Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-02-2021 Uruchomiony przez Kamil (administrator) KAJA (ASUSTeK COMPUTER INC. X55VD) (06-03-2021 19:04:38) Uruchomiony z C:\Users\Kamil\Desktop\Projekty Załadowane profile: Kamil Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Safe Mode (with Networking) ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-07-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [164608 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software) HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-3406381769-3967634618-1927701157-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\PCL hpz3llhn: C:\WINDOWS\system32\hpz3llhn.dll [34816 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-22] (Google LLC -> Google LLC) AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [18856 2012-10-02] (NVIDIA CORPORATION -> NVIDIA Corporation) [Brak podpisu cyfrowego] AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA CORPORATION -> NVIDIA Corporation) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {037F7674-28A8-4167-A9EF-BCA6FCBD4858} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc -> Google Inc.) Task: {094F4FAD-9714-471F-95C2-430B6BD6B6DE} - System32\Tasks\PITax reminder => C:\Program Files (x86)\PITax.pl\PITax.pl.exe Task: {2474EA1E-6885-47A9-AC4A-DFD3C39EABCB} - System32\Tasks\Opera scheduled assistant Autoupdate 1582749475 => C:\Program Files (x86)\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0) Task: {26363F9C-9106-42D2-8DA9-997DE944592A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_pepper.exe [1498680 2020-11-29] (Adobe Inc. -> Adobe) Task: {2687A691-C0B4-48BC-A964-8D7E61EBA47F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc -> Google Inc.) Task: {41950D23-AB9D-4AF8-9EF4-E18295B41ADC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {5EBE4035-E75F-42F4-BD09-16A598794039} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS) Task: {61BF67ED-AF67-4EB0-A1AD-A92EE169613F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1558176 2012-07-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {73A93CC4-AE71-4655-B851-61A857CA1AB0} - System32\Tasks\PITax rss checker => C:\Program Files (x86)\PITax.pl\PITax.pl.exe Task: {7F17DC81-7FE8-411E-AE1E-A8C56BBAF86C} - System32\Tasks\QtraxPlayer => "C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe" 1725598428.portal.qtrax.com Task: {8DDFB5BF-3C45-4799-991B-52BE1D1AE188} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-07-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {915E084F-2F4E-4F9C-92C9-3F6986AC0D96} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [4730624 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {9E261427-4CF1-4795-A0E0-0032F303FA5E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) Task: {C6BCCE33-A463-4D8F-8563-716F3B1C7DFE} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-07-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {D20465A8-EC1D-4480-B5C2-6C2B777068D4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {E6CDFACB-4B64-445E-B4F4-A5841F3C8CE5} - System32\Tasks\{B854A18C-11C0-43A9-8F36-1F571BDC8B40} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [31085152 2015-01-23] (Skype Software Sarl -> Skype Technologies S.A.) Task: {E91ECED9-6EE4-4693-95D0-BC950E9D95B5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F1D7B473-30C6-464C-8631-F7364A7757F2} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [17792 2012-10-31] (ASUSTeK Computer Inc. -> AsusTek) Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {FB5F2510-10EC-46A4-A89F-9146D5B724ED} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1122688 2012-09-24] (ASUSTeK Computer Inc. -> ASUS) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{60348DA7-A05B-4E72-8DF6-4AB5B28D358B}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Songbird2\Profiles\ndag9x3v.default [2019-12-27] FF NetworkProxy: Songbird2\Profiles\ndag9x3v.default -> no_proxies_on", "127.0.0.1;localhost" FF Extension: (Brak nazwy) - C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.com [nie znaleziono] FF Extension: (Brak nazwy) - C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com [nie znaleziono] FF Extension: (Brak nazwy) - C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com [nie znaleziono] FF Extension: (Brak nazwy) - C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest.com [nie znaleziono] FF Extension: (Brak nazwy) - C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest.com [nie znaleziono] FF Extension: (Brak nazwy) - C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com [nie znaleziono] FF Extension: (Brak nazwy) - C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest.com [nie znaleziono] FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ohfmx4ie.default [2021-03-06] FF Homepage: Mozilla\Firefox\Profiles\ohfmx4ie.default -> hxxps://www.google.com/?bcutc=sp-118-756 FF NewTab: Mozilla\Firefox\Profiles\ohfmx4ie.default -> about:newtab FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ohfmx4ie.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-05-27] [Przestarzałe] FF Extension: (AdBlocker for YouTube™) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ohfmx4ie.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2016-12-10] FF Extension: (Adblock Plus) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\ohfmx4ie.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-29] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => nie znaleziono FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-18] (Adobe Systems Incorporated -> ) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-18] (Adobe Systems Incorporated -> ) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA CORPORATION -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA CORPORATION -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin HKU\S-1-5-21-3406381769-3967634618-1927701157-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kamil\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited) Chrome: ======= CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default [2021-03-06] CHR Notifications: Default -> hxxps://cdax.pl; hxxps://pizzaportal.pl; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://www68.elbaestes.pro CHR Extension: (Prezentacje) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Dokumenty) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Dysk Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25] CHR Extension: (YouTube) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Pasjans/Solitaire) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim [2016-12-18] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-02-01] CHR Extension: (Spotify - Music for every moment) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-07-13] CHR Extension: (Google Search) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Free Rider HD) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\emikpifndnjfkgofoglceekhkbaicbde [2018-05-02] CHR Extension: (Arkusze) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-02-25] CHR Extension: (Blackness (pink active tab text)) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggodjknihdkamccjfnghlbdekncgdadb [2021-02-01] CHR Extension: (Dokumenty Google offline) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-01] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-03-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01] CHR Extension: (100,000 Stars) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\odkpogjemoijmdgemngpdohpcclgegjg [2015-09-04] CHR Extension: (Gmail) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25] CHR Extension: (Chrome Media Router) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-03] CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-06] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Opera: ======= OPR Profile: C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable [2021-03-06] OPR Notifications: Opera Stable -> hxxps://pizzaportal.pl OPR DefaultSearchURL: Opera Stable -> hxxp://opera.com OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (AdBlock) - C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2017-02-01] OPR Extension: (Rich Hints Agent) - C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-24] OPR Extension: (Pogoda) - C:\Users\Kamil\AppData\Roaming\Opera Software\Opera Stable\Extensions\lnejmennopimdkhecilfhkmmjolebocd [2017-09-10] StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe Brave: ======= BRA Profile: C:\Users\Kamil\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-06] BRA Extension: (Brave Local Data Files Updater) - C:\Users\Kamil\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-04-02] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Kamil\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-11-21] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Kamil\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-09-10] BRA Extension: (PDF Viewer) - C:\Users\Kamil\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2018-12-14] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Kamil\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-11-21] BRA Extension: (Brave Ad Block Updater (POL: polskie filtry do Adblocka i uBlocka)) - C:\Users\Kamil\AppData\Local\BraveSoftware\Brave-Browser\User Data\paoecjnjjbclkgbempaeemcbeldldlbo [2020-04-02] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUSTeK Computer Inc. -> ASUS) S2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [622184 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [353024 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [7926328 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-11] (McAfee, LLC -> McAfee, LLC) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Brak podpisu cyfrowego] S2 wasvc_1.10.0.19; C:\Program Files (x86)\WordAnchor_1.10.0.19\Service\wasvc.exe [299096 2015-06-15] (Word Anchor -> WA) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation -> Microsoft Corporation) S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation -> Microsoft Corporation) S2 HPSLPSVC; C:\Users\Kamil\AppData\Local\Temp\7zS1CBF\hpslpsvc64.dll [X] <==== UWAGA ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [73512 2019-07-24] (ASUSTeK Computer Inc. -> ASUS Corporation) R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35792 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [208176 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [357400 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [249368 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [98840 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41424 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175368 2021-03-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [521472 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [107920 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83496 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [850248 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [465800 2021-03-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215464 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327104 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2013-08-15] (Disc Soft Ltd -> Disc Soft Ltd) S1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-07-23] (Martin Malik - REALiX -> REALiX(tm)) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> ) S3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1210480 2019-07-24] (MEDIATEK INC. -> Ralink Technology, Corp.) S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [27064 2016-07-06] (Unified Intents AB -> Windows (R) Win 7 DDK provider) R1 wafd_1_10_0_19; C:\WINDOWS\System32\drivers\wafd_1_10_0_19.sys [57728 2015-06-15] (Word Anchor -> WA) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Windows -> Microsoft Corporation) S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X] S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X] S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-03-03 20:48 - 2021-03-06 19:04 - 000000000 ____D C:\FRST 2021-03-03 20:46 - 2021-03-06 19:01 - 000547110 _____ C:\WINDOWS\ntbtlog.txt 2021-03-03 20:44 - 2021-03-03 20:46 - 000000000 _____ C:\Recovery.txt 2021-03-01 21:15 - 2021-03-01 21:15 - 003057739 _____ (numerico.altervista.org) C:\Users\Kamil\Downloads\CrystalDiskInfoPortable_8.8.9_x64.paf.exe 2021-03-01 21:15 - 2021-03-01 21:14 - 002301440 _____ (Farbar) C:\Users\Kamil\Downloads\FRST64 (1).exe 2021-03-01 21:03 - 2021-03-01 21:04 - 001163210 _____ C:\Users\Kamil\Downloads\bd7396f1-ecd3-4c94-a792-a8ad04622510.tmp 2021-02-25 23:19 - 2021-02-25 23:19 - 008463216 _____ (Malwarebytes) C:\Users\Kamil\Desktop\adwcleaner_8.1.exe 2021-02-25 23:07 - 2021-02-25 23:07 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\uTorrent 2021-02-25 18:01 - 2021-02-25 18:01 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2021-02-25 18:01 - 2021-02-25 18:01 - 000215464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys 2021-02-11 22:12 - 2021-02-11 22:59 - 244629691 _____ C:\Users\Kamil\Documents\Untitled2.mp4 ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-03-06 18:58 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-03-06 18:58 - 2013-03-18 14:53 - 000000000 ____D C:\ProgramData\NVIDIA 2021-03-06 12:46 - 2017-04-16 19:51 - 000004174 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update 2021-03-06 12:32 - 2015-01-05 18:55 - 000000000 ____D C:\Users\Kamil 2021-03-06 12:28 - 2020-05-04 18:04 - 000000000 ____D C:\Users\Kamil\Desktop\Projekty 2021-03-06 12:28 - 2017-12-23 01:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG 2021-03-06 12:28 - 2014-05-20 16:03 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\Temp 2021-03-06 12:28 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-03-06 12:28 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-03-06 12:27 - 2014-09-24 16:08 - 001825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-03-06 12:27 - 2014-09-24 15:35 - 000805918 _____ C:\WINDOWS\system32\perfh015.dat 2021-03-06 12:27 - 2014-09-24 15:35 - 000163272 _____ C:\WINDOWS\system32\perfc015.dat 2021-03-06 12:27 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf 2021-03-01 20:55 - 2020-10-13 21:57 - 000175368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys 2021-03-01 20:55 - 2017-04-16 19:51 - 000465800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys 2021-03-01 20:33 - 2015-06-28 12:26 - 000000000 ____D C:\Program Files\CCleaner 2021-02-25 23:07 - 2014-12-15 21:08 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\uTorrent 2021-02-25 18:15 - 2020-02-26 21:37 - 000004042 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582749475 2021-02-25 18:15 - 2019-07-27 20:53 - 000003180 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice 2021-02-25 18:15 - 2019-07-27 20:53 - 000003168 _____ C:\WINDOWS\system32\Tasks\RTKCPL 2021-02-25 18:15 - 2018-09-02 22:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2021-02-25 18:15 - 2018-07-15 11:17 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-02-25 18:15 - 2017-02-08 23:01 - 000004518 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier 2021-02-25 18:15 - 2015-09-04 23:01 - 000003482 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-02-25 18:15 - 2015-09-04 23:01 - 000003354 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-02-25 18:15 - 2015-06-28 12:26 - 000002782 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-02-25 18:15 - 2015-04-27 19:04 - 000004144 _____ C:\WINDOWS\system32\Tasks\PITax reminder 2021-02-25 18:15 - 2015-04-27 19:04 - 000003554 _____ C:\WINDOWS\system32\Tasks\PITax rss checker 2021-02-25 18:15 - 2014-08-16 10:25 - 000003112 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update 2021-02-25 18:15 - 2013-06-22 20:01 - 000002868 _____ C:\WINDOWS\system32\Tasks\{B854A18C-11C0-43A9-8F36-1F571BDC8B40} 2021-02-25 18:15 - 2013-06-01 21:44 - 000003808 _____ C:\WINDOWS\system32\Tasks\QtraxPlayer 2021-02-25 18:15 - 2013-05-31 23:28 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3406381769-3967634618-1927701157-1002 2021-02-25 18:15 - 2013-03-18 15:01 - 000003542 _____ C:\WINDOWS\system32\Tasks\ASUS Touchpad Launcher (x64) 2021-02-25 18:01 - 2020-07-17 22:20 - 000521472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys 2021-02-25 18:01 - 2019-01-06 23:24 - 000357400 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys 2021-02-25 18:01 - 2019-01-06 23:24 - 000249368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys 2021-02-25 18:01 - 2019-01-06 23:24 - 000098840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys 2021-02-25 18:01 - 2019-01-06 23:24 - 000035792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys 2021-02-25 18:01 - 2018-10-31 21:32 - 000041424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys 2021-02-25 18:01 - 2017-12-10 12:23 - 000208176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys 2021-02-25 18:01 - 2017-04-16 19:51 - 000850248 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys 2021-02-25 18:01 - 2017-04-16 19:51 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys 2021-02-25 18:01 - 2017-04-16 19:51 - 000107920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys 2021-02-25 18:01 - 2017-04-16 19:51 - 000083496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys 2021-02-25 16:00 - 2015-12-12 23:08 - 000000000 ____D C:\ProgramData\Avg 2021-02-25 15:46 - 2018-10-07 22:23 - 000000000 ____D C:\Users\Kamil\AppData\Local\CrashDumps 2021-02-24 18:32 - 2013-07-07 22:25 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3406381769-3967634618-1927701157-1003 2021-02-24 18:20 - 2013-07-07 22:22 - 000000000 ____D C:\Program Files (x86)\Opera 2021-02-23 23:27 - 2017-06-30 19:38 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2021-02-22 23:12 - 2015-09-04 23:04 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-02-22 23:12 - 2015-09-04 23:04 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-02-22 20:29 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2021-02-22 18:31 - 2014-08-27 10:19 - 000000000 ___RD C:\Users\Kamil\Documents\Gitara 2021-02-21 23:13 - 2019-10-07 21:20 - 000000000 ____D C:\Users\Kamil\Documents\OFX Presets 2021-02-14 22:10 - 2015-01-05 18:55 - 000000000 ____D C:\Users\UpdatusUser 2021-02-09 23:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\NDF ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-05-15 23:02 - 2019-05-15 23:02 - 006922240 _____ () C:\Program Files (x86)\GUT99AA.tmp 2017-09-08 23:40 - 2017-09-08 23:52 - 000000132 _____ () C:\Users\Kamil\AppData\Roaming\Adobe BMP Format CS6 Prefs 2014-01-19 16:46 - 2020-04-27 17:47 - 000000016 _____ () C:\Users\Kamil\AppData\Roaming\msregsvv.dll 2015-01-06 11:43 - 2015-01-20 13:20 - 000000086 _____ () C:\Users\Kamil\AppData\Roaming\WB.CFG 2019-10-10 21:35 - 2019-10-10 21:35 - 000001456 _____ () C:\Users\Kamil\AppData\Local\Adobe Save for Web 13.0 Prefs 2016-03-04 23:18 - 2017-08-14 15:39 - 000007601 _____ () C:\Users\Kamil\AppData\Local\resmon.resmoncfg 2017-11-20 18:02 - 2017-11-20 18:02 - 000000000 _____ () C:\Users\Kamil\AppData\Local\{8CA826E9-F4DC-4622-86D5-ECB85F15A86D} ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2021-02-25 13:51 ==================== Koniec FRST.txt ========================