Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 07-12-2019 Uruchomiony przez Admin (administrator) DESKTOP-T2T39M6 (Micro-Star International Co., Ltd. PL62 7RC) (09-12-2019 23:58:35) Uruchomiony z C:\Users\Admin\Desktop Załadowane profile: Admin (Dostępne profile: Admin) Platform: Windows 10 Pro Wersja 1803 17134.228 (X64) Język: Polski (Polska) Domyślna przeglądarka: Opera Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\Common Files\AVG\Overseer\overseer.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTime.Client.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTimeOptimizer.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe (Micro-Star International Co., Ltd.) [Brak podpisu cyfrowego] C:\Windows\SysWOW64\MSIService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2018-09-04] (Microsoft Corporation) [Brak podpisu cyfrowego] HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240512 2017-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-03-29] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2018-09-04] (Microsoft Corporation) [Brak podpisu cyfrowego] HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [229080 2019-11-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331352 2019-10-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\Run: [Discord] => C:\Users\Admin\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-11-20] (Valve -> Valve Corporation) HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3131664 2019-11-14] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\Run: [AceStream] => C:\Users\Admin\AppData\Roaming\ACEStream\engine\ace_engine.exe [27960 2018-08-23] (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\Run: [] => [X] HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\MountPoints2: {8bebe6b5-e5d0-11e9-b0e1-60f677a7d8dd} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\MountPoints2: {ae20d981-9a3a-11e8-af51-60f677a7d8dd} - "G:\SETUP.EXE" HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [32256 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [3932672 2018-07-06] (Microsoft Windows -> Microsoft Corporation) <==== UWAGA HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3 HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-21] (Google LLC -> Google LLC) BootExecute: autocheck autochk * sdnclean64.exe FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0A6094D5-EB1B-4BEA-8D5B-CB9BC3E2A93B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {25A99F34-8CEC-4727-9340-FCAABA4AB2D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.) Task: {2D17A2F0-E484-42A6-8A77-CCE9B3ED6CF8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {46002E2F-49FA-47BC-96E1-578383920827} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-06] (Microsoft Corporation -> Microsoft Corporation) Task: {4EAF95D6-9AC2-4B24-BBF6-18F6E280C471} - System32\Tasks\Opera scheduled Autoupdate 1565832039 => C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe [1528344 2019-12-04] (Opera Software AS -> Opera Software) Task: {6359399D-09D1-4DAF-A2DA-584945429ADE} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) Task: {6DD64D10-BDC4-441C-BA8F-FD395CF16032} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation) Task: {6E1CE698-AF49-495E-959D-438AEDF9899D} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3353784 2018-07-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) Task: {7C594977-BC4E-472C-AF45-66C7FF292CAC} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {805D9716-09DF-4D9B-B3E5-D857589FF952} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2019-09-18] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) Task: {84D18EDA-7709-4FAA-A0F1-D22094D734E4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {8A627112-57FD-491F-9F82-89959407C186} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-06] (Microsoft Corporation -> Microsoft Corporation) Task: {8D51C44D-770B-41FE-81FD-91BA8B25DE0C} - System32\Tasks\Avira\System Speedup\Delayed Startup\Admin\2 => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) <==== UWAGA Task: {9CE247EA-99CA-4E2A-8964-C3D8BBF1A160} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.) Task: {A2D1ED37-8D38-4B5E-B8B9-32E13183DAB6} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27801088 2019-11-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG ) Task: {A5747ADE-5811-4B7C-92EB-5C76B38D9A93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-06] (Microsoft Corporation -> Microsoft Corporation) Task: {AA0FA978-E140-44FF-9B3A-4894CA28AE76} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {B12918AA-FA15-4344-8677-368B6CA460B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-08-06] (Microsoft Corporation -> Microsoft Corporation) Task: {D57BBD5A-B4A6-41BA-AF22-334F7CF272A8} - \Microsoft\Windows\Application Experience\StartupCheckLibrary -> Brak pliku <==== UWAGA Task: {D7B8959F-3074-4FCE-B8CB-258538D20FC3} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {E39B3A55-A595-48CA-AA5E-A286D832657A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {E6C9AE4E-69E3-4450-B5F8-F77359594414} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software) Task: {EC5BAD63-2AB5-42DD-A5D6-7316FAF1BF27} - System32\Tasks\Avira\System Speedup\Delayed Startup\Admin\1 => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7606344 2019-05-07] (GOG Sp. z o.o. -> GOG.com) <==== UWAGA Task: {F91670DF-BB77-473F-9F9E-294FF4E66B58} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331352 2019-10-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {FBAF351D-2F2A-4632-BD69-8A81E0B47A3C} - \Microsoft\Windows\WDI\SrvHost -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{4c7babd1-76e1-49f3-b246-581ed95486fd}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190 SearchScopes: HKU\S-1-5-21-3756725419-1887990294-1533832777-1001 -> DefaultScope {C4722B60-9C61-4EC1-81F3-C4BCB0F5BAA2} URL = hxxp://www.nav-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3756725419-1887990294-1533832777-1001 -> {C4722B60-9C61-4EC1-81F3-C4BCB0F5BAA2} URL = hxxp://www.nav-pl.com/search?q={searchTerms} BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-11-23] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-23] (Oracle America, Inc. -> Oracle Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [Brak podpisu cyfrowego] Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-3756725419-1887990294-1533832777-1001 -> hxxp://www.nav-pl.com/ FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\LzdDn0qI.default [2019-12-07] FF Extension: (Avira Password Manager) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\LzdDn0qI.default\Extensions\passwordmanager@avira.com [2019-11-24] FF HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Admin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Script) - C:\Users\Admin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin HKU\S-1-5-21-3756725419-1887990294-1533832777-1001: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\Admin\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.nav-pl.com/ CHR StartupUrls: Default -> "hxxp://google.pl/" CHR NewTab: Default -> Not-active:"chrome-extension://apicngidjjeegmfbfgpobchlpliidibm/newtabproduct.html" CHR DefaultSearchURL: Default -> hxxps://pl.search.yahoo.com/search?fr=mcafee_uninternational&type=E210PL91105G10&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR Notifications: Default -> hxxps://chamsko.pl; hxxps://drive.google.com; hxxps://ebok.pgnig.pl; hxxps://get.prioritynotifications.com; hxxps://gretaith.com; hxxps://idisplayboxkude.club; hxxps://jbzdy.eu; hxxps://keepvid.com; hxxps://kfc.pl; hxxps://livesport.ws; hxxps://maddownload.com; hxxps://mail.google.com; hxxps://mojaolesnica.pl; hxxps://ostatniatawerna.pl; hxxps://player.pl; hxxps://tinder.com; hxxps://ukliminimate.club; hxxps://www.alphaporno.com; hxxps://www.dobreprogramy.pl; hxxps://www.ipolska24.pl; hxxps://www.megakoszulki.pl; hxxps://www.reddit.com; hxxps://www.rmf24.pl CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2019-12-09] CHR DownloadDir: C:\Users\Admin\Desktop CHR Extension: (Prezentacje) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-29] CHR Extension: (The Flash Video Downloader) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2019-05-16] CHR Extension: (Dokumenty) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-29] CHR Extension: (Dysk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-22] CHR Extension: (VideoDownloadConverter) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apicngidjjeegmfbfgpobchlpliidibm [2019-10-11] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-29] CHR Extension: (Avira Password Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2019-12-09] CHR Extension: (Avira Safe Shopping) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2019-12-05] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22] CHR Extension: (Arkusze) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-29] CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17] CHR Extension: (Ace Script) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-11-10] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-28] CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29] CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-07] CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-07] CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKU\S-1-5-21-3756725419-1887990294-1533832777-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] Opera: ======= OPR Extension: (YouTube MP3 Downloader) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\danfmmfbeaomffmgdnpgofcmphkpobii [2019-10-01] OPR Extension: (Convert4K YouTube Online Converter) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\nffkcnlmfhhlkipfefakigdkocndfflf [2019-10-01] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535352 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [567872 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [591264 2019-11-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989536 2019-08-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [379552 2019-11-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [146224 2019-10-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-03-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-05-07] (GOG Sp. z o.o. -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-20] (GOG Sp. z o.o. -> GOG.com) R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [46776 2018-09-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2027192 2018-03-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-04-19] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [Brak podpisu cyfrowego] S2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [62392 2017-04-24] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> ) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-14] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-14] (Electronic Arts, Inc. -> Electronic Arts) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [279104 2017-05-16] (Synaptics Incorporated -> Synaptics Incorporated) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-06] (Microsoft Corporation -> Microsoft Corporation) S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [207784 2019-12-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [197176 2019-09-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-08-10] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-08-10] (Disc Soft Ltd -> Disc Soft Ltd) R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2018-07-03] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2018-07-03] (Martin Malik - REALiX -> REALiX(tm)) R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.) R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-07-03] (Intel(R) Rapid Storage Technology -> Intel Corporation) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136216 2018-04-19] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [161096 2016-09-19] (Rivet Networks LLC -> Qualcomm Atheros, Inc.) R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw04.sys [3557864 2018-07-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Microsoft Windows -> Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_bba38e12711c1078\nvlddmkm.sys [17200392 2018-06-25] (NVIDIA Corporation -> NVIDIA Corporation) R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2019-11-04] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2018-07-03] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72768 2017-05-16] (Synaptics Incorporated -> Synaptics Incorporated) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-06] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-06] (Microsoft Windows -> Microsoft Corporation) S3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] (Micro-Star Int'l Co. Ltd. -> ) S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X] S3 GENERICDRV; \??\c:\users\admin\documents\temp\dragoncenter_updater\hotfix\AMIDEWIN\amifldrv64.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-12-09 23:58 - 2019-12-09 23:58 - 000050432 _____ C:\Users\Admin\Desktop\Shortcut.txt 2019-12-09 23:58 - 2019-12-09 23:58 - 000001375 _____ C:\Users\Admin\Desktop\Addition.txt 2019-12-07 01:28 - 2019-12-10 00:00 - 000035353 _____ C:\Users\Admin\Desktop\FRST.txt 2019-12-07 01:00 - 2019-12-09 23:59 - 000000000 ____D C:\FRST 2019-12-07 01:00 - 2019-12-09 23:58 - 002263552 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe 2019-12-07 01:00 - 2019-12-09 23:58 - 000000000 ____D C:\Users\Admin\Desktop\FRST-OlderVersion 2019-12-06 23:56 - 2019-12-06 23:56 - 000642766 _____ C:\Users\Admin\Desktop\1575652211_71e_9.mp4.mp4 2019-11-24 19:27 - 2019-11-24 19:27 - 000000000 ____D C:\Users\Admin\AppData\Local\AviraSpeedup 2019-11-24 19:26 - 2019-11-24 19:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira 2019-11-24 16:49 - 2019-11-24 16:49 - 000003374 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray 2019-11-24 16:49 - 2019-11-24 16:49 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf 2019-11-24 16:48 - 2019-12-07 17:07 - 000207784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2019-11-24 16:48 - 2019-09-19 09:07 - 000197176 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2019-11-24 16:48 - 2019-06-07 14:09 - 000078936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys 2019-11-24 16:48 - 2019-03-20 18:50 - 000089736 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2019-11-24 16:48 - 2019-03-20 18:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2019-11-24 16:48 - 2019-03-20 18:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys 2019-11-24 16:48 - 2019-03-20 18:50 - 000022336 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avelam.sys 2019-11-24 16:45 - 2019-11-24 16:45 - 000000000 ____D C:\Users\Admin\AppData\Local\Avira 2019-11-24 16:44 - 2019-12-09 23:49 - 000000000 ____D C:\Users\Public\Speedup Sessions 2019-11-24 16:44 - 2019-11-24 16:44 - 000003786 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate 2019-11-24 16:44 - 2019-11-24 16:44 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions 2019-11-24 16:44 - 2019-11-24 16:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla 2019-11-24 16:43 - 2019-11-24 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2019-11-24 16:43 - 2019-11-24 16:50 - 000000000 ____D C:\ProgramData\Avira 2019-11-24 16:43 - 2019-11-24 16:50 - 000000000 ____D C:\Program Files (x86)\Avira 2019-11-24 16:43 - 2019-11-24 16:43 - 000001265 _____ C:\Users\Public\Desktop\Avira.lnk 2019-11-24 00:08 - 2019-11-24 00:08 - 000002330 _____ C:\Users\Admin\Desktop\Monopoly 2012.lnk 2019-11-24 00:08 - 2019-11-24 00:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dream Tale - The Golden Keys 2019-11-24 00:06 - 2019-11-24 00:06 - 000000000 ____D C:\Program Files (x86)\Foxy Games 2019-11-23 22:56 - 2019-11-23 22:56 - 000000000 ____D C:\Users\Admin\Documents\TotalAV 2019-11-23 22:54 - 2019-11-23 22:54 - 000000000 ____D C:\ProgramData\SecuritySuite 2019-11-23 21:51 - 2019-11-23 21:51 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2019-11-23 21:51 - 2019-11-23 21:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2019-11-23 21:51 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe 2019-11-23 21:34 - 2019-12-07 22:49 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2019-11-23 21:34 - 2019-11-23 21:34 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2019-11-23 21:34 - 2019-11-23 21:34 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-11-23 21:34 - 2019-11-23 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2019-11-23 21:31 - 2019-11-24 00:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Talisman 2019-11-23 21:20 - 2019-11-23 21:20 - 000114232 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2019-11-23 21:20 - 2019-11-23 21:20 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Sun 2019-11-23 21:20 - 2019-11-23 21:20 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Sun 2019-11-23 21:20 - 2019-11-23 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2019-11-23 21:19 - 2019-11-23 21:19 - 000000000 ____D C:\ProgramData\Oracle 2019-11-23 21:19 - 2019-11-23 21:19 - 000000000 ____D C:\Program Files (x86)\Java 2019-11-23 21:11 - 2019-11-23 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ticket To Ride 2019-11-23 21:11 - 2019-11-23 21:25 - 000000000 ____D C:\Program Files (x86)\TicketToRide 2019-11-23 21:11 - 2019-11-23 21:11 - 000001140 _____ C:\Users\Public\Desktop\Ticket To Ride.lnk 2019-11-13 23:53 - 2019-11-13 23:53 - 053360960 _____ (ALLPlayer Ltd. ) C:\Users\Admin\Desktop\ALLPlayer.exe 2019-11-11 17:17 - 2019-11-11 17:17 - 000000000 ____D C:\Users\Admin\Desktop\Dedis - MZP _2018_ _Maciek1981_ 2019-11-10 18:01 - 2019-12-09 23:56 - 000000000 ____D C:\Users\Admin\AppData\Roaming\.ACEStream 2019-11-10 18:00 - 2019-11-10 18:02 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ACEStream 2019-11-10 18:00 - 2019-11-10 18:00 - 000002070 _____ C:\Users\Admin\Desktop\Ace Stream Media Center.lnk 2019-11-10 18:00 - 2019-11-10 18:00 - 000001966 _____ C:\Users\Admin\Desktop\Ace Player.lnk 2019-11-10 18:00 - 2019-11-10 18:00 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media 2019-11-10 18:00 - 2019-11-10 18:00 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\.ACEStream 2019-11-10 02:35 - 2019-11-10 02:35 - 000000000 ____D C:\Users\Admin\Desktop\BonSoul - R _2019_ _Maciek1981_ ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-12-10 00:03 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-12-09 23:50 - 2018-10-09 22:38 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps 2019-12-09 23:46 - 2019-07-05 03:34 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2019-12-09 23:46 - 2018-06-29 15:56 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles 2019-12-09 23:45 - 2018-06-30 00:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-12-09 23:45 - 2018-06-29 15:55 - 000000000 ____D C:\ProgramData\NVIDIA 2019-12-09 23:43 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-12-09 23:42 - 2018-06-29 23:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-12-07 22:38 - 2019-07-23 23:23 - 000000000 ____D C:\Users\Admin\AppData\Roaming\WhatsApp 2019-12-07 22:38 - 2018-12-12 15:18 - 000000000 ____D C:\Users\Admin\.openshot_qt 2019-12-07 01:04 - 2018-07-11 12:25 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Temp 2019-12-06 14:15 - 2019-08-15 02:20 - 000004248 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1565832039 2019-12-06 14:15 - 2019-08-15 02:20 - 000001403 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2019-12-05 23:45 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-11-30 04:00 - 2018-09-07 23:18 - 000000000 ____D C:\Users\Admin\AppData\Roaming\discord 2019-11-30 03:47 - 2018-07-08 16:35 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache 2019-11-30 03:14 - 2018-10-07 17:34 - 000000000 ____D C:\Program Files (x86)\Steam 2019-11-26 23:11 - 2019-07-23 23:23 - 000000000 ____D C:\Users\Admin\AppData\Local\WhatsApp 2019-11-25 13:03 - 2018-06-29 23:55 - 000435888 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-11-24 16:49 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-11-24 16:45 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2019-11-24 16:43 - 2018-06-29 16:11 - 000000000 ____D C:\ProgramData\Package Cache 2019-11-24 16:34 - 2018-06-29 22:21 - 000000000 ____D C:\Program Files\WinRAR 2019-11-24 16:33 - 2018-06-30 00:01 - 000000000 ____D C:\Users\Admin 2019-11-23 23:07 - 2019-07-05 03:34 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2019-11-23 21:51 - 2018-06-29 22:28 - 000000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent 2019-11-23 21:49 - 2018-10-07 17:50 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2019-11-23 21:43 - 2018-06-29 22:21 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-11-23 21:43 - 2018-06-29 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-11-23 21:36 - 2019-09-28 19:33 - 000000000 ____D C:\WINDOWS\Minidump 2019-11-23 21:34 - 2018-09-02 18:05 - 000000000 ____D C:\Program Files\CCleaner 2019-11-23 21:31 - 2018-08-24 18:21 - 000000000 ____D C:\Users\Admin\AppData\Local\SKIDROW 2019-11-23 21:27 - 2018-06-29 15:41 - 000000000 ____D C:\Users\Admin\AppData\Local\VirtualStore 2019-11-23 21:03 - 2019-04-07 22:47 - 000000000 ____D C:\Users\Admin\AppData\Local\BitTorrentHelper 2019-11-23 19:40 - 2019-03-20 00:01 - 000000000 ____D C:\ProgramData\Origin 2019-11-22 02:16 - 2019-03-20 00:01 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Origin 2019-11-21 21:34 - 2018-06-29 22:23 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-11-15 01:13 - 2019-03-20 00:06 - 000000000 ____D C:\Program Files (x86)\Origin Games 2019-11-15 01:11 - 2019-05-23 22:50 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3756725419-1887990294-1533832777-1001 2019-11-15 01:11 - 2018-06-30 00:01 - 000002411 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-11-15 01:11 - 2018-06-29 15:44 - 000000000 ___RD C:\Users\Admin\OneDrive 2019-11-14 00:49 - 2019-03-20 00:03 - 000000000 ____D C:\Program Files (x86)\Origin 2019-11-13 02:45 - 2019-03-20 00:19 - 000001199 _____ C:\Users\Public\Desktop\Apex Legends.lnk 2019-11-13 02:19 - 2018-06-29 15:41 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages 2019-11-13 02:19 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-11-13 02:19 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-11-11 13:04 - 2018-12-07 01:59 - 000000000 ____D C:\Users\Admin\Desktop\Untitled Project 2019-11-10 02:02 - 2019-07-05 12:57 - 000001500 _____ C:\WINDOWS\wininit.ini 2019-11-10 02:01 - 2019-10-26 20:16 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp ==================== Pliki w katalogu głównym wybranych folderów ======== 2019-11-04 01:42 - 2019-11-07 00:44 - 000000038 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG 2018-10-11 12:22 - 2019-09-18 00:37 - 000001496 _____ () C:\Users\Admin\AppData\Local\Adobe Zapisz dla Internetu 13.0 Prefs 2018-12-07 02:38 - 2018-12-07 02:38 - 000003584 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================