 15:33 - 2018-06-26 16:48 - 000004150 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1530028125 2020-03-22 15:33 - 2018-01-16 20:36 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-22 15:33 - 2018-01-16 20:36 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-03-22 15:33 - 2017-12-25 11:10 - 000002806 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-03-22 15:33 - 2017-12-25 11:09 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-03-22 15:33 - 2017-10-27 17:22 - 000004174 ____C C:\Windows\system32\Tasks\Antivirus Emergency Update 2020-03-22 15:33 - 2017-10-26 18:38 - 000004150 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1509039524 2020-03-22 15:33 - 2017-10-21 18:27 - 000003738 _____ C:\Windows\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-03-22 15:33 - 2017-10-21 18:27 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-03-22 15:33 - 2017-10-21 18:27 - 000003730 _____ C:\Windows\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-03-22 15:33 - 2017-10-21 18:27 - 000003554 _____ C:\Windows\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-03-22 15:33 - 2017-10-21 18:27 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-03-22 15:32 - 2019-10-03 16:43 - 000003446 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0 2020-03-22 15:32 - 2018-03-13 18:04 - 000004578 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-03-22 15:32 - 2017-10-30 16:44 - 000004424 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2020-03-22 15:31 - 2019-01-08 14:36 - 000000000 ___DC C:\Windows\Minidump 2020-03-22 15:07 - 2018-08-31 22:23 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2020-03-22 12:56 - 2017-10-25 15:11 - 000007987 ____C C:\Windows\BRRBCOM.INI 2020-03-22 11:59 - 2019-07-11 14:37 - 000002218 ____C C:\Users\Kornel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2020-03-22 11:59 - 2019-03-24 14:49 - 000000000 __RDC C:\Users\Kornel\OneDrive 2020-03-21 16:48 - 2017-12-25 20:34 - 000000000 ___DC C:\Windows\SysWOW64\NV 2020-03-21 16:48 - 2017-12-25 20:34 - 000000000 ___DC C:\Windows\system32\NV 2020-03-21 15:52 - 2019-04-27 14:30 - 000000000 ___DC C:\Users\Kornel\Documents\Bluetooth Folder 2020-03-20 21:29 - 2009-07-14 06:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2020-03-20 20:32 - 2017-10-26 17:05 - 000000000 ___DC C:\ProgramData\Riot Games 2020-03-18 20:15 - 2018-01-16 20:37 - 000002233 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-03-18 15:10 - 2018-01-03 16:39 - 000000000 ___DC C:\Users\Kornel\Desktop\No taaaaaaaaaak 2020-03-18 10:53 - 2018-09-23 18:00 - 000000000 ___DC C:\Users\Kornel\AppData\Roaming\Wargaming.net 2020-03-17 22:30 - 2019-03-24 14:44 - 000000000 ___DC C:\ProgramData\regid.1991-06.com.microsoft 2020-03-17 22:29 - 2009-07-14 04:20 - 000000000 ___DC C:\Program Files\Common Files\Microsoft Shared 2020-03-17 22:27 - 2019-03-24 14:23 - 000000000 ___DC C:\Program Files\Microsoft Office 2020-03-13 16:50 - 2019-08-30 07:22 - 000000000 ___DC C:\Users\Kornel\AppData\Roaming\.minecraft 2020-03-13 10:04 - 2017-10-25 19:57 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2020-03-13 10:04 - 2017-10-25 19:57 - 000000000 ___DC C:\Windows\system32\MRT 2020-03-13 09:56 - 2019-07-04 11:13 - 000000000 ___DC C:\Users\Kornel\AppData\Local\CrystalLauncherInstaller 2020-03-12 14:02 - 2017-11-03 08:27 - 000000000 ___DC C:\Users\Kornel\AppData\Local\CrashDumps 2020-03-11 14:59 - 2017-10-30 16:44 - 000842296 ____C (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2020-03-11 14:59 - 2017-10-30 16:44 - 000175160 ____C (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-03-11 14:59 - 2017-10-30 16:44 - 000000000 ___DC C:\Windows\system32\Macromed 2020-03-11 14:59 - 2017-10-27 17:22 - 000459192 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys 2020-03-11 14:58 - 2017-10-30 16:44 - 000000000 ___DC C:\Windows\SysWOW64\Macromed 2020-03-10 15:33 - 2019-03-21 13:20 - 000001971 ____C C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk 2020-03-10 15:33 - 2019-03-21 13:20 - 000001971 ____C C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk 2020-03-09 14:33 - 2017-11-20 22:44 - 000000000 ___DC C:\Users\Kornel\AppData\Local\ElevatedDiagnostics 2020-03-07 15:22 - 2017-10-27 17:22 - 000316840 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys 2020-03-07 15:21 - 2019-01-18 18:06 - 000271704 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys 2020-03-07 15:21 - 2019-01-18 18:02 - 000207192 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys 2020-03-07 15:21 - 2019-01-18 18:02 - 000064344 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys 2020-03-07 15:21 - 2019-01-18 18:02 - 000037928 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys 2020-03-07 15:21 - 2018-10-22 15:13 - 000043560 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys 2020-03-07 15:21 - 2017-11-27 15:44 - 000206160 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys 2020-03-07 15:21 - 2017-10-27 17:22 - 000849256 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2020-03-07 15:21 - 2017-10-27 17:22 - 000111144 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2020-03-07 15:21 - 2017-10-27 17:22 - 000084096 ____C (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2020-03-06 14:53 - 2009-07-14 04:20 - 000000000 ___DC C:\Windows\system32\NDF ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-08-28 16:50 - 2019-10-31 13:59 - 000000019 ____C () C:\Users\Kornel\AppData\Roaming\.crystalinst 2019-02-20 12:53 - 2019-02-20 12:53 - 000000128 ___HC () C:\Users\Kornel\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6 2019-10-03 16:42 - 2019-10-03 16:42 - 000000410 ____C () C:\Users\Kornel\AppData\Local\oobelibMkey.log 2017-12-25 20:29 - 2017-12-25 20:29 - 000000017 ____C () C:\Users\Kornel\AppData\Local\resmon.resmoncfg 2019-04-22 15:10 - 2019-04-22 15:10 - 000000000 ____C () C:\Users\Kornel\AppData\Local\{7DAE1951-7A4A-4349-9442-01320684A4C6} 2019-05-08 15:05 - 2019-05-08 15:05 - 000000000 ____C () C:\Users\Kornel\AppData\Local\{F0EB2ABA-56BF-462D-A8DC-596A8EC00D21} ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-03-18 13:33 ==================== Koniec FRST.txt ========================