ADVERTISEMENT

FRST_08-01-2021 11.40.30.txt

Serwer proxy odrzuca połączenia - brak dostępu do internetu we wszystkich przeglądarkach

Witam. Jak wchodzę w przeglądarkę (jakąkolwiek), pisze serwer proxy odrzuca połączenia. Dołączam logi z FRST.


Download file - link to post

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RTHDVCPL] = & gt; C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277528 2019-09-18] (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
HKLM\...\Run: [Windows Mobile Device Center] = & gt; C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] = & gt; C:\Windows\system32\nvspcap64.dll [1923192 2017-08-22] (NVIDIA Corporation - & gt; NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] = & gt; C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-24] (Intel Corporation - & gt; Intel Corporation)
HKLM-x32\...\Run: [IMSS] = & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-20] (Intel Corporation - & gt; Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] = & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] = & gt; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [138088 2019-10-16] (IDSA Production signing key - & gt; Intel)
HKLM-x32\...\Run: [Live Update] = & gt; C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26310800 2020-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] = & gt; C:\MSI\MSIRegister\MSIRegister.exe [1266872 2019-03-08] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [ControlCenter4] = & gt; C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [BrStsMon00] = & gt; C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. - & gt; Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia & lt; ==== UWAGA
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\Run: [GalaxyClient] = & gt; [X]
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\Run: [Opera Browser Assistant] = & gt; C:\Users\Admin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS - & gt; Opera Software)
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\Run: [com.squirrel.Teams.Teams] = & gt; C:\Users\Admin\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-12-15] (Microsoft 3rd Party Application Component - & gt; Microsoft Corporation)
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\Run: [CCleaner Smart Cleaning] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd - & gt; Piriform Software Ltd)
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\Policies\system: [Shell] & lt; ==== UWAGA
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\MountPoints2: {0a8b87bb-7f35-11e7-b8cf-80c16ef5e46f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\MountPoints2: {1013e169-920a-11e7-8465-80c16ef5e46f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\MountPoints2: {1013e16d-920a-11e7-8465-80c16ef5e46f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\MountPoints2: {2396c85e-dcc9-11e6-b0a7-80c16ef5e46f} - E:\Setup.exe
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\MountPoints2: {2e29cec7-d949-11e5-837e-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\MountPoints2: {8b82f94e-4919-11e6-bce0-80c16ef5e46f} - E:\cdstart.exe
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\MountPoints2: {ceef0e45-9382-11ea-8840-80c16ef5e46f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\MountPoints2: {e9d610c9-6813-11ea-8b59-80c16ef5e46f} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\...\MountPoints2: {eb0c904a-cf3b-11e9-9c52-806e6f6e6963} - D:\autorun.exe
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Microsoft Windows - & gt; Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllwn7: C:\Windows\system32\hpzllwn7.dll [51712 2009-07-14] (Microsoft Windows - & gt; Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; " C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe " --configure-user-settings --verbose-logging --system-level
IFEO\taskmgr.exe: [Debugger]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter " C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-09-24]
ShortcutTarget: IMVU.lnk - & gt; C:\Users\Admin\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (Brak pliku)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2016-12-08]
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - & gt; C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation - & gt; Microsoft Corporation)
GroupPolicy: Ograniczenia ? & lt; ==== UWAGA
GroupPolicy\User: Ograniczenia ? & lt; ==== UWAGA
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia & lt; ==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0192E83D-8027-4DF6-A5C0-DB40E43997C2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651384 2017-08-22] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {1554FF47-1D40-41AD-9FD0-5A676BD43F32} - System32\Tasks\MSIOSDx86_Host = & gt; C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [38560 2017-09-05] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; Micro-Star INT'L CO., LTD.)
Task: {173E80A2-141A-431B-A734-D602002789E2} - System32\Tasks\MSIGH_Host = & gt; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3349968 2017-06-23] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; Micro-Star INT'L CO., LTD.)
Task: {24BC749F-1F46-4BA0-A5FF-3022F47386E7} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-02] (Google Inc - & gt; Google Inc.)
Task: {280B12C0-B8EC-4B25-A1CD-4EDE4588911D} - System32\Tasks\{101CD829-3062-430D-891E-F35CFDEE6C1C} = & gt; C:\Users\Admin\AppData\Roaming\Crystal launcher\launcher.exe
Task: {2B93D768-F922-4389-AB4D-6393243B3D78} - System32\Tasks\{ED05FB61-1EA2-45B0-8C04-C8B0BAFFDF59} = & gt; C:\Windows\system32\pcalua.exe -a C:\Users\Admin\Desktop\forge-1.7.10-10.13.4.1614-1.7.10-installer-win.exe -d C:\Users\Admin\Desktop
Task: {32E28895-8158-4626-8C90-F2538E10161A} - System32\Tasks\{D2333A79-0DBE-493E-A138-00A011ED8389} = & gt; C:\Users\Admin\AppData\Roaming\Crystal launcher\launcher.exe
Task: {3B1D11BA-BC17-48B8-B701-7E2018E12B69} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon = & gt; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products - & gt; Intel Corporation)
Task: {3DA64AC2-E5D5-4D83-92B7-CBB078773976} - System32\Tasks\{9CE24A2F-5921-4091-9153-B2C34BCCB539} = & gt; C:\Windows\system32\pcalua.exe -a " C:\Users\Admin\Desktop\moje bleble\jre-8u201-windows-i586-iftw.exe " -d " C:\Users\Admin\Desktop\moje bleble "
Task: {47274597-8645-429C-BE43-C51D274E696C} - System32\Tasks\{8A23C444-327F-4B90-B6AB-F8F175ACF8B7} = & gt; C:\Users\Admin\AppData\Roaming\Crystal-Launcher\launcher.exe
Task: {479BF14D-B3C7-4F26-996E-6C7D0DC8F94B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947320 2017-08-22] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {49209684-AACF-4512-9FBE-7FE983FEF07F} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd - & gt; Piriform Software Ltd)
Task: {4C79CC1D-DC2F-487B-809E-C0948D941FC3} - System32\Tasks\{DB59FE26-406B-4183-92DF-9A7A389D8236} = & gt; C:\Team17\Worms 3D\Launcher.exe
Task: {507EEE7C-7A49-4E2A-B427-32BF92DE413B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436344 2017-08-22] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {50FC4795-94AC-43E9-8B01-F3BD717B9B33} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [723064 2017-08-22] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {635DD5AD-FBCF-4958-BCB0-72BF6CE1667E} - System32\Tasks\{6E2BBF02-212B-401C-8C0D-A9B785531006} = & gt; C:\Users\Admin\AppData\Roaming\Crystal launcher\launcher.exe
Task: {644B7C3C-8868-49D4-9805-D72049CD86C6} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. - & gt; Adobe Inc.)
Task: {6C0D3CD2-9246-4E3E-BCD2-F0172B2E9F37} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-08-22] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {72DA16B3-AF5D-4272-BA19-A20AC14671D1} - System32\Tasks\{23CF548E-BD7C-46BD-8E39-902CA034E420} = & gt; C:\Users\Admin\AppData\Roaming\Crystal launcher\launcher.exe
Task: {770C15D8-F8CD-4378-B7F5-8BCDC1CD24FA} - System32\Tasks\{6DE6FBAD-035A-4DEC-AD10-C346456E0C17} = & gt; C:\Users\Admin\AppData\Roaming\Crystal launcher\launcher.exe
Task: {77A4B4AD-6DE6-4D0D-AEDB-C48D25CFFE84} - System32\Tasks\Adobe Flash Player PPAPI Notifier = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [1348096 2018-02-11] (Adobe Systems Incorporated - & gt; Adobe Systems Incorporated)
Task: {78FEF873-5105-43AE-A0B7-4A6FE2690B7A} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-02] (Google Inc - & gt; Google Inc.)
Task: {7BEA61A1-6CA9-4EAD-BE06-49044AB52C68} - System32\Tasks\Opera scheduled Autoupdate 1593865517 = & gt; C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS - & gt; Opera Software)
Task: {7E3F2AFE-D67C-48FA-B0BD-2C677CDDE4E3} - System32\Tasks\{9D00FA34-01D5-4A63-93FC-ABF0285EF8A3} = & gt; C:\Windows\system32\pcalua.exe -a C:\Users\Admin\Downloads\15.58-nforce-winvista-win7-64bit-international-whql.exe -d C:\Users\Admin\Downloads
Task: {801004B4-D595-4769-A771-C24C9F1C0484} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery = & gt; Command(1): schtasks.exe - & gt; /Change /TN " \CCleaner Update " /ENABLE
Task: {801004B4-D595-4769-A771-C24C9F1C0484} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery = & gt; Command(2): schtasks.exe - & gt; /Change /TN " \CCleanerSkipUAC " /ENABLE
Task: {801004B4-D595-4769-A771-C24C9F1C0484} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery = & gt; Command(3): schtasks.exe - & gt; /Change /TN " \Opera scheduled Autoupdate 1593865517 " /ENABLE
Task: {801004B4-D595-4769-A771-C24C9F1C0484} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery = & gt; Command(4): schtasks.exe - & gt; /Change /TN " \{23CF548E-BD7C-46BD-8E39-902CA034E420} " /ENABLE
Task: {801004B4-D595-4769-A771-C24C9F1C0484} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery = & gt; Command(5): schtasks.exe - & gt; /Change /TN " \{D2333A79-0DBE-493E-A138-00A011ED8389} " /ENABLE
Task: {801004B4-D595-4769-A771-C24C9F1C0484} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery = & gt; Command(6): schtasks.exe - & gt; /Change /TN " \AVAST Software\Gaming mode Task Scheduler recovery " /DISABLE
Task: {85637179-D7F5-4215-AD25-501B47EF40B2} - System32\Tasks\{316BDC1B-1056-4888-891C-60B104B3FEAB} = & gt; C:\Windows\system32\pcalua.exe -a C:\Users\Admin\Desktop\forge-1.7.10-10.13.4.1614-1.7.10-installer-win.exe -d C:\Users\Admin\Desktop
Task: {8A085997-5FE1-4D73-8E74-70128EEBE38E} - System32\Tasks\Adobe Flash Player Updater = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-29] (Adobe Inc. - & gt; Adobe)
Task: {8E3F6B01-CFC1-4749-AF6C-1D25A05BDA32} - System32\Tasks\Avast Software\Overseer = & gt; C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. - & gt; Avast Software)
Task: {98FC6D85-2860-41EF-B545-80CF2CEF7CA1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 = & gt; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {9A09A0CD-8008-497D-A9B2-3278882D4AC9} - System32\Tasks\CCleaner Update = & gt; C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd - & gt; Piriform Software Ltd)
Task: {9AC3FB2A-4064-4789-AA5B-081158F8C303} - System32\Tasks\AVAST Software\Avast settings backup = & gt; C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A5DF3B3F-FEC3-42F8-88B6-12AD1F6936C8} - System32\Tasks\{B0C8B82B-805C-4B82-9FC5-6366B8067BF3} = & gt; C:\Windows\system32\pcalua.exe -a C:\Intel\3DVision_186.18.exe -d C:\Intel
Task: {AA542999-175B-41CB-B32E-EDAC2C9BC791} - System32\Tasks\MSIOSDx64_Host = & gt; C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [37536 2017-09-05] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; Micro-Star INT'L CO., LTD.)
Task: {AD15C6E7-9ACC-41D9-ABF9-B1768DDD27CA} - System32\Tasks\Opera scheduled assistant Autoupdate 1593865520 = & gt; C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS - & gt; Opera Software)
Task: {B2FC7059-2B49-42B2-9E28-6450474C0BC0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 = & gt; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products - & gt; Intel Corporation)
Task: {B75D118B-3F5C-4394-AEBF-9F272C3F7323} - System32\Tasks\Adobe Flash Player NPAPI Notifier = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-29] (Adobe Inc. - & gt; Adobe)
Task: {B933EC23-D57B-4010-BBAF-AB0E6B721C6E} - System32\Tasks\{8668EAB5-7421-4EC3-B5A8-D1CF9C3F9E5F} = & gt; C:\Users\Admin\AppData\Roaming\Crystal-Launcher\CrystalLauncher.exe
Task: {BA9DCCB6-EB0D-4D08-BC02-F57BAE114AFA} - System32\Tasks\{8E5B2395-3CC7-4C16-B46A-66A3DB6E54F6} = & gt; C:\Program Files (x86)\Assassin's Creed III\AC3SP.exe
Task: {BD866022-98F6-42BB-8CD8-DB8BD828B02D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651384 2017-08-22] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {C42480D9-2DAE-4120-800E-1DE7DEE34635} - System32\Tasks\MSISW_Host = & gt; C:\Windows\SysWOW64\muachost.exe
Task: {CB98A17D-575B-4097-8A95-D4E83A207C54} - System32\Tasks\Avast Emergency Update = & gt; C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
Task: {CCDF1E58-D978-45FF-927E-993383669E2B} - System32\Tasks\{F8C4FAAA-DE2D-4883-95EF-A8CFEAAFD4EA} = & gt; C:\Users\Admin\AppData\Roaming\Crystal-Launcher\launcher.exe
Task: {D1D6F65C-3F5E-478C-B29B-34E30C6BF477} - System32\Tasks\{4AC10F7D-70A4-4E72-BA06-172E429025C3} = & gt; C:\Users\Admin\AppData\Roaming\Crystal-Launcher\launcher.exe
Task: {D991E926-9029-47EA-91A0-3778313EDD03} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1540728 2017-08-22] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {EA71850D-91F3-48A4-B15D-8E37644CB406} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [723064 2017-08-22] (NVIDIA Corporation - & gt; NVIDIA Corporation)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

ProxyEnable: [S-1-5-21-957842440-1105202215-4259880615-1000] = & gt; Proxy [funkcja włączona]
ProxyServer: [S-1-5-21-957842440-1105202215-4259880615-1000] = & gt; http=127.0.0.1:8888;https=127.0.0.1:8888
Hosts: 127.0.0.1 WMUC446243.europe.bmw.corp # LMS GENERATED LINE
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6FD50E37-2898-483A-B50C-B50774708F9C}: [DhcpNameServer] 192.168.0.1
ManualProxies: 1http=127.0.0.1:8888;https=127.0.0.1:8888

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.myplaycity.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-957842440-1105202215-4259880615-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nav-pl.com/
SearchScopes: HKU\S-1-5-21-957842440-1105202215-4259880615-1000 - & gt; DefaultScope {7EA946A9-FA86-471F-8B9A-0FB29AA89B62} URL = hxxp://www.nav-pl.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-957842440-1105202215-4259880615-1000 - & gt; {7EA946A9-FA86-471F-8B9A-0FB29AA89B62} URL = hxxp://www.nav-pl.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll = & gt; Brak pliku
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll = & gt; Brak pliku
BHO: Adblock Plus for IE Browser Helper Object - & gt; {FFCB3198-32F3-4E8B-9539-4324694ED664} - & gt; C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH - & gt; Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper - & gt; {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - & gt; C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation - & gt; Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-12-18] (Oracle America, Inc. - & gt; Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-18] (Oracle America, Inc. - & gt; Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - & gt; {FFCB3198-32F3-4E8B-9539-4324694ED664} - & gt; C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH - & gt; Eyeo GmbH)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Brak pliku

Edge:
======
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-08]

FireFox:
========
FF DefaultProfile: ochma40m.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ochma40m.default [2021-01-08]
FF NetworkProxy: Mozilla\Firefox\Profiles\ochma40m.default - & gt; type " , 0
FF Extension: (Bloker reklam AdGuard) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ochma40m.default\Extensions\adguardadblocker@adguard.com.xpi [2020-12-25]
FF Extension: (Simple Translate) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ochma40m.default\Extensions\simple-translate@sienori.xpi [2020-07-23]
FF Extension: (Babel) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ochma40m.default\Extensions\{0a6ac63d-a17f-45b4-b037-052d6a7d9aa1}.xpi [2021-01-08]
FF Extension: (Pinky) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ochma40m.default\Extensions\{9db2522d-0416-4f0d-969c-9cf9f03a20ee}.xpi [2020-03-01]
FF Extension: (Brak nazwy) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ochma40m.default\extensions\arthurj8283@gmail.com [nie znaleziono]
FF Extension: (Brak nazwy) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [nie znaleziono]
FF Extension: (Brak nazwy) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [nie znaleziono]
FF Extension: (Brak nazwy) - C:\Program Files\McAfee\WebAdvisore10ssaffplg.xpi [nie znaleziono]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Firefox\Firefox\Profiles\ochma40m.default [2017-08-28] & lt; ==== UWAGA
FF user.js: detected! = & gt; C:\Users\Admin\AppData\Roaming\Firefox\Firefox\Profiles\ochma40m.default\user.js [2016-11-13]
FF Homepage: Firefox\Firefox\Profiles\ochma40m.default - & gt; hxxp://www.nicesearches.com?type=hp & ts=1477988407 & from=d1580002 & uid=hitachixhds721050cla660_jp1572fl1zmb7k1zmb7kx & z=4b072e4277655b873a1f996g9z0m7mct0b1b0z3e3q
FF NewTab: Firefox\Firefox\Profiles\ochma40m.default - & gt; hxxp://www.nicesearches.com?type=hp & ts=1477988407 & from=d1580002 & uid=hitachixhds721050cla660_jp1572fl1zmb7k1zmb7kx & z=4b072e4277655b873a1f996g9z0m7mct0b1b0z3e3q
FF Extension: (xRocket Toolbar) - C:\Users\Admin\AppData\Roaming\Firefox\Firefox\Profiles\ochma40m.default\Extensions\arthurj8283@gmail.com [2017-01-18] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (English (US) Language Pack) - C:\Users\Admin\AppData\Roaming\Firefox\Firefox\Profiles\ochma40m.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2017-06-06] [Przestarzałe]
FF Extension: (Polski Language Pack) - C:\Users\Admin\AppData\Roaming\Firefox\Firefox\Profiles\ochma40m.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-05-31] [Przestarzałe] [Brak podpisu cyfrowego]
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-29] (Adobe Inc. - & gt; )
FF Plugin: @java.com/DTPlugin,version=11.191.2 - & gt; C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [Brak pliku]
FF Plugin: @java.com/JavaPlugin,version=11.191.2 - & gt; C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [Brak pliku]
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-29] (Adobe Inc. - & gt; )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-20] (Intel® Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - & gt; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-20] (Intel® Identity Protection Technology Software - & gt; Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-18] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-18] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled [Brak pliku]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - & gt; c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation - & gt; Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 - & gt; NVIDIA Corporation) [Brak podpisu cyfrowego]
FF Plugin-x32: @nvidia.com/3DVisionStreaming - & gt; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 - & gt; NVIDIA Corporation) [Brak podpisu cyfrowego]
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc - & gt; Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc - & gt; Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Brak pliku]
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. - & gt; Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-957842440-1105202215-4259880615-1000: @unity3d.com/UnityPlayer,version=1.0 - & gt; C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies SF - & gt; Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-957842440-1105202215-4259880615-1000: thehappycloud.com/HappyCloudPlugin - & gt; C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-05-05] (The Happy Cloud) [Brak podpisu cyfrowego]
FF Plugin HKU\S-1-5-21-957842440-1105202215-4259880615-1000: ubisoft.com/uplaypc - & gt; C:\Games\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [Brak pliku]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Firefox\Firefox.exe

Chrome:
=======
CHR HKU\S-1-5-21-957842440-1105202215-4259880615-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Extension: (Rich Hints Agent) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-24]
OPR Extension: (Pinky) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibgecmlomhdooncfjlaelfbbeijbccbd [2020-07-07]

==================== Usługi (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. - & gt; Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-29] (Adobe Inc. - & gt; Adobe)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-17] (Andrea Electronics - & gt; Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd - & gt; Disc Soft Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-01-15] (FUTUREMARK INC - & gt; Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1680968 2020-08-19] (GOG Sp. z o.o. - & gt; GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-07-02] (GOG Sp. z o.o. - & gt; GOG.com)
S3 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-08-23] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; Micro-Star INT'L CO., LTD.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. - & gt; ) [Brak podpisu cyfrowego]
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [2020024 2019-01-03] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; Micro-Star INT'L CO., LTD.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [83616 2017-09-11] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2333328 2020-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. - & gt; Micro-Star INT'L CO., LTD.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [267824 2007-05-04] (Nero AG - & gt; Nero AG)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-02] (Electronic Arts, Inc. - & gt; Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-02] (Electronic Arts, Inc. - & gt; Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2018-11-10] (Even Balance, Inc. - & gt; )
S2 pr2ah4nb; C:\Windows\system32\pr2ah4nb.exe [754024 2007-07-09] (Protection Technology, Ltd. - & gt; CODEMASTERS)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Windows - & gt; Microsoft Corporation) [DependOnService: ] & lt; ==== UWAGA
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation - & gt; Oracle Corporation)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows - & gt; Microsoft Corporation)
S2 McAfee WebAdvisor; " C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe " [X]
R2 NvTelemetryContainer; " C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe " -s NvTelemetryContainer -f " C:\ProgramData\NVIDIA\NvTelemetryContainer.log " -l 3 -d " C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin "

===================== Sterowniki (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-20] (AVAST Software s.r.o. - & gt; AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469472 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. - & gt; AVAST Software)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [5020672 2009-07-13] (Microsoft Windows - & gt; ATI Technologies Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-07-13] (Disc Soft Ltd - & gt; Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-07-13] (Disc Soft Ltd - & gt; Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher - & gt; Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher - & gt; Huawei Technologies Co., Ltd.)
R3 I2cHkBurn; C:\Windows\System32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology - & gt; FINTEK Corp.)
R0 pe3ah4nb; C:\Windows\System32\drivers\pe3ah4nb.sys [72296 2007-07-09] (Protection Technology, Ltd. - & gt; CODEMASTERS)
R0 ps6ah4nb; C:\Windows\System32\drivers\ps6ah4nb.sys [76912 2007-07-09] (Protection Technology, Ltd. - & gt; CODEMASTERS)
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation - & gt; Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation - & gt; Oracle Corporation)
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
S3 NTIOLib_DVDSetup; \??\D:\NTIOLib_X64.sys [X]
U2 snare; Brak ImagePath

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc (utworzone) ===================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-01-08 11:20 - 2021-01-08 11:23 - 000035570 _____ C:\Users\Admin\Desktop\FRST.txt
2021-01-08 11:19 - 2021-01-08 11:22 - 000000000 ____D C:\FRST
2021-01-08 11:19 - 2021-01-08 11:18 - 002297344 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2021-01-07 09:03 - 2021-01-07 17:03 - 000214808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-01-07 09:03 - 2021-01-07 09:01 - 000340576 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-01-06 16:26 - 2021-01-08 10:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-12-31 11:38 - 2020-12-31 11:40 - 000000000 ____D C:\fiddinky
2020-12-31 11:24 - 2020-12-31 11:44 - 000000000 ____D C:\Users\Admin\Documents\Fiddler2
2020-12-31 11:24 - 2020-12-31 11:24 - 000002184 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler ScriptEditor.lnk
2020-12-31 11:24 - 2020-12-31 11:24 - 000002048 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler 4.lnk
2020-12-31 11:24 - 2020-12-31 11:24 - 000000000 ____D C:\Users\Admin\AppData\Local\Progress_Software_Corpora
2020-12-31 11:22 - 2020-12-31 11:22 - 006651160 _____ (Progress Software Corporation) C:\Users\Admin\Downloads\FiddlerSetup.exe
2020-12-18 19:01 - 2020-12-18 19:01 - 000000000 ____D C:\Users\Admin\AppData\Roaming\TSO
2020-12-18 18:18 - 2020-12-18 18:18 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Settlers Online
2020-12-18 18:18 - 2020-12-18 18:18 - 000000000 ____D C:\Users\Admin\AppData\Local\Ubisoft
2020-12-18 18:17 - 2020-12-18 18:18 - 047559632 _____ C:\Users\Admin\Desktop\The Settlers Online Installer.exe
2020-12-18 12:51 - 2020-12-23 18:23 - 000000000 ____D C:\Users\Admin\AppData\Roaming\.tlauncher
2020-12-18 12:51 - 2020-12-23 18:23 - 000000000 ____D C:\Users\Admin\AppData\Roaming\.minecraft
2020-12-18 11:33 - 2021-01-08 09:48 - 000002998 _____ C:\Windows\system32\Tasks\{D2333A79-0DBE-493E-A138-00A011ED8389}
2020-12-18 11:33 - 2021-01-08 09:48 - 000002998 _____ C:\Windows\system32\Tasks\{23CF548E-BD7C-46BD-8E39-902CA034E420}
2020-12-15 12:42 - 2020-12-15 13:04 - 000000000 ____D C:\Users\Admin\AppData\Local\ALLBenchmark
2020-12-15 12:41 - 2020-12-16 09:39 - 000000911 _____ C:\Users\Public\Desktop\Catzilla.lnk
2020-12-15 12:41 - 2020-12-16 09:39 - 000000911 _____ C:\ProgramData\Desktop\Catzilla.lnk
2020-12-15 12:41 - 2020-12-15 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLBenchmark
2020-12-15 12:41 - 2020-12-15 12:41 - 000000000 ____D C:\Program Files\ALLBenchmark
2020-12-15 10:31 - 2020-12-15 10:52 - 527992784 _____ (ALLPlayer Group Ltd. ) C:\Users\Admin\Desktop\Catzilla.exe
2020-12-15 08:30 - 2020-12-15 08:30 - 000002256 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-12-12 16:33 - 2020-12-21 10:23 - 000000000 ____D C:\Users\Admin\Desktop\Monika szkoła

==================== Jeden miesiąc (zmodyfikowane) ==================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-01-08 11:11 - 2009-07-14 05:45 - 000035424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-08 11:11 - 2009-07-14 05:45 - 000035424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-08 11:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-08 10:57 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2021-01-08 10:53 - 2019-04-16 12:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-08 10:52 - 2016-12-03 08:35 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-08 10:52 - 2016-12-02 13:19 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2021-01-08 10:51 - 2017-01-09 10:11 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-08 10:50 - 2020-02-25 16:51 - 000000000 ____D C:\Program Files\CCleaner
2021-01-08 10:24 - 2019-09-06 13:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-08 10:23 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-08 10:18 - 2018-06-26 09:08 - 000000000 ____D C:\Users\Admin\AppData\Local\AVAST Software
2021-01-08 09:56 - 2016-04-02 15:43 - 000000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2021-01-08 09:48 - 2020-07-04 13:25 - 000004136 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1593865517
2021-01-08 09:48 - 2020-02-25 16:51 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-08 09:48 - 2020-02-25 16:51 - 000002820 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-01-08 08:59 - 2016-12-03 08:40 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-01-08 08:29 - 2017-03-13 16:43 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-01-08 08:23 - 2016-11-02 09:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-07 13:03 - 2016-12-03 08:40 - 000324904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-01-07 09:02 - 2020-10-27 08:58 - 000176384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-01-07 09:02 - 2020-04-20 18:05 - 000522480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-01-07 09:02 - 2019-01-12 11:37 - 000247888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-01-07 09:02 - 2019-01-12 11:37 - 000097360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-01-07 09:02 - 2018-10-22 18:10 - 000042424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-01-07 09:02 - 2016-12-03 08:40 - 000469472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-01-07 09:02 - 2016-12-03 08:40 - 000108928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-01-07 09:02 - 2016-12-03 08:40 - 000084496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-01-07 09:01 - 2019-01-14 15:37 - 000332880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-01-07 09:01 - 2019-01-12 11:37 - 000036792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-01-07 09:01 - 2017-11-11 11:14 - 000208672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-01-07 09:01 - 2016-12-03 08:40 - 000851256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-01-02 18:28 - 2017-11-26 19:44 - 000000000 ____D C:\Games
2020-12-31 11:30 - 2020-11-17 14:39 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Adblock Plus for IE
2020-12-29 10:01 - 2020-08-27 18:04 - 000000000 ____D C:\Temp
2020-12-29 10:00 - 2020-08-29 10:18 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2020-12-29 10:00 - 2016-07-13 08:36 - 000000000 ____D C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2020-12-24 09:16 - 2017-01-18 18:15 - 000002225 _____ C:\Users\Admin\Desktop\Mozilla Firefox.lnk
2020-12-22 12:30 - 2020-10-29 08:08 - 000000000 ____D C:\Users\Admin\.VirtualBox
2020-12-22 11:41 - 2020-10-29 08:08 - 000000000 ____D C:\ProgramData\VirtualBox
2020-12-19 10:18 - 2020-07-01 06:26 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-19 10:18 - 2020-07-01 06:26 - 000002199 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-19 10:18 - 2020-07-01 06:26 - 000002199 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-19 10:18 - 2017-04-27 14:14 - 000000000 ____D C:\Users\Admin\Desktop\moje bleble
2020-12-18 12:17 - 2020-08-28 18:00 - 000000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2020-12-18 11:50 - 2019-07-07 12:44 - 000000000 ____D C:\Users\Admin\AppData\Local\CrystalLauncherInstaller
2020-12-18 11:50 - 2018-12-03 16:46 - 000000047 _____ C:\Users\Admin\AppData\Roaming\.crystalinst
2020-12-18 11:27 - 2019-02-03 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-18 11:27 - 2019-02-03 14:07 - 000000000 ____D C:\Program Files (x86)\Java
2020-12-18 11:26 - 2019-02-03 14:09 - 000165032 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2020-12-16 08:24 - 2017-01-08 11:02 - 000000000 ____D C:\Program Files (x86)\Origin
2020-12-16 08:15 - 2009-07-14 06:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-12-14 18:27 - 2020-11-10 08:08 - 000004330 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1593865520
2020-12-14 18:27 - 2020-10-14 08:42 - 000002986 _____ C:\Windows\system32\Tasks\{8E5B2395-3CC7-4C16-B46A-66A3DB6E54F6}
2020-12-14 18:27 - 2020-08-27 16:53 - 000003136 _____ C:\Windows\system32\Tasks\MSIGH_Host
2020-12-14 18:27 - 2020-08-27 16:53 - 000003070 _____ C:\Windows\system32\Tasks\MSIOSDx86_Host
2020-12-14 18:27 - 2020-08-27 16:53 - 000003070 _____ C:\Windows\system32\Tasks\MSIOSDx64_Host
2020-12-14 18:27 - 2020-08-27 16:53 - 000003004 _____ C:\Windows\system32\Tasks\MSISW_Host
2020-12-14 18:27 - 2020-08-27 16:48 - 000004148 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-14 18:27 - 2020-08-27 16:48 - 000003854 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-14 18:27 - 2020-08-27 16:48 - 000003816 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-14 18:27 - 2020-08-27 16:48 - 000003740 _____ C:\Windows\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-14 18:27 - 2020-08-27 16:48 - 000003740 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-14 18:27 - 2020-08-27 16:48 - 000003732 _____ C:\Windows\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-14 18:27 - 2020-08-27 16:48 - 000003556 _____ C:\Windows\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-14 18:27 - 2020-08-27 16:48 - 000003496 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-12-14 18:27 - 2020-07-01 06:25 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-14 18:27 - 2020-07-01 06:25 - 000003284 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-14 18:27 - 2020-01-22 19:26 - 000002942 _____ C:\Windows\system32\Tasks\{DB59FE26-406B-4183-92DF-9A7A389D8236}
2020-12-14 18:27 - 2019-09-18 13:48 - 000003224 _____ C:\Windows\system32\Tasks\{9D00FA34-01D5-4A63-93FC-ABF0285EF8A3}
2020-12-14 18:27 - 2019-09-06 13:49 - 000003088 _____ C:\Windows\system32\Tasks\{B0C8B82B-805C-4B82-9FC5-6366B8067BF3}
2020-12-14 18:27 - 2019-09-06 12:29 - 000003720 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2020-12-14 18:27 - 2019-09-06 12:22 - 000003618 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2020-12-14 18:27 - 2019-09-06 12:22 - 000003372 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2020-12-14 18:27 - 2019-02-22 15:54 - 000003000 _____ C:\Windows\system32\Tasks\{6DE6FBAD-035A-4DEC-AD10-C346456E0C17}
2020-12-14 18:27 - 2019-02-22 15:54 - 000003000 _____ C:\Windows\system32\Tasks\{101CD829-3062-430D-891E-F35CFDEE6C1C}
2020-12-14 18:27 - 2019-02-22 15:53 - 000003000 _____ C:\Windows\system32\Tasks\{6E2BBF02-212B-401C-8C0D-A9B785531006}
2020-12-14 18:27 - 2019-01-19 09:42 - 000003224 _____ C:\Windows\system32\Tasks\{9CE24A2F-5921-4091-9153-B2C34BCCB539}
2020-12-14 18:27 - 2019-01-18 21:46 - 000003000 _____ C:\Windows\system32\Tasks\{F8C4FAAA-DE2D-4883-95EF-A8CFEAAFD4EA}
2020-12-14 18:27 - 2018-12-15 15:37 - 000003000 _____ C:\Windows\system32\Tasks\{4AC10F7D-70A4-4E72-BA06-172E429025C3}
2020-12-14 18:27 - 2018-12-15 15:36 - 000003000 _____ C:\Windows\system32\Tasks\{8A23C444-327F-4B90-B6AB-F8F175ACF8B7}
2020-12-14 18:27 - 2018-06-25 14:40 - 000004576 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-12-14 18:27 - 2017-01-10 09:12 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-12-14 08:08 - 2016-02-24 08:55 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-12-10 08:44 - 2017-01-10 09:12 - 000002066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 20:07 - 2020-11-30 20:11 - 000000000 ____D C:\Users\Admin\Desktop\2TI

==================== Pliki w katalogu głównym wybranych folderów ========

2015-10-02 16:39 - 2015-10-02 16:39 - 001693408 ____R (Clickteam) C:\Users\Admin\ic.exe
2015-02-02 18:46 - 2007-08-27 13:46 - 000006120 ____R () C:\Users\Admin\settings.dat
2017-02-24 14:33 - 2017-05-09 21:19 - 000169654 _____ () C:\Program Files (x86)\metadata
2017-02-24 14:33 - 2017-05-09 17:48 - 000000040 _____ () C:\Program Files (x86)\settings.dat
2018-12-03 16:46 - 2020-12-18 11:50 - 000000047 _____ () C:\Users\Admin\AppData\Roaming\.crystalinst
2016-07-13 07:57 - 2016-07-13 07:57 - 007102976 _____ () C:\Users\Admin\AppData\Roaming\agent.dat
2016-07-13 07:57 - 2016-07-13 07:57 - 000067968 _____ () C:\Users\Admin\AppData\Roaming\Config.xml
2016-07-13 07:57 - 2016-07-13 07:57 - 000128512 _____ () C:\Users\Admin\AppData\Roaming\Installer.dat
2016-07-13 08:55 - 2016-07-23 10:55 - 000000108 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG
2020-10-23 07:29 - 2020-10-23 07:29 - 000000844 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2016-02-22 10:52 - 2015-12-30 10:45 - 000000017 ____R () C:\Users\Admin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)


LastRegBack: 2021-01-02 20:03
==================== Koniec FRST.txt ========================