Zrobione. Wybaczcie, że od razu nie wstawiłem.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 29-03-2020
Uruchomiony przez Marcel (administrator) DESKTOP-H7T2JOB (Micro-Star International Co., Ltd. GL62 6QC) (31-03-2020 11:39:21)
Uruchomiony z C:\Users\Marcel\Desktop
Załadowane profile: Marcel (Dostępne profile: Marcel)
Platform: Windows 10 Pro Wersja 1703 15063.413 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions - & gt; Intel Corporation) C:\Windows\System32\ibtsiva.exe
(LogMeIn, Inc. - & gt; LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. - & gt; LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. - & gt; LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc - & gt; Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc - & gt; Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC - & gt; McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC - & gt; McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Users\Marcel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Piriform Ltd - & gt; Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. - & gt; Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Rejestr (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [SecurityHealth] = & gt; C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Windows - & gt; Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] = & gt; C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217016 2017-04-13] (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] = & gt; C:\Program Files\AVG\Antivirus\AvLaunch.exe [325704 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [BCSSync] = & gt; C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] = & gt; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. - & gt; LogMeIn Inc.)
HKU\S-1-5-21-3996695596-3568489024-1983877453-1001\...\Run: [ALLUpdate] = & gt; C:\Program Files\ALLPlayer\ALLUpdate.exe [3930344 2018-11-10] (ALLPlayer Group sp. z o.o. - & gt; ALLPlayer.org)
HKU\S-1-5-21-3996695596-3568489024-1983877453-1001\...\Run: [CCleaner Smart Cleaning] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd - & gt; Piriform Ltd)
HKU\S-1-5-21-3996695596-3568489024-1983877453-1001\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-09-13] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
HKU\S-1-5-21-3996695596-3568489024-1983877453-1001\...\Run: [Chromium] = & gt; " c:\users\marcel\appdata\local\chromium\application\chrome.exe " --auto-launch-at-startup --profile-directory= " Default " --restore-last-session
HKU\S-1-5-21-3996695596-3568489024-1983877453-1001\...\Run: [Xvid] = & gt; WScript " C:\Users\Marcel\Desktop\VirtualDub-1.10.4\CheckUpdateLauncher.vbs " " C:\Users\Marcel\Desktop\VirtualDub-1.10.4\CheckUpdate.ps1 "
HKLM\Software\...\AppCompatFlags\Custom\BINKPLAY.EXE: [{653a0d57-6b63-48f7-baa1-77d8fe2604a7}.sdb] - & gt; [SDB] Delta Force 2
HKLM\Software\...\AppCompatFlags\Custom\Df.exe: [{7d3898dd-a465-4240-86f0-10de97a908e3}.sdb] - & gt; [SDB] Delta Force
HKLM\Software\...\AppCompatFlags\Custom\Df2.exe: [{653a0d57-6b63-48f7-baa1-77d8fe2604a7}.sdb] - & gt; [SDB] Delta Force 2
HKLM\Software\...\AppCompatFlags\InstalledSDB\{653a0d57-6b63-48f7-baa1-77d8fe2604a7}: [DatabasePath] - & gt; C:\Windows\AppPatch\Custom\{653a0d57-6b63-48f7-baa1-77d8fe2604a7}.sdb [2017-03-22]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{7d3898dd-a465-4240-86f0-10de97a908e3}: [DatabasePath] - & gt; C:\Windows\AppPatch\Custom\{7d3898dd-a465-4240-86f0-10de97a908e3}.sdb [2017-03-22]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-20] (Google LLC - & gt; Google LLC)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] - & gt; C:\Windows\system32\hvsigpext.dll [2017-03-20] (Microsoft Windows - & gt; )
GroupPolicy: Ograniczenia ? & lt; ==== UWAGA
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia & lt; ==== UWAGA
==================== Zaplanowane zadania (filtrowane) ============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {08E8FF08-999D-42EA-A99F-726BFB05EAC2} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd - & gt; Piriform Ltd)
Task: {2542EAE3-3150-45DC-AFFC-65A5CB5FF535} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-25] (Google Inc - & gt; Google Inc.)
Task: {5393F5BD-FA43-4529-8D5B-91C130B97109} - System32\Tasks\CCleaner Update = & gt; C:\Program Files\CCleaner\CCUpdate.exe [550848 2018-09-19] (Piriform Ltd - & gt; Piriform Ltd)
Task: {78F5A84D-1B04-4983-80F2-32130A1BABA1} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-25] (Google Inc - & gt; Google Inc.)
Task: {B67F4CFD-B3DA-495F-91B9-E6C66D39B1C8} - System32\Tasks\AVG\Overseer = & gt; C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC - & gt; AVG Technologies)
Task: {EB921198-8A6E-46E6-8E1C-BD94DAA0E906} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated - & gt; Adobe Systems Incorporated)
Task: {FE212C83-6BBE-422E-9451-39C314B1EEE2} - System32\Tasks\Antivirus Emergency Update = & gt; C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3942704 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9ea02f93-93f0-4831-9b53-4afd6c0751a9}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-3996695596-3568489024-1983877453-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web-pl.com/
SearchScopes: HKU\S-1-5-21-3996695596-3568489024-1983877453-1001 - & gt; DefaultScope {B6E75726-2BAB-4B52-9C0C-912FC74E4F57} URL = hxxp://www.web-pl.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3996695596-3568489024-1983877453-1001 - & gt; {B6E75726-2BAB-4B52-9C0C-912FC74E4F57} URL = hxxp://www.web-pl.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation - & gt; Microsoft Corporation)
BHO: McAfee WebAdvisor - & gt; {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - & gt; C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-03-31] (McAfee, LLC - & gt; McAfee, LLC)
BHO: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation - & gt; Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation - & gt; Microsoft Corporation)
BHO-x32: McAfee WebAdvisor - & gt; {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - & gt; C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-03-31] (McAfee, LLC - & gt; McAfee, LLC)
BHO-x32: Office Document Cache Handler - & gt; {B4F3A835-0E21-4959-BA22-42B3008E02FF} - & gt; C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation - & gt; Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [Brak podpisu cyfrowego]
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3996695596-3568489024-1983877453-1001 - & gt; hxxp://www.web-pl.com/
FireFox:
========
FF DefaultProfile: w7hqyapm.default
FF ProfilePath: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\w7hqyapm.default [2020-03-31]
FF DownloadDir: C:\Users\Marcel\Desktop
FF Homepage: Mozilla\Firefox\Profiles\w7hqyapm.default - & gt; hxxps://www.google.pl/
FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\w7hqyapm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-12]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-03-31] [UpdateUrl:hxxps://www.siteadvisor.com/waffinstall/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated - & gt; Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3996695596-3568489024-1983877453-1001: @zoom.us/ZoomVideoPlugin - & gt; C:\Users\Marcel\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-11-27] (Zoom Video Communications, Inc. - & gt; Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default [2020-03-31]
CHR DownloadDir: C:\Users\Marcel\Desktop
CHR Notifications: Default - & gt; hxxps://www.asroma.pl; hxxps://www.jeunesfooteux.com; hxxps://www.mediaexpert.pl
CHR HomePage: Default - & gt; hxxp://www.web-pl.com/
CHR StartupUrls: Default - & gt; " hxxp://www.google.pl/ "
CHR Extension: (Prezentacje) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-25]
CHR Extension: (Dokumenty) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-25]
CHR Extension: (Dysk Google) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-25]
CHR Extension: (Arkusze) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-22]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Gmail) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-22]
CHR Profile: C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-02-06]
CHR Profile: C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\System Profile [2020-02-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
==================== Usługi (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [413544 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6094272 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
S2 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [439784 2016-05-07] (Intel(R) pGFX - & gt; Intel Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3648616 2018-09-13] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. - & gt; LogMeIn Inc.)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [541896 2018-04-19] (Intel(R) Wireless Connectivity Solutions - & gt; Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365032 2016-05-07] (Intel(R) pGFX - & gt; Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. - & gt; LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-31] (Malwarebytes Inc - & gt; Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913640 2020-03-31] (McAfee, LLC - & gt; McAfee, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [279104 2017-05-16] (Synaptics Incorporated - & gt; Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; " C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe " -s NVDisplay.ContainerLocalSystem -f " C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log " -l 3 -d " C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem " -r -p 30000
===================== Sterowniki (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37928 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [206160 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [271704 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [207192 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [64344 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\Windows\System32\drivers\avgElam.sys [16520 2020-02-26] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [43560 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [175472 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111144 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84096 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [849256 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [459192 2020-03-12] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [235280 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [316840 2020-02-26] (AVG Technologies USA, LLC - & gt; AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-09-28] (Disc Soft Ltd - & gt; Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-09-28] (Disc Soft Ltd - & gt; Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher - & gt; LogMeIn Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136216 2018-04-19] (Intel(R) Wireless Connectivity Solutions - & gt; Intel Corporation)
R3 L1C; C:\Windows\System32\drivers\L1C63x64.sys [121344 2017-03-18] (Microsoft Windows - & gt; Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-03-31] (Malwarebytes Inc - & gt; Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-03-31] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-31] (Malwarebytes Inc - & gt; Malwarebytes)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Microsoft Windows - & gt; Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_0401a47bc69f625c\nvlddmkm.sys [14456952 2017-06-26] (NVIDIA Corporation - & gt; NVIDIA Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] (Microsoft Windows - & gt; )
S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [28400 2020-02-06] () [Brak podpisu cyfrowego]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Windows - & gt; Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Windows - & gt; Microsoft Corporation)
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc (utworzone) ===================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2020-03-31 11:39 - 2020-03-31 11:40 - 000024264 _____ C:\Users\Marcel\Desktop\FRST.txt
2020-03-31 11:37 - 2020-03-31 11:39 - 000000000 ____D C:\FRST
2020-03-31 11:36 - 2020-03-31 11:36 - 002280448 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2020-03-31 11:20 - 2020-03-31 11:20 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-03-31 11:20 - 2020-03-31 11:20 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-03-31 10:09 - 2020-03-31 10:09 - 000000000 ____D C:\Users\Marcel\AppData\Local\mbam
2020-03-31 10:09 - 2020-03-31 10:09 - 000000000 ____D C:\Users\Marcel\AppData\Local\cache
2020-03-31 10:08 - 2020-03-31 10:08 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-31 10:08 - 2020-03-31 10:08 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-31 10:08 - 2020-03-31 10:08 - 000000000 ____D C:\Users\Marcel\AppData\Local\mbamtray
2020-03-31 10:08 - 2020-03-31 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-31 10:08 - 2020-03-31 10:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-31 10:08 - 2020-03-31 10:07 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-03-31 10:06 - 2020-03-31 10:06 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-30 23:23 - 2020-03-30 23:23 - 000000000 _____ C:\Users\Marcel\Desktop\Mandzukic badelj kalinic, od zmierzchu do switu.txt
2020-03-30 20:41 - 2020-03-30 23:25 - 1383164254 _____ C:\Users\Marcel\Desktop\Legacies.S02E16.PL.720p.AMZN.WEB-DL.XviD-H3Q.avi
2020-03-22 12:49 - 2020-03-22 12:51 - 000729876 _____ C:\Windows\Minidump\032220-29781-01.dmp
2020-03-22 12:49 - 2020-03-22 12:49 - 904288814 _____ C:\Windows\MEMORY.DMP
2020-03-14 18:20 - 2020-03-15 12:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== Jeden miesiąc (zmodyfikowane) ==================
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2020-03-31 11:25 - 2018-09-25 13:27 - 002720632 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-31 11:25 - 2017-03-20 05:58 - 001269414 _____ C:\Windows\system32\perfh015.dat
2020-03-31 11:25 - 2017-03-20 05:58 - 000291238 _____ C:\Windows\system32\perfc015.dat
2020-03-31 11:21 - 2020-02-10 22:40 - 000000000 ____D C:\Users\Marcel\AppData\Local\LogMeIn Hamachi
2020-03-31 11:21 - 2018-09-25 13:44 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-03-31 11:21 - 2018-09-25 13:44 - 000000000 __SHD C:\Users\Marcel\IntelGraphicsProfiles
2020-03-31 11:20 - 2018-09-25 13:56 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-31 11:20 - 2018-09-25 13:16 - 000401200 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-31 11:20 - 2018-09-25 13:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-31 11:19 - 2017-03-18 13:40 - 001572864 _____ C:\Windows\system32\config\BBI
2020-03-31 11:14 - 2018-09-25 18:34 - 000000000 ____D C:\Users\Marcel\AppData\Local\CrashDumps
2020-03-31 10:58 - 2018-09-25 13:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-03-31 10:08 - 2017-03-18 23:03 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-03-30 21:15 - 2018-09-25 19:14 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-03-30 21:15 - 2018-09-25 18:32 - 000002220 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-03-30 21:15 - 2018-09-25 17:59 - 000003250 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-03-30 21:15 - 2018-09-25 17:43 - 000003498 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-30 21:15 - 2018-09-25 17:43 - 000003274 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-30 21:15 - 2018-09-25 13:32 - 000002862 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3996695596-3568489024-1983877453-1001
2020-03-30 18:07 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\NDF
2020-03-30 10:24 - 2018-09-25 19:12 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer.lnk
2020-03-30 10:24 - 2018-09-25 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
2020-03-30 10:24 - 2018-09-25 19:12 - 000000000 ____D C:\Program Files\ALLPlayer
2020-03-29 20:31 - 2018-09-25 13:27 - 000000000 ____D C:\Users\Marcel
2020-03-28 11:26 - 2018-09-25 18:35 - 000002845 _____ C:\Users\Marcel\Desktop\Filmy.txt
2020-03-24 00:16 - 2020-02-25 15:43 - 000000000 ____D C:\Users\Marcel\Desktop\The Walking Dead S10
2020-03-23 18:48 - 2018-09-25 17:37 - 000000000 ____D C:\Users\Marcel\AppData\LocalLow\Mozilla
2020-03-22 12:53 - 2018-09-25 13:31 - 000002414 _____ C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 12:53 - 2018-09-25 13:31 - 000000000 ___RD C:\Users\Marcel\OneDrive
2020-03-22 12:49 - 2019-03-04 11:34 - 000000000 ____D C:\Windows\Minidump
2020-03-20 20:23 - 2018-09-25 17:44 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-20 16:10 - 2019-03-19 20:49 - 000000000 ____D C:\ProgramData\firebird
2020-03-17 16:17 - 2019-06-26 11:25 - 000000000 ____D C:\Users\Marcel\Desktop\Klienci
2020-03-17 15:50 - 2019-04-04 14:47 - 000000000 ____D C:\Users\Marcel\Desktop\Krajowa Energia
2020-03-16 20:32 - 2018-09-25 13:28 - 000000000 ____D C:\Users\Marcel\AppData\Local\VirtualStore
2020-03-15 12:58 - 2018-09-25 17:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-15 12:57 - 2018-09-25 17:36 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-03-12 09:45 - 2018-09-25 17:59 - 000459192 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
==================== SigCheck ============================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
LastRegBack: 2020-03-26 14:05
==================== Koniec FRST.txt ========================