Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 27-12-2021 Uruchomiony przez Piotr (administrator) LAPTOP-AMIGO72 (HP HP Notebook) (28-12-2021 19:40:33) Uruchomiony z C:\Users\Piotr\OneDrive\Desktop\pobrane Załadowane profile: Piotr Platform: Microsoft Windows 10 Home Wersja 2004 19041.1415 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366400.inf_amd64_4021c2cb607d5b92\B366217\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366400.inf_amd64_4021c2cb607d5b92\B366217\atiesrxx.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\54.0.2.0\crashpad_handler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_5acc9ca73ae7cf4c\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131176.inf_amd64_fb4fe914575fdd15\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131176.inf_amd64_fb4fe914575fdd15\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131176.inf_amd64_fb4fe914575fdd15\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131176.inf_amd64_fb4fe914575fdd15\IntelCpHeciSvc.exe (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxAccounts.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12> (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) HKLM\...\Run: [DeliveryAndStatusCheck] => C:\Program Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe [301832 2015-11-10] (Hewlett-Packard -> HP) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4388440 2017-12-02] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-22] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-10-29] (CyberLink Corp. -> CyberLink Corp.) HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.) HKU\S-1-5-21-309175177-1749008106-2885720676-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-309175177-1749008106-2885720676-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49952424 2021-10-19] (Google LLC -> ) HKU\S-1-5-21-309175177-1749008106-2885720676-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Brak pliku) HKU\S-1-5-21-309175177-1749008106-2885720676-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.2.0\GoogleDriveFS.exe [55330648 2021-12-14] (Google LLC -> Google, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-10-29] (CyberLink Corp. -> CyberLink) HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-10-29] (CyberLink Corp. -> CyberLink) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {146A3C9F-9232-453A-A28F-CCB023C8150A} - \Hewlett-Packard\HP Support Assistant\First Boot -> Brak pliku <==== UWAGA Task: {26BE1D95-1A84-441A-8DF2-427290BE2C4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [564536 2015-06-24] (Hewlett-Packard Company -> Hewlett-Packard) Task: {292303B9-7DCF-413D-A007-4182DF09069D} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-22] (Avast Software s.r.o. -> AVAST Software) Task: {317107BF-13F6-48B4-AA5A-BA0B03A02F4B} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> Brak pliku <==== UWAGA Task: {48A98229-5C8E-4DDD-8139-CF35F7262A95} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> Brak pliku <==== UWAGA Task: {50CE9AEB-5017-4EDE-BA4A-4E88CE6E6A42} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {519F440E-E976-463A-938D-B08AD7CBBA28} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {5587F1DC-15D0-4331-A673-6EF75E5CD9C0} - \Microsoft\Windows\AppID\SmartScreenSpecific -> Brak pliku <==== UWAGA Task: {6AB39BEC-3545-45D3-BBF2-D51BEC9CCFE5} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> ) Task: {71E53243-3A2D-47EE-9DAB-6D71B2366657} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> Brak pliku <==== UWAGA Task: {788F994E-B971-4A57-AD2B-EBA037D0B9A5} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> Brak pliku <==== UWAGA Task: {7C655CC6-19CB-4430-BBD8-D29999902511} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Brak pliku <==== UWAGA Task: {82989C71-5B26-498E-90D6-9322A2C1F0D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [174904 2015-06-19] (Hewlett-Packard Company -> Hewlett-Packard) Task: {92996157-C9F4-4699-BF42-9217FB60ED79} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [515512 2015-10-29] (CyberLink Corp. -> CyberLink Corp.) Task: {967CAA16-6069-4738-9DB7-7EB5AF7B1110} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Brak pliku <==== UWAGA Task: {9C41799C-1676-4028-A2FF-B2CAB6EE2F25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {A0352518-D527-464A-AB8B-160E931AFCC8} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> Brak pliku <==== UWAGA Task: {A2A974B9-F99E-4E15-B5F6-F56DB62DC36D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-08-19] (Avast Software s.r.o. -> Avast Software) Task: {A741BC1C-B4B6-436D-AC57-3F90C345BD80} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Brak pliku <==== UWAGA Task: {B43AE69A-8CE8-429E-A9E5-C1FF2F459D9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154520 2021-07-24] (Google LLC -> Google LLC) Task: {C349BB67-3672-4975-AE02-517BAD9318EE} - \Microsoft\Windows\WindowsUpdate\sih -> Brak pliku <==== UWAGA Task: {DDE77CF2-DB16-43FB-8E24-9F9C490E2879} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {E6E6837A-7076-4C1C-B903-25AEB76321B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154520 2021-07-24] (Google LLC -> Google LLC) Task: {F9D959A4-481B-4091-A9F9-53F57E485CED} - \Avast SecureLine -> Brak pliku <==== UWAGA Task: {FA08798E-B871-40A3-AA3F-2906C31C9C91} - System32\Tasks\Opera scheduled Autoupdate 1637161421 => C:\Users\Piotr\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-14] (Opera Software AS -> Opera Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{5ba37ca5-dcf1-484a-989e-35c9156c74f8}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{5c034b68-0467-4666-9c58-d1c6f26c58e7}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Piotr\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-10] FireFox: ======== FF DefaultProfile: 1brri2xn.default FF ProfilePath: C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\1brri2xn.default [2021-07-11] FF ProfilePath: C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\sgqgvlxu.default-release [2021-12-28] FF DownloadDir: C:\Users\Piotr\OneDrive\Desktop\pobrane FF Session Restore: Mozilla\Firefox\Profiles\sgqgvlxu.default-release -> [funkcja włączona] FF Extension: (uBlock Origin) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\sgqgvlxu.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-12-27] FF Extension: (ImTranslator: Tłumacz, Słownik, Głos) - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\sgqgvlxu.default-release\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-12-20] FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) [Brak podpisu cyfrowego] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) Opera: ======= OPR Profile: C:\Users\Piotr\AppData\Roaming\Opera Software\Opera Stable [2021-11-26] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Piotr\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-24] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Piotr\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-17] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-19] (Avast Software s.r.o. -> AVAST Software) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] (Realtek Semiconductor Corp -> ) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [633504 2021-11-08] (Gameforge 4D GmbH -> ) R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-11] (Hewlett-Packard Company -> Hewlett-Packard Company) R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-19] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-19] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-22] (Avast Software s.r.o. -> AVAST Software) R3 clwvd6; C:\WINDOWS\System32\drivers\clwvd6.sys [41400 2015-08-31] (CyberLink Corp. -> CyberLink Corporation) R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-08-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [434424 2021-08-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-19] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) U3 aspnet_state; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-12-28 19:39 - 2021-12-28 19:41 - 000000000 ____D C:\FRST 2021-12-22 16:14 - 2021-12-22 16:14 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2021-12-22 16:13 - 2021-12-22 16:13 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2021-12-22 16:13 - 2021-12-22 16:13 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2021-12-21 09:14 - 2021-12-14 07:44 - 000381456 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3688.sys 2021-12-20 10:00 - 2021-12-20 10:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-12-19 19:33 - 2021-12-21 12:04 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-12-16 21:12 - 2021-12-16 21:12 - 000000000 ____D C:\WINDOWS\SystemTemp 2021-12-16 18:54 - 2021-12-16 18:54 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-12-16 18:54 - 2021-12-16 18:54 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-12-16 18:52 - 2021-12-16 18:52 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-12-16 18:52 - 2021-12-16 18:52 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-12-16 18:04 - 2021-12-16 18:04 - 000000000 ___HD C:\$WinREAgent 2021-12-12 20:28 - 2021-12-28 19:12 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-309175177-1749008106-2885720676-1001 2021-12-04 18:05 - 2021-12-04 18:08 - 001851028 _____ C:\WINDOWS\Minidump\120421-33453-01.dmp 2021-11-29 21:17 - 2021-11-29 21:22 - 001895604 _____ C:\WINDOWS\Minidump\112921-31562-01.dmp ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-12-28 19:17 - 2021-07-11 10:18 - 000000000 ____D C:\ProgramData\Mozilla 2021-12-28 19:16 - 2021-07-11 10:18 - 000000000 ____D C:\Users\Piotr\AppData\LocalLow\Mozilla 2021-12-28 19:14 - 2021-08-19 14:15 - 000000000 ____D C:\Users\Piotr\AppData\Local\Avast Software 2021-12-28 19:12 - 2021-11-17 16:03 - 000003550 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1637161421 2021-12-28 19:12 - 2021-10-03 09:10 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-12-28 19:12 - 2021-08-21 12:45 - 000002490 _____ C:\WINDOWS\system32\Tasks\YCMServiceAgent 2021-12-28 19:12 - 2021-07-24 06:21 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-12-28 19:12 - 2021-07-24 06:21 - 000003274 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-12-28 19:12 - 2021-07-11 09:33 - 000002262 _____ C:\WINDOWS\system32\Tasks\DropboxOEM 2021-12-28 19:12 - 2021-07-10 18:43 - 000003600 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2021-12-28 19:12 - 2021-07-10 18:43 - 000003376 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2021-12-28 19:12 - 2021-07-01 19:50 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-309175177-1749008106-2885720676-1001 2021-12-28 19:12 - 2021-07-01 06:20 - 000003438 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-12-28 19:12 - 2021-07-01 06:20 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-12-28 19:12 - 2016-01-08 03:37 - 000001188 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2021-12-28 19:12 - 2016-01-08 03:37 - 000001184 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2021-12-28 19:11 - 2021-07-22 19:26 - 000000000 ____D C:\Users\Piotr\AppData\Local\Battle.net 2021-12-28 19:03 - 2021-07-24 06:21 - 000000000 ____D C:\Program Files (x86)\Google 2021-12-28 18:53 - 2021-08-19 14:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2021-12-28 18:51 - 2021-07-01 19:49 - 000000000 ____D C:\Users\Piotr\OneDrive\Dokumenty\YouCam 2021-12-28 18:50 - 2021-07-01 19:46 - 000000000 __SHD C:\Users\Piotr\IntelGraphicsProfiles 2021-12-28 18:39 - 2021-07-01 00:48 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-12-28 17:30 - 2021-07-01 06:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-12-27 14:54 - 2021-07-11 10:30 - 000000000 ____D C:\Program Files (x86)\Steam 2021-12-24 09:01 - 2021-07-01 00:59 - 000787066 _____ C:\WINDOWS\system32\perfh015.dat 2021-12-24 09:01 - 2021-07-01 00:59 - 000152910 _____ C:\WINDOWS\system32\perfc015.dat 2021-12-24 09:01 - 2021-07-01 00:46 - 000000000 ____D C:\WINDOWS\INF 2021-12-24 09:01 - 2015-11-03 07:05 - 001820790 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-12-24 08:56 - 2021-07-01 06:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-12-24 08:56 - 2021-07-01 06:17 - 000008192 ___SH C:\DumpStack.log.tmp 2021-12-24 08:56 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\ServiceState 2021-12-24 08:56 - 2016-01-08 03:33 - 000000000 ____D C:\ProgramData\AVAST Software 2021-12-24 08:55 - 2021-07-01 00:25 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-12-24 00:57 - 2021-07-01 19:43 - 000000000 ____D C:\Users\Piotr 2021-12-23 23:13 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-12-23 22:45 - 2021-08-19 14:00 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-12-22 17:16 - 2021-07-22 19:25 - 000000000 ____D C:\Program Files (x86)\Battle.net 2021-12-22 17:00 - 2021-07-22 19:29 - 000000000 ____D C:\Program Files (x86)\Diablo III 2021-12-22 16:34 - 2021-07-01 00:48 - 000000000 ___HD C:\Program Files\WindowsApps 2021-12-22 16:34 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-12-22 16:13 - 2021-08-19 14:00 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2021-12-22 16:13 - 2021-08-19 14:00 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2021-12-22 16:13 - 2021-07-01 00:48 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-12-22 11:05 - 2021-07-12 18:01 - 000000982 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk 2021-12-21 12:04 - 2021-07-11 10:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-12-21 09:22 - 2021-07-01 19:48 - 000000000 ____D C:\Users\Piotr\AppData\Local\D3DSCache 2021-12-21 09:14 - 2021-08-31 16:43 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-12-21 09:14 - 2021-08-31 16:43 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk 2021-12-21 09:14 - 2021-08-31 16:43 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2021-12-21 09:14 - 2021-08-31 16:43 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk 2021-12-20 10:00 - 2021-07-11 10:18 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-12-19 19:15 - 2021-07-01 06:21 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-12-19 19:15 - 2021-07-01 06:21 - 000002253 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-12-17 15:26 - 2021-11-17 16:03 - 000001412 _____ C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2021-12-16 21:16 - 2021-07-01 06:17 - 000472904 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-12-16 21:12 - 2021-07-01 06:22 - 000000000 ____D C:\ProgramData\Realtek 2021-12-16 21:12 - 2021-07-01 00:48 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-12-16 21:12 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\SystemResources 2021-12-16 21:12 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\system32\setup 2021-12-16 21:12 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-12-16 21:12 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-12-16 21:12 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-12-16 21:12 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-12-16 21:12 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-12-16 21:12 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\Provisioning 2021-12-16 21:12 - 2021-07-01 00:48 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-12-16 19:03 - 2021-07-01 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-12-16 18:02 - 2021-07-13 20:27 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-12-16 17:59 - 2021-07-13 20:26 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-12-12 20:28 - 2021-07-01 19:43 - 000002430 _____ C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-12-05 09:17 - 2021-07-01 19:50 - 000000000 ___RD C:\Users\Piotr\OneDrive 2021-12-04 18:08 - 2021-11-14 21:11 - 000000000 ____D C:\WINDOWS\Minidump 2021-12-04 18:05 - 2021-11-14 21:11 - 1437249903 _____ C:\WINDOWS\MEMORY.DMP 2021-11-29 17:50 - 2021-08-19 15:47 - 000000000 ____D C:\Users\Piotr\AppData\Local\CrashDumps ==================== Pliki w katalogu głównym wybranych folderów ======== 2021-07-01 19:46 - 2021-12-28 18:50 - 000426360 _____ () C:\Users\Piotr\AppData\Local\BTServer.log 2021-07-11 12:15 - 2021-07-11 12:15 - 000007602 _____ () C:\Users\Piotr\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================