Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-11-2020 01 Uruchomiony przez Adrian (administrator) DESKTOP-G2JSPH8 (ASUS All Series) (24-11-2020 12:11:29) Uruchomiony z C:\Users\Adrian\Downloads Załadowane profile: Adrian Platform: Windows 10 Home Wersja 2004 19041.630 (X64) Język: Polski (Polska) Domyślna przeglądarka: Chrome Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe (Enigma Software Group USA, LLC -> Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Users\Adrian\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\NVDisplay.Container.exe <2> (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [165000 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKU\S-1-5-21-3440692606-2268409445-794773074-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3395360 2020-08-30] (Valve -> Valve Corporation) HKU\S-1-5-21-3440692606-2268409445-794773074-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-3440692606-2268409445-794773074-1001\...\Run: [Napisy24Update] => "C:\Program Files (x86)\Napisy24\Napisy24Update.exe" "sleep" HKU\S-1-5-21-3440692606-2268409445-794773074-1001\...\Run: [Napisy24.pl] => "C:\Program Files (x86)\Napisy24\Napisy24.exe" AutoStart HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-16] (Google LLC -> Google LLC) BootExecute: autocheck autochk * sh4native Sh4Removal HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0913BC79-E187-4FD8-9779-DBFA5EDBA27D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-08-13] (NVIDIA Corporation -> NVIDIA Corporation) Task: {249B56DA-8542-4A36-9F48-1E3905284924} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-08-13] (NVIDIA Corporation -> NVIDIA Corporation) Task: {28279F7C-B15D-4074-A571-1FFC6F3D896F} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4665480 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {290BBF92-A55E-48F0-9AE5-F418447C854C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3982744 2020-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {2CBFE4EA-FA0B-4FD3-992F-E4C0FBD4FF34} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-08-13] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {34237E3D-B55D-4298-97AC-18EA8CA6AA5A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-08-13] (NVIDIA Corporation -> NVIDIA Corporation) Task: {351AA693-7294-4E81-9D9F-90BC7AA733C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-15] (Google LLC -> Google LLC) Task: {5D7A0154-4F38-476C-8F96-37EA5AF3EB77} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {61C4810B-B20E-43BD-A2DE-9A018DFF4015} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-15] (Google LLC -> Google LLC) Task: {63858FA8-5FE2-494A-8E9E-E53177043099} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-08-13] (NVIDIA Corporation -> NVIDIA Corporation) Task: {69300E9A-6F37-4435-80E7-2DB066E72F89} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117600 2020-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {858EC730-A11B-4619-8FCF-5BC407B580C1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-08-13] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9190535A-3DD8-4640-A326-089421431D73} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3440692606-2268409445-794773074-1001 => C:\Windows\System32\AgentActivationRuntimeStarter.exe [13312 2020-10-14] (Microsoft Windows -> ) Task: {95B9B788-AC06-4D90-82E0-70CE4D8A6D66} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3982744 2020-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {96A0B4D2-C336-4D9A-B16A-BE01FFCE2DBE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {972BFB69-0322-4E8C-BAEF-94D1AD65ED0D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-08-13] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A93577FD-94A1-4B9D-8815-092D30F1EDBB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117600 2020-11-16] (Microsoft Corporation -> Microsoft Corporation) Task: {ABC4F233-3FB3-4852-8B2D-1FC462ED2AFB} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-09-17] (AVG Technologies USA, LLC -> AVG Technologies) Task: {AC9CF482-E7E3-4469-8E48-8B00126A69C8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-10-07] (Mozilla Corporation -> Mozilla Foundation) Task: {D36D00E3-0B22-45AB-88AA-A0F7A4D1E468} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-08-13] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DA64C24E-1028-4FB7-BCFA-0050DE941895} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-08-13] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {F19C5073-2296-4527-9506-424F4FDE8722} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-08-13] (NVIDIA Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\..\Interfaces\{fc9387f2-545d-4ee5-a9f7-f240a7555b3a}: [DhcpNameServer] 217.113.224.134 217.113.224.35 Edge: ====== Edge Profile: C:\Users\Adrian\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-24] Edge HomePage: Default -> hxxps://www.google.com/ Edge Extension: (Outlook) - C:\Users\Adrian\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-19] Edge Extension: (Word) - C:\Users\Adrian\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-19] Edge Extension: (Excel) - C:\Users\Adrian\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-19] Edge Extension: (PowerPoint) - C:\Users\Adrian\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-19] Edge HKU\S-1-5-21-3440692606-2268409445-794773074-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx FireFox: ======== FF DefaultProfile: vy62al9e.default FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\vy62al9e.default [2020-06-19] FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\jgalc3ob.default-release [2020-11-19] FF Extension: (uBlock Origin) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\jgalc3ob.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-11-16] FF Extension: (Greasemonkey) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\jgalc3ob.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2020-10-07] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Brak pliku] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-21] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default [2020-11-24] CHR HomePage: Default -> hxxps://www.google.com/ CHR Extension: (Prezentacje) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-15] CHR Extension: (Dokumenty) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-15] CHR Extension: (Dysk Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20] CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-15] CHR Extension: (uBlock Origin) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-11-20] CHR Extension: (Arkusze) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-15] CHR Extension: (Absolute Enable Right Click & Copy) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdocbkpgdakpekjlhemmfcncgdjeiika [2020-06-15] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-15] CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (Chrome Media Router) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-14] CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\System Profile [2020-06-16] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [366232 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [3096712 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8502208 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1673288 2020-06-16] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-06-16] (GOG Sp. z o.o. -> GOG.com) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-19] (Malwarebytes Inc -> Malwarebytes) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2508592 2020-06-16] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460400 2020-06-16] (Electronic Arts, Inc. -> Electronic Arts) R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770944 2015-01-30] (Enigma Software Group USA, LLC -> Enigma Software Group USA, LLC.) S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.4-0\NisSrv.exe [2169568 2020-07-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.4-0\MsMpEng.exe [128376 2020-07-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ) R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37216 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [206472 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [332432 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [247952 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [97424 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgElam; C:\Windows\System32\drivers\avgElam.sys [16832 2020-11-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42848 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [176808 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [521816 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [109352 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84928 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [851680 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [469896 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [217408 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [326488 2020-11-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2015-01-30] (Enigma Software Group USA, LLC -> ) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-11-19] (Malwarebytes Inc -> Malwarebytes) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [78216 2020-07-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [430312 2020-07-14] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [98536 2020-07-14] (Microsoft Windows -> Microsoft Corporation) S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-11-24 12:11 - 2020-11-24 12:11 - 000022049 _____ C:\Users\Adrian\Downloads\FRST.txt 2020-11-24 00:41 - 2020-11-24 12:11 - 000000000 ____D C:\FRST 2020-11-24 00:41 - 2020-11-24 00:41 - 002295808 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64 (2).exe 2020-11-24 00:41 - 2020-11-24 00:41 - 000000000 ____D C:\Users\Adrian\Downloads\FRST-OlderVersion 2020-11-24 00:40 - 2020-11-24 00:41 - 002295808 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64 (1).exe 2020-11-24 00:21 - 2020-11-24 00:21 - 002244096 _____ C:\Users\Adrian\Downloads\adwcleaner_4.207.exe 2020-11-24 00:20 - 2020-11-24 00:20 - 008447152 _____ (Malwarebytes) C:\Users\Adrian\Downloads\adwcleaner_8.0.8.exe 2020-11-22 09:48 - 2020-11-22 09:48 - 000340104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2020-11-22 09:48 - 2020-11-22 09:48 - 000217408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2020-11-21 07:55 - 2020-11-21 08:20 - 025183825 _____ C:\Users\Adrian\Downloads\20201120_113925.psd 2020-11-20 15:43 - 2020-11-20 15:43 - 000363520 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-11-20 15:43 - 2020-11-20 15:43 - 000266240 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-11-20 15:43 - 2020-11-20 15:43 - 000197632 _____ C:\Windows\system32\IHDS.dll 2020-11-20 15:43 - 2020-11-20 15:43 - 000152576 _____ C:\Windows\system32\EoAExperiences.exe 2020-11-20 15:43 - 2020-11-20 15:43 - 000009265 _____ C:\Windows\system32\DrtmAuthTxt.wim 2020-11-19 23:33 - 2020-11-19 23:33 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2020-11-19 23:33 - 2020-11-19 23:33 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-11-19 23:33 - 2020-11-19 23:33 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-11-19 23:33 - 2020-11-19 23:32 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-11-19 23:33 - 2020-11-19 23:32 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2020-11-19 23:28 - 2020-11-19 23:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2020-11-19 23:28 - 2016-07-20 02:58 - 005229880 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\rtwlanu.sys 2020-11-19 23:28 - 2016-07-20 02:58 - 000020386 _____ C:\Windows\system32\netrtwlanu.cat 2020-11-17 17:55 - 2020-11-17 17:55 - 002012028 _____ C:\Windows\Minidump\111720-4828-01.dmp 2020-11-16 22:49 - 2020-11-16 22:49 - 021636229 _____ C:\Users\Adrian\Desktop\fotki.rar 2020-11-16 22:41 - 2020-11-21 08:04 - 000000000 ____D C:\Users\Adrian\Desktop\fotki 2020-11-13 19:29 - 2020-11-13 19:29 - 000048968 _____ C:\Users\Adrian\Desktop\2.pdf 2020-11-13 19:28 - 2020-11-13 19:28 - 000048968 _____ C:\Users\Adrian\Downloads\Form-559-16052909612012379444 (1).pdf 2020-11-13 19:17 - 2020-11-13 19:18 - 000767453 _____ C:\Users\Adrian\Desktop\1.pdf 2020-11-13 19:09 - 2020-11-13 19:09 - 000048968 _____ C:\Users\Adrian\Downloads\Form-559-16052909612012379444.pdf 2020-11-10 19:05 - 2020-11-10 19:33 - 000000000 ____D C:\Users\Adrian\Documents\Assassin's Creed Odyssey 2020-11-10 19:05 - 2020-11-10 19:05 - 000000000 ____D C:\Users\Adrian\Documents\CPY_SAVES 2020-11-09 15:34 - 2020-11-09 15:34 - 000000969 _____ C:\Users\Public\Desktop\Assassin's Creed Odyssey.lnk 2020-11-09 15:34 - 2020-11-09 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed Odyssey 2020-11-08 17:30 - 2020-11-08 17:30 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\CPY_SAVES 2020-11-08 17:30 - 2020-11-08 17:30 - 000000000 ____D C:\Users\Adrian\AppData\Local\KojimaProductions 2020-11-08 12:50 - 2020-11-08 13:05 - 000000000 ____D C:\Program Files\Rockstar Games 2020-11-07 00:53 - 2020-11-08 13:05 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2020-11-07 00:50 - 2020-11-07 00:50 - 000000000 ____D C:\Windows\SysWOW64\directx 2020-11-02 16:03 - 2020-11-02 19:04 - 000000040 _____ C:\Users\Adrian\Desktop\Nowy dokument tekstowy (3).txt ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-11-24 12:12 - 2020-07-14 23:32 - 000000000 ____D C:\ProgramData\AVG 2020-11-24 12:12 - 2020-06-15 19:57 - 000000000 ____D C:\ProgramData\NVIDIA 2020-11-24 12:10 - 2020-06-15 19:19 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-11-24 12:10 - 2020-06-15 19:18 - 000008192 ___SH C:\DumpStack.log.tmp 2020-11-24 12:10 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-11-24 00:57 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI 2020-11-24 00:40 - 2020-07-13 09:01 - 000000000 ____D C:\Users\Adrian\AppData\Local\CrashDumps 2020-11-24 00:31 - 2020-07-29 14:25 - 000000000 ____D C:\Users\Adrian\AppData\Local\ElevatedDiagnostics 2020-11-24 00:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF 2020-11-24 00:30 - 2020-06-15 19:23 - 000005810 _____ C:\Windows\system32\PerfStringBackup.INI 2020-11-24 00:30 - 2019-12-07 16:08 - 001041840 _____ C:\Windows\system32\perfh015.dat 2020-11-24 00:30 - 2019-12-07 16:08 - 000231744 _____ C:\Windows\system32\perfc015.dat 2020-11-24 00:23 - 2020-07-29 15:44 - 000000000 ____D C:\AdwCleaner 2020-11-23 23:48 - 2020-07-14 23:33 - 000004266 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update 2020-11-23 23:31 - 2020-07-29 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter4 2020-11-23 20:16 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2020-11-23 20:01 - 2020-06-15 19:18 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-11-23 00:30 - 2020-08-30 22:10 - 000003438 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-23 00:30 - 2020-08-30 22:10 - 000003214 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-23 00:30 - 2020-07-15 22:13 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2020-11-23 00:30 - 2020-06-15 19:57 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-11-23 00:30 - 2020-06-15 19:57 - 000003196 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-11-23 00:30 - 2020-06-15 19:57 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-11-23 00:30 - 2020-06-15 19:57 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-11-23 00:30 - 2020-06-15 19:57 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-11-23 00:30 - 2020-06-15 19:57 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-11-23 00:30 - 2020-06-15 19:57 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-11-23 00:30 - 2020-06-15 19:57 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-11-23 00:30 - 2020-06-15 19:57 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-11-23 00:30 - 2020-06-15 19:57 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-11-23 00:30 - 2020-06-15 19:27 - 000003496 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-11-23 00:30 - 2020-06-15 19:27 - 000003272 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-11-23 00:30 - 2020-06-15 19:23 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3440692606-2268409445-794773074-1001 2020-11-22 23:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2020-11-22 09:48 - 2020-10-15 09:27 - 000176808 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000851680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000521816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000469896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000332432 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000326488 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000247952 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000206472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000109352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000097424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000084928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000042848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000037216 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys 2020-11-22 09:48 - 2020-07-14 23:33 - 000016832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgElam.sys 2020-11-22 09:48 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2020-11-20 19:23 - 2020-06-15 19:18 - 000446776 _____ C:\Windows\system32\FNTCACHE.DAT 2020-11-20 15:46 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2020-11-20 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2020-11-20 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2020-11-20 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2020-11-20 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2020-11-20 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe 2020-11-20 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz 2020-11-20 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences 2020-11-20 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2020-11-20 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2020-11-20 15:45 - 2020-08-30 22:10 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-11-20 15:45 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-11-20 15:45 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2020-11-20 15:43 - 2020-06-15 19:20 - 002876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2020-11-19 23:32 - 2020-08-13 22:15 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-11-19 23:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState 2020-11-19 23:10 - 2020-08-07 07:40 - 000000000 ____D C:\ProgramData\Citrix 2020-11-19 22:54 - 2020-06-15 19:22 - 000000000 ____D C:\Users\Adrian\AppData\Local\Packages 2020-11-19 17:06 - 2020-06-15 19:21 - 000000000 ____D C:\Users\Adrian 2020-11-19 16:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports 2020-11-17 17:55 - 2020-07-29 15:23 - 000000000 ____D C:\Windows\Minidump 2020-11-16 22:40 - 2020-06-19 14:54 - 000000000 ____D C:\Users\Adrian\AppData\LocalLow\Mozilla 2020-11-16 22:37 - 2020-09-20 22:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-11-16 20:17 - 2020-06-15 19:28 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-11-10 19:06 - 2020-06-16 20:53 - 000000000 ____D C:\Users\Adrian\AppData\Local\D3DSCache 2020-11-08 13:19 - 2020-07-05 18:28 - 000000000 ____D C:\Users\Adrian\AppData\Roaming\uTorrent 2020-11-08 10:01 - 2020-07-29 14:17 - 000000000 ____D C:\Users\Adrian\AppData\LocalLow\uTorrent 2020-11-08 10:01 - 2020-07-05 18:29 - 000000000 ____D C:\Users\Adrian\AppData\Local\BitTorrentHelper 2020-11-07 00:16 - 2020-09-14 21:32 - 000000000 ____D C:\Users\Adrian\Desktop\fk 2020-11-07 00:16 - 2020-08-10 13:34 - 000000000 ____D C:\Users\Adrian\Desktop\foto 2020-11-06 23:00 - 2020-08-07 07:40 - 000000000 ____D C:\Users\Adrian\AppData\Local\Citrix 2020-10-29 20:23 - 2020-06-15 19:23 - 000000000 ___RD C:\Users\Adrian\OneDrive 2020-10-29 20:23 - 2020-06-15 19:21 - 000002410 _____ C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================