Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-12-2019 Uruchomiony przez Kamil (administrator) BARTENDJADZIA (MSI MS-7A70) (01-01-2020 13:52:53) Uruchomiony z C:\Users\Kamil\Downloads Załadowane profile: Kamil (Dostępne profile: Kamil) Platform: Windows 8.1 Pro (Update) (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Byte Technologies LLC -> Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe (Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe (Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\browserhost.exe (McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe (Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Kamil\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9198592 2017-03-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\Run: [BingSvc] => C:\Users\Kamil\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation) HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-12-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\MountPoints2: {0449243c-25a6-11ea-83e1-4ccc6a966123} - "F:\setup.exe" HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\MountPoints2: {0449245c-25a6-11ea-83e1-4ccc6a966123} - "G:\OriginInstaller.exe" HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\MountPoints2: {a423fdda-1eb6-11ea-83d1-4ccc6a966123} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\MountPoints2: {f4c984d9-df5c-11e7-82eb-4ccc6a966123} - "F:\Lenovo_Suite.exe" HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\Winlogon: [Shell] %comspec% <==== UWAGA HKU\S-1-5-21-968159076-530178348-4023363429-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundModule.exe" 2>NUL | find /I /N "SoundModule.exe">NUL && exit & if exist ( start /MIN "" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0976890F-A562-40FA-92C1-F73AD7D5CD3A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) Task: {34961826-1CB8-4411-8B45-8DEA137501D9} - System32\Tasks\MSIOSDx64_Host => D:\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe Task: {5F7D66A5-DA43-4B59-A399-0D619850421C} - System32\Tasks\CMEClient => A:\ChallengeMe.GG Client\ChallengeMeClient.exe Task: {6542BC40-862B-4843-A45B-48F7BBB51804} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) Task: {846543EB-CDBD-4AEB-BAE2-E25AA80CD5B9} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {84E30595-D4C3-4359-9766-DA04D51DFFA7} - System32\Tasks\MSIGH_Host => D:\Gaming APP\GamingHotkey.exe Task: {89A43475-8BA6-4E29-8650-37D4CF070E83} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) Task: {A5697C56-41F5-402B-97CE-5A6A972322F5} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [3917128 2019-11-20] (Byte Technologies LLC -> Byte Technologies LLC) <==== UWAGA Task: {A7E96933-ED48-4E6A-9155-DEA101179CAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-23] (Google Inc -> Google LLC) Task: {B96E2D24-5CAA-48B6-AD6D-C7D6802814C9} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {C1F02746-7DC0-46BC-9130-5099790F8D23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-23] (Google Inc -> Google LLC) Task: {E61C4C3C-7354-4184-B6DB-4004358CE7EB} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => C:\Windows\system32\Maintenance.vbs [1131 2018-07-21] () [Brak podpisu cyfrowego] Task: {E88DFD30-5D9D-4D72-950E-67D29CFCEB3A} - System32\Tasks\MSIOSDx86_Host => D:\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe Task: {F1A00601-4C8A-4718-B6DF-794AA2BFFC88} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => C:\Windows\system32\StartupCheck.vbs [392 2018-05-07] () [Brak podpisu cyfrowego] (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 31.11.202.254 37.8.214.2 Tcpip\..\Interfaces\{590CF52E-7FA9-418E-8DA9-1C7C7DFFA290}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{6B1E748B-041E-4F1B-9884-4FB6F72D6354}: [DhcpNameServer] 31.11.202.254 37.8.214.2 Internet Explorer: ================== HKU\S-1-5-21-968159076-530178348-4023363429-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.global-pl.com/ HKU\S-1-5-21-968159076-530178348-4023363429-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp SearchScopes: HKU\S-1-5-21-968159076-530178348-4023363429-1001 -> DefaultScope {19FB89A4-9E8A-44F5-8046-CED817A05382} URL = hxxp://www.global-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-968159076-530178348-4023363429-1001 -> {19FB89A4-9E8A-44F5-8046-CED817A05382} URL = hxxp://www.global-pl.com/search?q={searchTerms} BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-12-14] (McAfee, LLC -> McAfee, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> A:\bin\ssv.dll => Brak pliku BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-12-14] (McAfee, LLC -> McAfee, Inc.) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation -> Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> A:\bin\jp2ssv.dll => Brak pliku Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation -> Microsoft Corporation.) FireFox: ======== FF DefaultProfile: 7oa4wcm3.default FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\7oa4wcm3.default [2019-11-23] FF Notifications: Mozilla\Firefox\Profiles\7oa4wcm3.default -> hxxp://6obcy.pl; hxxps://www.faceit.com; hxxps://zengaming.webengagepush.com; hxxps://virginmobile.pl; hxxps://www.onet.pl; hxxps://primagran.pl FF Extension: (Avast Online Security) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\7oa4wcm3.default\Extensions\wrc@avast.com.xpi [2019-10-04] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-12-14] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-07-06] (Adobe Systems Incorporated -> ) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-07-06] (Adobe Systems Incorporated -> ) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> A:\bin\dtplugin\npDeployJava1.dll [Brak pliku] FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> A:\bin\plugin2\npjp2.dll [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) Chrome: ======= CHR HomePage: Default -> msn.com CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Profile: C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default [2020-01-01] CHR Extension: (Prezentacje) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-23] CHR Extension: (Dokumenty) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-23] CHR Extension: (Dysk Google) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-23] CHR Extension: (YouTube) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-23] CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-11-23] CHR Extension: (Arkusze) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-23] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-11-24] CHR Extension: (Dokumenty Google offline) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-24] CHR Extension: (Avast Online Security) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-20] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-23] CHR Extension: (Gmail) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-23] CHR Extension: (Chrome Media Router) - C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-18] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-968159076-530178348-4023363429-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [290184 2017-03-16] (Advanced Micro Devices, Inc. -> AMD) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-03-08] (BattlEye Innovations e.K. -> ) R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [160584 2019-11-20] (Byte Technologies LLC -> Byte Technologies LLC) <==== UWAGA R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-12-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2017-03-26] () [Brak podpisu cyfrowego] R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-14] (McAfee, LLC -> McAfee, Inc.) R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [68024 2017-02-16] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 rtop; c:\program files\bytefence\rtop\bin\rtop_svc.exe [297288 2019-12-02] (Byte Technologies LLC -> Byte Technologies LLC.) <==== UWAGA S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [X] S2 GamingApp_Service; "D:\Gaming APP\GamingApp_Service.exe" [X] S2 GamingHotkey_Service; D:\Gaming APP\GamingHotkey_Service.exe [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [32694152 2017-03-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [516488 2017-03-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R3 athr; C:\Windows\system32\DRIVERS\athw8x.sys [3680256 2013-06-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2019-12-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2019-12-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.) S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2016-12-21] (Apple Inc.) [Brak podpisu cyfrowego] R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) S3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46408 2017-06-02] (SteelSeries ApS -> SteelSeries ApS) S3 sshid; C:\Windows\System32\drivers\sshid.sys [45928 2017-06-30] (SteelSeries ApS -> SteelSeries ApS) R3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [Brak podpisu cyfrowego] R3 visctap0901; C:\Windows\system32\DRIVERS\visctap0901.sys [34440 2015-07-10] (SparkLabs Pty Ltd -> The OpenVPN Project) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 NTIOLib_MBAPI; \??\D:\Gaming APP\Lib\NTIOLib_X64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-01-01 13:52 - 2020-01-01 13:53 - 000024790 _____ C:\Users\Kamil\Downloads\FRST.txt 2020-01-01 13:32 - 2020-01-01 13:53 - 000000000 ____D C:\FRST 2020-01-01 13:32 - 2020-01-01 13:32 - 000000000 ____D C:\Users\Kamil\Downloads\FRST-OlderVersion 2020-01-01 13:31 - 2020-01-01 13:32 - 002272256 _____ (Farbar) C:\Users\Kamil\Downloads\FRST64.exe 2020-01-01 13:13 - 2020-01-01 13:13 - 000000000 _____ C:\Windows\system32\spu_storage.bin 2019-12-31 16:40 - 2019-12-31 16:45 - 000032768 _____ C:\Users\Public\Documents\crash_dump.bin 2019-12-31 16:40 - 2019-12-31 16:45 - 000032768 _____ C:\ProgramData\Documents\crash_dump.bin 2019-12-31 16:39 - 2019-12-31 16:52 - 000000000 ____D C:\Users\Kamil\Documents\Need for Speed Heat 2019-12-30 20:53 - 2019-12-30 20:53 - 000000000 ____D C:\Users\Kamil\Documents\Rockstar Games 2019-12-30 20:53 - 2019-12-30 20:53 - 000000000 ____D C:\Users\Kamil\AppData\Local\Rockstar Games 2019-12-30 20:53 - 2019-12-30 20:53 - 000000000 ____D C:\ProgramData\Steam 2019-12-30 20:53 - 2019-12-30 20:53 - 000000000 ____D C:\ProgramData\Socialclub 2019-12-30 20:51 - 2020-01-01 13:29 - 000000001 _____ C:\Windows\system32\updatesettings.dbf 2019-12-30 19:21 - 2019-12-30 19:21 - 000000730 _____ C:\Users\Kamil\Desktop\Grand Theft Auto V.lnk 2019-12-30 19:21 - 2018-07-29 20:36 - 005143552 _____ C:\Windows\system32\ServiceInstaller.exe 2019-12-30 19:21 - 2018-07-21 17:10 - 000001131 _____ C:\Windows\system32\Maintenance.vbs 2019-12-30 19:21 - 2018-07-21 15:38 - 000054784 _____ C:\Windows\system32\ServiceInstaller.msi 2019-12-30 19:21 - 2018-05-07 10:33 - 000000392 _____ C:\Windows\system32\StartupCheck.vbs 2019-12-30 19:21 - 2018-04-29 16:27 - 000024512 _____ C:\Windows\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B 2019-12-30 19:21 - 2018-01-29 00:09 - 000000000 _____ C:\Windows\system32\setup4.2.6.tmp 2019-12-28 21:58 - 2019-12-28 21:58 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\SKS 2019-12-28 21:55 - 2019-12-28 21:55 - 000000669 _____ C:\Users\Kamil\Desktop\The Forest.lnk 2019-12-28 21:55 - 2019-12-28 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Forest 2019-12-26 20:31 - 2019-12-26 20:31 - 001155640 _____ C:\Windows\Minidump\122619-6250-01.dmp 2019-12-26 18:33 - 2019-12-26 23:24 - 000000000 ____D C:\Users\Kamil\Documents\Battlefield V 2019-12-26 04:54 - 2019-12-26 04:54 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller 2019-12-23 21:01 - 2019-12-23 21:01 - 000000000 ____D C:\Users\Kamil\AppData\Local\Disc_Soft_Ltd 2019-12-23 20:59 - 2019-12-23 20:59 - 000059360 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2019-12-23 20:59 - 2019-12-23 20:59 - 000042256 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2019-12-23 20:59 - 2019-12-23 20:59 - 000001721 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2019-12-23 20:59 - 2019-12-23 20:59 - 000001721 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk 2019-12-23 20:59 - 2019-12-23 20:59 - 000000000 ____D C:\Users\Public\Documents\Catch! 2019-12-23 20:59 - 2019-12-23 20:59 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\DAEMON Tools Lite 2019-12-23 20:59 - 2019-12-23 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite 2019-12-23 20:59 - 2019-12-23 20:59 - 000000000 ____D C:\ProgramData\Documents\Catch! 2019-12-23 20:58 - 2019-12-23 20:59 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2019-12-23 20:58 - 2019-12-23 20:58 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2019-12-23 20:57 - 2019-12-23 20:57 - 003226136 _____ ( ) C:\Users\Kamil\Downloads\DAEMON-Tools-Lite-12708-AsystentPobierania_2389274345.exe 2019-12-21 13:11 - 2019-12-21 13:12 - 003957282 _____ C:\Users\Kamil\Downloads\BF4.exe 2019-12-20 12:52 - 2019-12-20 12:53 - 003889781 _____ C:\Users\Kamil\Downloads\BF3-SP.exe 2019-12-19 21:56 - 2019-12-19 21:56 - 000000000 ____D C:\ProgramData\Orbit 2019-12-19 21:54 - 2019-12-19 21:54 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Far Cry 4 2019-12-19 21:54 - 2019-12-19 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4 2019-12-17 00:14 - 2019-12-17 00:15 - 001116808 _____ C:\Windows\Minidump\121719-6500-01.dmp 2019-12-14 22:14 - 2019-12-14 22:14 - 001145904 _____ C:\Windows\Minidump\121419-6250-01.dmp 2019-12-14 05:51 - 2019-12-14 05:51 - 000038099 _____ C:\Users\Kamil\Downloads\Wstęp do medioznawstwa.pdf 2019-12-14 05:39 - 2019-12-14 05:39 - 005992390 _____ C:\Users\Kamil\Downloads\Teoria komunikacji ćwiczenia.pdf 2019-12-14 04:29 - 2019-12-14 04:29 - 000044368 _____ C:\Users\Kamil\Downloads\wstep-do-teorii-komunikacji-K.pdf 2019-12-11 13:32 - 2019-12-31 00:47 - 000000037 _____ C:\Users\Kamil\AppData\Roaming\WB.CFG 2019-12-07 17:57 - 2019-12-07 17:57 - 001530251 _____ C:\Users\Kamil\Downloads\Setup_5721.zip 2019-12-02 10:35 - 2019-12-02 10:35 - 000000739 _____ C:\Users\Public\Desktop\The Sims 4 x86.lnk 2019-12-02 10:35 - 2019-12-02 10:35 - 000000739 _____ C:\ProgramData\Desktop\The Sims 4 x86.lnk 2019-12-02 10:35 - 2019-12-02 10:35 - 000000729 _____ C:\Users\Public\Desktop\The Sims 4 x64.lnk 2019-12-02 10:35 - 2019-12-02 10:35 - 000000729 _____ C:\ProgramData\Desktop\The Sims 4 x64.lnk 2019-12-02 10:07 - 2019-12-02 10:07 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-12-02 10:07 - 2019-12-02 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-12-02 10:06 - 2020-01-01 13:33 - 000000000 ____D C:\Program Files\ByteFence 2019-12-02 10:06 - 2019-12-31 16:54 - 000003308 _____ C:\Windows\system32\Tasks\ByteFence 2019-12-02 10:06 - 2019-12-19 19:47 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp 2019-12-02 10:06 - 2019-12-02 10:06 - 000001041 _____ C:\Users\Kamil\Desktop\ByteFence Anti-Malware.lnk 2019-12-02 10:06 - 2019-12-02 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware 2019-12-02 10:05 - 2019-12-02 10:05 - 003220016 _____ ( ) C:\Users\Kamil\Downloads\WinRAR-12398-AsystentPobierania_2378890139.exe 2019-12-02 10:04 - 2019-12-02 10:04 - 000004804 _____ C:\Users\Kamil\Downloads\The Sims 4 (Language Changer) MULTi17.rar ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-01-01 13:39 - 2017-03-26 14:42 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-968159076-530178348-4023363429-1001 2020-01-01 13:18 - 2014-11-21 05:46 - 001027110 _____ C:\Windows\system32\PerfStringBackup.INI 2020-01-01 13:18 - 2014-11-21 05:07 - 000163272 _____ C:\Windows\system32\perfc015.dat 2020-01-01 13:18 - 2014-11-21 05:07 - 000012242 _____ C:\Windows\system32\perfh015.dat 2020-01-01 13:18 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2020-01-01 13:13 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-12-31 17:45 - 2019-09-29 15:40 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2019-12-31 16:55 - 2019-11-23 22:09 - 000000000 ____D C:\Users\Kamil\AppData\Roaming\uTorrent 2019-12-31 16:55 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-12-31 16:54 - 2019-11-23 21:25 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2019-12-31 16:54 - 2019-11-23 21:25 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2019-12-31 16:54 - 2019-09-29 15:40 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2019-12-31 16:54 - 2017-03-29 18:59 - 000003086 _____ C:\Windows\system32\Tasks\MSIGH_Host 2019-12-31 16:54 - 2017-03-29 18:59 - 000003020 _____ C:\Windows\system32\Tasks\MSIOSDx86_Host 2019-12-31 16:54 - 2017-03-29 18:59 - 000003020 _____ C:\Windows\system32\Tasks\MSIOSDx64_Host 2019-12-31 16:54 - 2017-03-29 18:59 - 000003002 _____ C:\Windows\system32\Tasks\MSISW_Host 2019-12-31 16:54 - 2017-03-26 15:04 - 000003160 _____ C:\Windows\system32\Tasks\StartCN 2019-12-31 16:54 - 2017-03-26 14:48 - 000003646 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification 2019-12-31 16:46 - 2019-11-23 22:10 - 000000000 ____D C:\Users\Kamil\AppData\Local\BitTorrentHelper 2019-12-31 15:57 - 2019-11-27 21:17 - 000000000 ____D C:\Users\Kamil\AppData\LocalLow\uTorrent 2019-12-30 19:26 - 2017-04-22 18:02 - 000000000 ____D C:\Windows\SysWOW64\directx 2019-12-28 00:16 - 2019-11-01 21:53 - 000000000 ____D C:\Users\Kamil\AppData\Local\CrashDumps 2019-12-26 20:31 - 2017-04-05 13:21 - 000000000 ____D C:\Windows\Minidump 2019-12-26 18:13 - 2019-11-27 20:08 - 000000000 ____D C:\ProgramData\Origin 2019-12-23 21:41 - 2017-03-26 14:46 - 000000000 ____D C:\ProgramData\Package Cache 2019-12-19 21:56 - 2017-03-29 15:50 - 000000000 ____D C:\Users\Kamil\Documents\My Games 2019-12-19 19:35 - 2019-11-23 21:25 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-12-19 19:35 - 2019-11-23 21:25 - 000002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-12-19 19:35 - 2019-11-23 21:25 - 000002215 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2019-12-15 21:57 - 2019-11-24 10:14 - 000000000 ____D C:\Users\Kamil\Documents\The Witcher 3 2019-12-14 07:30 - 2017-07-16 09:58 - 000003288 _____ C:\Windows\system32\Tasks\CMEClient ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-09-29 15:40 - 2019-09-29 15:40 - 000000095 _____ () C:\Users\Kamil\AppData\Roaming\FSLog.log 2019-12-11 13:32 - 2019-12-31 00:47 - 000000037 _____ () C:\Users\Kamil\AppData\Roaming\WB.CFG 2017-03-26 15:23 - 2017-03-26 15:23 - 000000600 _____ () C:\Users\Kamil\AppData\Roaming\winscp.rnd ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) UWAGA: ==> Nie można uzyskać dostępu do BCD. -> 0 LastRegBack: 2019-12-31 14:26 ==================== Koniec FRST.txt ========================