Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 06-06-2020 Uruchomiony przez Magda (administrator) MAGDA-KOMPUTER (LENOVO 20150) (20-06-2020 12:41:16) Uruchomiony z C:\Users\Magda\Desktop Załadowane profile: Magda Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <2> (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6> ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-27] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2011-12-06] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [155784 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-3865533037-2363978409-4248316445-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-25] (Adobe Inc. -> Adobe) HKU\S-1-5-21-3865533037-2363978409-4248316445-1000\...\MountPoints2: F - F:\RunGame.exe HKU\S-1-5-21-3865533037-2363978409-4248316445-1000\...\MountPoints2: G - G:\setup.exe HKLM\...\Windows x64\Print Processors\Canon iP7200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBA.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\us003PC: C:\Windows\System32\spool\prtprocs\x64\us003pc.dll [43520 2015-03-12] (Windows (R) Codename Longhorn DDK provider) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\Windows\system32\CNMLMBA.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\Windows\system32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\Windows\system32\CNMLMCT.DLL [406528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\us003 Langmon: C:\Windows\system32\us003lm.dll [22528 2015-03-12] () [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-17] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> c:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2012-03-21] (Broadcom Corporation -> Broadcom Corporation.) HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> c:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll [2012-03-21] (Broadcom Corporation -> Broadcom Corporation.) Lsa: [Notification Packages] scecli c:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG TuneUp.lnk [2019-11-24] ShortcutTarget: AVG TuneUp.lnk -> C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe (Brak pliku) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-09-01] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1A8A82FA-27EC-42FC-B272-8EFD44556C84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-12] (Google Inc -> Google Inc.) Task: {32154DB0-035C-4500-AAA9-2A3CAEBF9C1E} - System32\Tasks\{B8D485B6-053C-40DC-B07C-600448F5065D} => D:\Sims2\TSBin\Sims2.exe Task: {3FE3CE94-D5FB-4C77-A1DC-C230715FDE71} - System32\Tasks\{FC83DE19-79D3-4AF4-BC60-0E231D531DE0} => C:\Windows\system32\pcalua.exe -a F:\g580\0lto15ww.exe -d F:\g580 Task: {4AF401A5-7767-49FB-B87A-3BD607F95F99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-12] (Google Inc -> Google Inc.) Task: {5AF91F1B-CCAC-499B-9F6C-9534C3116093} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-03-01] (AVG Technologies USA, LLC -> AVG Technologies) Task: {630BF1FF-E441-4905-9797-B948A18D47D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {8FDB563B-8C49-41E6-AB7A-D99479B8AE86} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [1362432 2018-03-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {976AB952-8507-4BF1-B2C7-D16CA5A67BBA} - \455D6CE2-6B77-23A5-22B4-347E9BB4E46E -> Brak pliku <==== UWAGA Task: {99239C18-2F6D-4002-99F5-1E64BC2C1E3A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-25] (Adobe Inc. -> Adobe) Task: {9A4CADF8-04BB-4F16-AB1D-18388801D0E5} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3361928 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {A08FCDF7-B9C0-406D-B16A-409EC6024821} - System32\Tasks\{5EDC3E49-78BA-4215-A9D2-065D24882873} => C:\Windows\system32\pcalua.exe -a "C:\Users\Magda\Desktop\Ja Jestem\Instaluj.exe" -d "C:\Users\Magda\Desktop\Ja Jestem" Task: {B8464C6A-B1D2-4FBD-B449-80E1EDA0671D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {B88E879C-70BA-4824-A39F-55183C449B3D} - System32\Tasks\AdobeAAMUpdater-1.0-Magda-Komputer-Magda => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {C63E46E9-2CE5-4A88-ACBF-ACBCB8C41FBB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-25] (Adobe Inc. -> Adobe) Task: {E3910F3C-A3FE-4338-A6AF-69CE3BAA2D22} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {EE7A40B2-84E4-44F4-847D-71774AB046A9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd) Task: {EEF75467-7D2B-416D-977F-A59141D8E56B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 Tcpip\..\Interfaces\{13A1C90A-1750-4965-8674-ACB56238C193}: [DhcpNameServer] 192.168.8.1 Internet Explorer: ================== HKU\S-1-5-21-3865533037-2363978409-4248316445-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-08-28] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-08-28] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-07-11] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Brak nazwy -> {A057A204-BACC-4D26-9990-79A187E2698E} -> Brak pliku BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-07-11] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM-x32 - Brak nazwy - {A057A204-BACC-4D26-9990-79A187E2698E} - Brak pliku Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Brak pliku Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [Brak podpisu cyfrowego] Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: 6rh7by9r.default FF ProfilePath: C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\6rh7by9r.default [2020-06-20] FF Homepage: Mozilla\Firefox\Profiles\6rh7by9r.default -> google.pl/ FF Extension: (uBlock Origin) - C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\6rh7by9r.default\Extensions\uBlock0@raymondhill.net.xpi [2020-06-08] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\6rh7by9r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-01] FF SearchPlugin: C:\Users\Magda\AppData\Roaming\Mozilla\Firefox\Profiles\6rh7by9r.default\searchplugins\bing-.xml [2016-10-18] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-25] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-25] (Adobe Inc. -> ) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-07-11] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-07-11] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc. -> RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) [Brak podpisu cyfrowego] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default [2020-06-20] CHR Extension: (Adobe Acrobat) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-06-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24] CHR Extension: (Spotify ✪ Deezer Music Downloader) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhfalcdehpjfldleoacghgakfebmmni [2019-03-31] CHR Extension: (Chrome Media Router) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-08] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\Magda\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2020-06-08] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [349544 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [1053056 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6439872 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 btwdins; c:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957216 2012-03-21] (Broadcom Corporation -> Broadcom Corporation.) S4 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [607456 2011-12-08] (Intel® Upgrade Service -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation -> Intel Corporation) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2015-09-03] () [Brak podpisu cyfrowego] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2508592 2020-06-15] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460400 2020-06-15] (Electronic Arts, Inc. -> Electronic Arts) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205952 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [235144 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [178824 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61064 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42840 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [175264 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [506208 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2019-08-05] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [109336 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84912 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [851664 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [462656 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [216880 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [322328 2020-06-20] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-21] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2015-10-21] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47160 2015-10-21] (Disc Soft Ltd -> Disc Soft Ltd) R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [91568 2010-04-12] (Fenghua Lee -> PowerISO Computing, Inc.) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-06-20 12:41 - 2020-06-20 12:42 - 000025041 _____ C:\Users\Magda\Desktop\FRST.txt 2020-06-20 12:20 - 2020-06-20 12:20 - 000000000 ____D C:\Users\Magda\AppData\Local\mbam 2020-06-20 12:15 - 2020-06-20 12:15 - 000000000 ____D C:\Program Files\Malwarebytes 2020-06-20 12:15 - 2020-06-20 12:15 - 000000000 ____D C:\Malwarebytes 2020-06-20 12:00 - 2020-06-20 12:41 - 000000000 ____D C:\FRST 2020-06-20 12:00 - 2020-06-20 12:00 - 002289152 _____ (Farbar) C:\Users\Magda\Desktop\FRST64.exe 2020-06-20 10:31 - 2020-06-20 10:31 - 000336520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2020-06-20 10:31 - 2020-06-20 10:31 - 000216880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2020-06-20 10:31 - 2020-06-20 10:31 - 000175264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2020-06-17 17:07 - 2020-06-18 20:27 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-06-17 17:07 - 2020-06-17 17:07 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2020-06-17 17:07 - 2020-06-17 17:07 - 000002047 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk 2020-06-17 16:47 - 2020-06-17 16:47 - 000133080 _____ C:\Users\Magda\AppData\Local\GDIPFONTCACHEV1.DAT 2020-06-17 16:46 - 2020-06-18 20:16 - 000000000 ____D C:\Users\Magda\AppData\Local\Adobe 2020-06-15 22:50 - 2020-06-15 22:50 - 003638975 _____ C:\Users\Magda\Desktop\Kurs Behawiorystyka Psa I (1).pdf 2020-06-15 22:49 - 2020-06-15 22:50 - 003638975 _____ C:\Users\Magda\Desktop\Kurs Behawiorystyka Psa I.pdf 2020-05-25 15:41 - 2020-05-25 15:41 - 000264973 _____ C:\Users\Magda\Documents\Nota 1-NKOR-2020.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-06-20 12:37 - 2009-07-14 06:45 - 000033904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-06-20 12:37 - 2009-07-14 06:45 - 000033904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-06-20 12:33 - 2016-11-21 21:52 - 000000000 ____D C:\Users\Magda\AppData\LocalLow\Mozilla 2020-06-20 12:33 - 2015-09-03 19:11 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-06-20 12:32 - 2015-09-02 22:44 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-06-20 12:30 - 2018-01-13 21:21 - 000000266 __RSH C:\ProgramData\ntuser.pol 2020-06-20 12:28 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-06-20 12:26 - 2015-09-01 17:22 - 000000000 ____D C:\Users\Magda 2020-06-20 11:55 - 2015-10-24 18:15 - 000000000 ____D C:\ProgramData\Avg 2020-06-20 10:46 - 2020-05-14 18:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-06-20 10:32 - 2019-08-05 18:07 - 000003904 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update 2020-06-20 10:32 - 2019-08-05 18:06 - 000462656 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys 2020-06-20 10:32 - 2019-08-05 18:06 - 000322328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys 2020-06-20 10:31 - 2020-04-24 15:20 - 000506208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys 2020-06-20 10:31 - 2019-08-05 20:33 - 000042840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys 2020-06-20 10:31 - 2019-08-05 18:06 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2020-06-20 10:31 - 2019-08-05 18:06 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2020-06-20 10:30 - 2019-08-05 20:33 - 000235144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys 2020-06-20 10:30 - 2019-08-05 20:33 - 000178824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys 2020-06-20 10:30 - 2019-08-05 20:33 - 000061064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys 2020-06-20 10:30 - 2019-08-05 18:06 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2020-06-20 10:30 - 2019-08-05 18:06 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys 2020-06-20 10:30 - 2010-11-21 14:53 - 000740828 _____ C:\Windows\system32\perfh015.dat 2020-06-20 10:30 - 2010-11-21 14:53 - 000155392 _____ C:\Windows\system32\perfc015.dat 2020-06-20 10:30 - 2009-07-14 07:13 - 001669980 _____ C:\Windows\system32\PerfStringBackup.INI 2020-06-20 10:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2020-06-20 10:23 - 2019-08-05 18:06 - 000000000 ____D C:\Program Files\Common Files\AVG 2020-06-20 10:23 - 2015-09-05 12:12 - 000000000 ____D C:\Program Files (x86)\AVG 2020-06-20 10:23 - 2009-07-14 07:08 - 000032520 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2020-06-20 10:21 - 2018-10-07 11:19 - 000000000 ____D C:\AdwCleaner 2020-06-20 10:21 - 2015-09-02 22:37 - 000000000 ____D C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2020-06-20 10:21 - 2015-09-02 22:37 - 000000000 ____D C:\Program Files (x86)\Lenovo 2020-06-20 10:21 - 2015-09-02 21:03 - 000000000 ____D C:\Program Files (x86)\Vimicro 2020-06-20 10:14 - 2015-09-02 22:49 - 000000000 ____D C:\Users\Magda\AppData\Roaming\Spotify 2020-06-20 10:11 - 2019-08-05 18:07 - 000000000 ____D C:\Windows\system32\Tasks\AVG 2020-06-20 10:11 - 2019-08-05 18:05 - 000000000 ____D C:\Program Files\AVG 2020-06-20 10:11 - 2015-10-24 18:19 - 000000000 ____D C:\Users\Magda\AppData\Roaming\AVG 2020-06-19 01:02 - 2020-04-04 16:07 - 000000000 ____D C:\Users\Magda\AppData\Roaming\Origin 2020-06-19 01:02 - 2020-04-04 16:07 - 000000000 ____D C:\ProgramData\Origin 2020-06-18 20:36 - 2020-04-04 16:11 - 000000000 ____D C:\Program Files (x86)\Origin Games 2020-06-18 20:35 - 2020-04-04 16:07 - 000000000 ____D C:\Users\Magda\AppData\Local\Origin 2020-06-17 17:08 - 2015-09-03 19:16 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-06-17 17:07 - 2015-09-03 19:15 - 000000000 ____D C:\Program Files (x86)\Adobe 2020-06-17 00:06 - 2019-03-12 21:42 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-06-17 00:03 - 2018-10-07 09:36 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-06-15 22:45 - 2020-04-04 16:11 - 000000000 ____D C:\Program Files (x86)\Origin 2020-06-15 21:43 - 2015-09-02 22:53 - 000000000 ____D C:\Users\Magda\AppData\Local\Spotify 2020-06-14 16:10 - 2020-04-04 19:10 - 000001367 _____ C:\Users\Public\Desktop\The Sims 4.lnk 2020-06-14 16:10 - 2020-04-04 19:10 - 000001367 _____ C:\ProgramData\Desktop\The Sims 4.lnk 2020-06-12 19:36 - 2019-10-05 13:38 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2020-06-12 19:36 - 2019-10-05 13:38 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData 2020-06-08 15:21 - 2020-03-01 19:31 - 000000000 ____D C:\Users\Magda\Downloads\opera autoupdate 2020-06-08 15:21 - 2019-10-05 13:38 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0 2020-06-08 15:15 - 2020-04-03 19:46 - 000001914 _____ C:\Users\Public\Desktop\AVG Internet Security.lnk 2020-06-08 15:15 - 2020-04-03 19:46 - 000001914 _____ C:\ProgramData\Desktop\AVG Internet Security.lnk 2020-06-08 14:48 - 2018-10-07 11:28 - 000000000 ____D C:\Users\Magda\AppData\Local\AVG 2020-06-08 10:31 - 2015-11-19 18:40 - 000000000 ____D C:\Users\Magda\AppData\Local\ElevatedDiagnostics ==================== Pliki w katalogu głównym wybranych folderów ======== 1601-01-03 21:33 - 1601-01-03 21:33 - 000186368 _____ (Microsoft Corporation) C:\Users\Magda\AppData\Roaming\aogef.exe 1601-01-03 21:33 - 1601-01-03 21:33 - 000073216 _____ (Microsoft Corporation) C:\Users\Magda\AppData\Roaming\jUOzxysOy.exe 2020-06-09 11:53 - 2020-06-09 11:53 - 000000000 _____ () C:\Users\Magda\AppData\Local\oobelibMkey.log ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2020-06-17 19:15 ==================== Koniec FRST.txt ========================