Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-01-2020 Uruchomiony przez Dawid (administrator) DAWID-KOMPUTER (02-02-2020 19:07:55) Uruchomiony z C:\Users\Dawid\Downloads Załadowane profile: Dawid (Dostępne profile: Dawid) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Dawid\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Dawid\AppData\Roaming\BitTorrent\updates\7.10.5_45496\bittorrentie.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Dawid\AppData\Roaming\BitTorrent\updates\7.10.5_45496\bittorrentie.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) F:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) H:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) H:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) H:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) H:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) H:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) H:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) H:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) H:\Steam\Steam.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316336 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-905025479-3360787756-3824249098-1001\...\Run: [Steam] => h:\Steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation) HKU\S-1-5-21-905025479-3360787756-3824249098-1001\...\Run: [BitTorrent] => C:\Users\Dawid\AppData\Roaming\BitTorrent\BitTorrent.exe [2066160 2020-01-12] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-905025479-3360787756-3824249098-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) GroupPolicy: Ograniczenia - Chrome <==== UWAGA FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1AC02D9A-644B-4056-A690-945C12CE0C82} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {7EA26339-A938-4E5A-AE93-D61A0CCD9A3F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {AE1268C2-9286-4652-B116-56D6F0E7AACD} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{004CC276-7C49-4759-A539-9061021AB477}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-905025479-3360787756-3824249098-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-905025479-3360787756-3824249098-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 -> DefaultScope - brak wartości Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) FireFox: ======== FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin HKU\S-1-5-21-905025479-3360787756-3824249098-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2019-12-01] (Ubisoft Entertainment Sweden AB -> ) Chrome: ======= CHR HomePage: Default -> hxxp://google.pl/ CHR StartupUrls: Default -> "hxxp://google.com/" CHR Profile: C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default [2020-02-02] CHR Extension: (Prezentacje) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-02] CHR Extension: (Dokumenty) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-02] CHR Extension: (Dysk Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-02-02] CHR Extension: (YouTube) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-02] CHR Extension: (Arkusze) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-02] CHR Extension: (Dokumenty Google offline) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-02] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-02] CHR Extension: (Gmail) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-02-02] CHR Extension: (Chrome Media Router) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-02] CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] StartMenuInternet: Google Chrome.3UO2FTLI2NQMDEOG67QOUI53N4 - F:\Program Files (x86)\Google\Chrome\Application\chrome.exe StartMenuInternet: Google Chrome.KJOE5CON4YSEURCOUTJD6SBO2M - C:\Users\Dawid\AppData\Local\GoogleChromeApplication\chrome.exe ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [996928 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6133752 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-09-23] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6841416 2019-09-23] (GOG Sp. z o.o. -> GOG.com) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation) S4 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AtcL001; C:\Windows\System32\DRIVERS\l160x64.sys [61440 2019-10-19] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37880 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205600 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [275232 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [210328 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [65376 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [43512 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [171784 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111096 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84560 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [855472 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [464352 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [236288 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [317304 2020-01-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-10-19] (Martin Malik - REALiX -> REALiX(tm)) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2019-10-19] (ASUSTeK Computer Inc. -> ) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [51808 2019-10-19] (Synaptics Incorporated -> Synaptics Incorporated) U3 aswbdisk; Brak ImagePath S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S1 WinmonProcessMonitor; \??\C:\Windows\System32\drivers\WinmonProcessMonitor.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-02-02 19:07 - 2020-02-02 19:08 - 000015082 _____ C:\Users\Dawid\Downloads\FRST.txt 2020-02-02 19:07 - 2020-02-02 19:08 - 000000000 ____D C:\FRST 2020-02-02 19:07 - 2020-02-02 19:07 - 002580480 _____ (Farbar) C:\Users\Dawid\Downloads\FRST64.exe 2020-02-02 19:03 - 2020-02-02 19:03 - 000000690 _____ C:\DelFix.txt 2020-02-02 18:37 - 2020-02-02 18:37 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\Google 2020-02-02 18:36 - 2020-02-02 19:01 - 000000000 ____D C:\Users\Dawid\AppData\Local\Google 2020-02-02 18:23 - 2020-02-02 18:23 - 000000085 _____ C:\Windows\wininit.ini 2020-02-02 11:02 - 2020-02-02 11:02 - 000001421 _____ C:\Users\Dawid\Desktop\chrome.exe — skrót.lnk 2020-02-02 10:22 - 2020-02-02 18:34 - 000000000 ____D C:\ProgramData\AVAST Software 2020-02-02 10:00 - 2020-02-02 18:54 - 000000000 ____D C:\Users\Dawid\AppData\LocalLow\BitTorrent 2020-02-01 13:54 - 2020-02-02 01:00 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-02-01 13:54 - 2020-02-02 01:00 - 000002820 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-02-01 13:54 - 2020-02-01 13:54 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-02-01 13:54 - 2020-02-01 13:54 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk 2020-02-01 13:54 - 2020-02-01 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2020-02-01 13:54 - 2020-02-01 13:54 - 000000000 ____D C:\Program Files\CCleaner 2020-02-01 13:49 - 2020-02-01 13:49 - 024578944 _____ (Piriform Software Ltd) C:\Users\Dawid\Downloads\ccleaner-5-63-7540.exe 2020-02-01 13:48 - 2020-02-01 13:48 - 003234128 _____ ( ) C:\Users\Dawid\Downloads\ccleaner-5-63-7540-ks_0040958214.exe 2020-02-01 11:55 - 2020-02-01 12:11 - 000000000 ____D C:\Windows\erdnt 2020-01-30 19:04 - 2020-01-30 19:04 - 000000000 ____D C:\Windows\system32\Tasks\WPD 2020-01-30 18:49 - 2020-01-30 18:49 - 000000000 ____D C:\$AV_AVG 2020-01-30 17:31 - 2020-01-30 17:31 - 000001986 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk 2020-01-30 17:31 - 2020-01-30 17:31 - 000001986 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk 2020-01-30 17:31 - 2020-01-30 17:31 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\AVG 2020-01-30 17:31 - 2020-01-30 17:31 - 000000000 ____D C:\Users\Dawid\AppData\Local\AVG 2020-01-30 17:31 - 2020-01-30 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2020-01-30 17:30 - 2020-01-30 17:30 - 000855472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2020-01-30 17:30 - 2020-01-30 17:30 - 000464352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys 2020-01-30 17:30 - 2020-01-30 17:30 - 000355760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2020-01-30 17:30 - 2020-01-30 17:30 - 000317304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys 2020-01-30 17:30 - 2020-01-30 17:30 - 000236288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2020-01-30 17:30 - 2020-01-30 17:30 - 000205600 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys 2020-01-30 17:30 - 2020-01-30 17:30 - 000171784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2020-01-30 17:30 - 2020-01-30 17:30 - 000111096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2020-01-30 17:30 - 2020-01-30 17:30 - 000084560 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2020-01-30 17:30 - 2020-01-30 17:30 - 000043512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys 2020-01-30 17:30 - 2020-01-30 17:30 - 000037880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys 2020-01-30 17:30 - 2020-01-30 17:30 - 000000000 ____D C:\Windows\system32\Tasks\AVG 2020-01-30 17:30 - 2020-01-30 17:30 - 000000000 ____D C:\Program Files\Common Files\AVG 2020-01-30 17:30 - 2020-01-30 17:29 - 000275232 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys 2020-01-30 17:30 - 2020-01-30 17:29 - 000210328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys 2020-01-30 17:30 - 2020-01-30 17:29 - 000065376 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys 2020-01-30 17:28 - 2020-01-30 17:28 - 000000000 ____D C:\Program Files\AVG 2020-01-30 17:27 - 2020-02-01 11:19 - 000000000 ____D C:\ProgramData\AVG 2020-01-30 17:26 - 2020-01-30 17:26 - 000270160 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Dawid\Downloads\avg_antivirus_free_setup.exe 2020-01-30 17:25 - 2020-01-30 17:25 - 001924728 _____ (Malwarebytes) C:\Users\Dawid\Downloads\MBSetup (3).exe 2020-01-30 16:32 - 2020-01-30 16:33 - 006118048 _____ (Avira Operations GmbH & Co. KG) C:\Users\Dawid\Downloads\avira_pl_free0___dob.exe 2020-01-30 16:29 - 2020-01-30 16:29 - 001924728 _____ (Malwarebytes) C:\Users\Dawid\Downloads\MBSetup (2).exe 2020-01-30 16:24 - 2020-01-30 17:26 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-01-30 16:24 - 2020-01-30 16:24 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-01-30 16:22 - 2020-01-30 16:22 - 000000000 ____D C:\Program Files\Malwarebytes 2020-01-30 16:21 - 2020-01-30 16:21 - 001924728 _____ (Malwarebytes) C:\Users\Dawid\Downloads\MBSetup (1).exe 2020-01-30 16:02 - 2020-01-30 16:10 - 000000214 _____ C:\Users\Dawid\Desktop\Nowy dokument tekstowy.txt 2020-01-29 14:13 - 2020-01-29 14:13 - 001924728 _____ (Malwarebytes) C:\Users\Dawid\Downloads\MBSetup.exe 2020-01-29 14:03 - 2020-01-29 14:03 - 000000266 __RSH C:\Users\Dawid\ntuser.pol 2020-01-29 13:37 - 2020-01-29 13:37 - 000082816 _____ (VSO Software) C:\Users\Dawid\AppData\Roaming\pcouffin.sys 2020-01-29 13:37 - 2020-01-29 13:37 - 000007859 _____ C:\Users\Dawid\AppData\Roaming\pcouffin.cat 2020-01-29 13:31 - 2020-01-29 13:31 - 005554104 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe 2020-01-29 13:31 - 2020-01-29 13:31 - 000619056 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe 2020-01-29 13:26 - 2020-01-29 13:26 - 000000000 ____D C:\Users\Dawid\AppData\Local\AdvinstAnalytics 2020-01-29 13:25 - 2020-01-29 13:25 - 008465920 _____ C:\Users\Dawid\AppData\Local\agent.dat 2020-01-29 13:25 - 2020-01-29 13:25 - 002159340 _____ C:\Users\Dawid\AppData\Local\Trioanlux.tst 2020-01-29 13:25 - 2020-01-29 13:25 - 000126464 _____ C:\Users\Dawid\AppData\Local\noah.dat 2020-01-29 13:25 - 2020-01-29 13:25 - 000126464 _____ C:\Users\Dawid\AppData\Local\lobby.dat 2020-01-29 13:25 - 2020-01-29 13:25 - 000070992 _____ C:\Users\Dawid\AppData\Local\Config.xml 2020-01-29 13:25 - 2020-01-29 13:25 - 000068257 _____ C:\Users\Dawid\AppData\Local\Biosuntex.tst 2020-01-29 13:25 - 2020-01-29 13:25 - 000044032 _____ C:\Users\Dawid\AppData\Local\ApplicationHosting.dat 2020-01-29 13:25 - 2020-01-29 13:25 - 000005568 _____ C:\Users\Dawid\AppData\Local\md.xml 2020-01-29 13:24 - 2020-01-29 13:34 - 000000000 ____D C:\Users\Dawid\AppData\Local\1xCorp N.V 2020-01-29 13:24 - 2020-01-29 13:24 - 000140800 _____ C:\Users\Dawid\AppData\Local\installer.dat 2020-01-29 13:24 - 2020-01-29 13:24 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\GameSparks 2020-01-29 13:16 - 2020-01-29 13:16 - 000000668 _____ C:\Users\Dawid\Desktop\Stellaris Lithoids Species Pack.lnk 2020-01-29 13:16 - 2020-01-29 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellaris Lithoids Species Pack 2020-01-27 22:41 - 2020-02-01 13:55 - 000000000 ____D C:\Windows\Minidump 2020-01-24 11:52 - 2020-02-02 18:23 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2020-01-24 11:52 - 2020-01-24 11:52 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking 2020-01-24 11:51 - 2020-02-02 18:34 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2020-01-24 11:47 - 2020-01-24 11:47 - 003222456 _____ ( ) C:\Users\Dawid\Downloads\Spybot-Search-Destroy-12546-AsystentPobierania_2297209859.exe 2020-01-12 12:57 - 2020-01-12 12:57 - 000000666 _____ C:\Users\Dawid\Desktop\Craft The World Lonely Mountain.lnk 2020-01-12 12:57 - 2020-01-12 12:57 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\dekovir 2020-01-12 12:57 - 2020-01-12 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft The World Lonely Mountain ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-02-02 19:08 - 2019-11-08 20:31 - 000000000 ____D C:\Users\Dawid\AppData\Roaming\BitTorrent 2020-02-02 19:00 - 2009-07-14 05:45 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-02-02 19:00 - 2009-07-14 05:45 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-02-02 18:53 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-02-02 18:33 - 2019-10-19 14:01 - 000001463 _____ C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2020-02-02 18:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2020-02-02 10:17 - 2009-07-14 03:34 - 000000215 _____ C:\Windows\system.ini 2020-02-01 13:55 - 2019-10-19 14:45 - 000000000 ____D C:\Windows\Panther 2020-01-29 14:03 - 2019-10-19 14:01 - 000000000 ____D C:\Users\Dawid 2020-01-29 13:27 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\GroupPolicy 2020-01-27 16:42 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-01-29 13:37 - 2020-01-29 13:37 - 000007859 _____ () C:\Users\Dawid\AppData\Roaming\pcouffin.cat 2020-01-29 13:37 - 2020-01-29 13:37 - 000001167 _____ () C:\Users\Dawid\AppData\Roaming\pcouffin.inf 2020-01-29 13:37 - 2020-01-29 13:37 - 000000055 _____ () C:\Users\Dawid\AppData\Roaming\pcouffin.log 2020-01-29 13:37 - 2020-01-29 13:37 - 000082816 _____ (VSO Software) C:\Users\Dawid\AppData\Roaming\pcouffin.sys 2020-01-29 13:25 - 2020-01-29 13:25 - 008465920 _____ () C:\Users\Dawid\AppData\Local\agent.dat 2020-01-29 13:25 - 2020-01-29 13:25 - 000044032 _____ () C:\Users\Dawid\AppData\Local\ApplicationHosting.dat 2020-01-29 13:25 - 2020-01-29 13:25 - 000068257 _____ () C:\Users\Dawid\AppData\Local\Biosuntex.tst 2020-01-29 13:25 - 2020-01-29 13:25 - 000070992 _____ () C:\Users\Dawid\AppData\Local\Config.xml 2020-01-29 13:24 - 2020-01-29 13:24 - 000140800 _____ () C:\Users\Dawid\AppData\Local\installer.dat 2020-01-29 13:25 - 2020-01-29 13:25 - 000126464 _____ () C:\Users\Dawid\AppData\Local\lobby.dat 2020-01-29 13:25 - 2020-01-29 13:25 - 000005568 _____ () C:\Users\Dawid\AppData\Local\md.xml 2020-01-29 13:25 - 2020-01-29 13:25 - 000126464 _____ () C:\Users\Dawid\AppData\Local\noah.dat 2020-01-29 13:25 - 2020-01-29 13:25 - 002159340 _____ () C:\Users\Dawid\AppData\Local\Trioanlux.tst 2020-01-29 13:26 - 2020-01-29 13:26 - 000032038 _____ () C:\Users\Dawid\AppData\Local\uninstall_temp.ico ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-01-30 17:15 ==================== Koniec FRST.txt ========================