FRST.txt

Prośba o sprawdzenie logów FRST - podejrzenie oprogramowania malware

Witam, Tak jak w tytule proszę o sprawdzenie logów z FRST gdyż mam podejrzenie iż komputer może być zarażony złośliwym oprogramowaniem Malware. Pliki FRST oraz Addition załączam poniżej. Z góry dzięki za pomoc.

Download file - link to post

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-02-2021
Uruchomiony przez mikol (administrator) MIKOLAJ-KOMP (LENOVO INVALID) (03-03-2021 17:01:33)
Uruchomiony z C:\Users\mikol\Downloads
Załadowane profile: mikol
Platform: Windows 10 Pro Wersja 2004 19041.804 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Adobe Inc. - & gt; Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. - & gt; Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. - & gt; AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. - & gt; AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. - & gt; AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. - & gt; AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe & lt; 4 & gt;
(Avast Software s.r.o. - & gt; AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA - & gt; Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Broadcom Corporation - & gt; Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation - & gt; Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Broadcom Corporation - & gt; Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Citrix Systems, Inc. - & gt; Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. - & gt; Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc. - & gt; Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc. - & gt; Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(Citrix Systems, Inc. - & gt; Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc. - & gt; Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Electronic Arts, Inc. - & gt; Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc - & gt; Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC - & gt; Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe & lt; 20 & gt;
(Intel Corporation - & gt; Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) pGFX - & gt; ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe & lt; 2 & gt;
(NVIDIA Corporation - & gt; NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe & lt; 2 & gt;
(Oracle America, Inc. - & gt; Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. - & gt; Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp - & gt; Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor Corp. - & gt; Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe & lt; 3 & gt;
(Realtek Semiconductor Corp. - & gt; Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. - & gt; Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [RtsFT] = & gt; C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek Semiconductor Corp - & gt; Realtek semiconductor)
HKLM\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvLaunch.exe [116960 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
HKLM\...\Run: [iTunesHelper] = & gt; C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc. - & gt; Apple Inc.)
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18387904 2017-12-27] (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2017-12-27] (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2017-12-27] (Realtek Semiconductor Corp. - & gt; Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] = & gt; C:\Program Files\Lenovo\Bluetooth Software\bttray.exe [535808 2015-07-08] (Broadcom Corporation - & gt; Broadcom Corporation.)
HKLM\...\Run: [SynTPEnh] = & gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated - & gt; Synaptics Incorporated)
HKLM-x32\...\Run: [ConnectionCenter] = & gt; C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. - & gt; Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] = & gt; C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. - & gt; Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. - & gt; Oracle Corporation)
HKU\S-1-5-21-2655230859-3751599246-2725882965-1001\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd - & gt; Piriform Ltd)
HKU\S-1-5-21-2655230859-3751599246-2725882965-1001\...\Run: [DAEMON Tools Lite Automount] = & gt; C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-08-27] (AVB Disc Soft, SIA - & gt; Disc Soft Ltd)
HKU\S-1-5-21-2655230859-3751599246-2725882965-1001\...\Run: [Steam] = & gt; C:\Program Files (x86)\Steam\steam.exe [3372832 2020-04-28] (Valve - & gt; Valve Corporation)
HKU\S-1-5-21-2655230859-3751599246-2725882965-1001\...\MountPoints2: {161a984f-e401-11e7-b8c2-2c337af1c60e} - " D:\setup.exe "
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd - & gt; Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-25] (Google LLC - & gt; Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] - & gt; C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2015-07-08] (Broadcom Corporation - & gt; Broadcom Corporation.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia & lt; ==== UWAGA
HKLM\SOFTWARE\Policies\Google: Ograniczenia & lt; ==== UWAGA

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {073C0E67-C433-42BB-AC27-B1EF10F21D41} - System32\Tasks\Avast Emergency Update = & gt; C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
Task: {0EEB0E64-11A1-48E3-B527-011FD75B529F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {11DBE3FF-607A-49B6-A138-52F181010F9B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation - & gt; NVIDIA Corporation) - & gt; -d " C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck " -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {1D23A80A-3B0A-4DEA-A59F-E623823D9102} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd - & gt; Piriform Software Ltd)
Task: {3088E1B6-E221-4D97-A37B-333F40FE61B5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation - & gt; NVIDIA Corporation) - & gt; -d " C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck " -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {33669EBA-8C50-40B4-A667-6132A885F552} - System32\Tasks\Avast Software\Overseer = & gt; C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-24] (Avast Software s.r.o. - & gt; Avast Software)
Task: {36076DAB-7503-4793-9246-E30BC5BC5386} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {38982457-4BB2-44BE-B3A6-4C791D1829E7} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. - & gt; Adobe Inc.)
Task: {540B9DB3-3836-4571-8B44-F925E3609E2B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {56AE3CCC-C797-4C3F-800F-2E3A3A047748} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {59986093-BB4D-4C07-985E-EA480C3D851F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {8A68BD3A-C841-4AC1-95DB-0C98CC1CCEDF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {90404C0A-B5DC-43E1-B7C7-63F59347EEB0} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-29] (Google Inc - & gt; Google Inc.)
Task: {90CA9D0D-9E76-4372-86BE-91BCA0E65851} - System32\Tasks\Intel\Intel Telemetry 2 (x86) = & gt; C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software - & gt; Intel Corporation)
Task: {A5DE83EE-2CF9-4BAB-9DF6-8908536CB579} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-29] (Google Inc - & gt; Google Inc.)
Task: {A989892F-D03A-4615-A17F-694A75382AEF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation - & gt; NVIDIA Corporation)
Task: {C4E78D37-6C47-4ABC-834C-F3D5B4171059} - System32\Tasks\DolbySelectorTask = & gt; C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {D5C9B276-67C8-4D09-A59E-F45119389110} - System32\Tasks\CCleaner Update = & gt; C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd - & gt; Piriform Software Ltd)
Task: {EABE0ECB-4D8C-41AA-9CF0-8D29437F422B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation - & gt; NVIDIA Corporation)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2a56391c-bb6a-4829-8832-5ba74d6f5704}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5cc80394-b3d3-4d01-adf9-570f17dd89fb}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{9aeba04e-baab-48e1-82f7-06c7fd2bb71f}: [DhcpNameServer] 172.20.10.1

Edge:
=======
Edge Profile: C:\Users\mikol\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-04]

FireFox:
========
FF DefaultProfile: 68fcjim1.default
FF ProfilePath: C:\Users\mikol\AppData\Roaming\Mozilla\Firefox\Profiles\68fcjim1.default [2019-06-10]
FF ProfilePath: C:\Users\mikol\AppData\Roaming\Mozilla\Firefox\Profiles\9nxactlx.default-release [2021-03-02]
FF Extension: (Avast Online Security) - C:\Users\mikol\AppData\Roaming\Mozilla\Firefox\Profiles\9nxactlx.default-release\Extensions\wrc@avast.com.xpi [2018-08-30]
FF Plugin: @videolan.org/vlc,version=3.0.3 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN - & gt; VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 - & gt; C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN - & gt; VideoLAN)
FF Plugin-x32: @Citrix.com/npican - & gt; C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. - & gt; Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-10] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 - & gt; C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-10] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin-x32: Adobe Reader - & gt; C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. - & gt; Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default [2021-03-03]
CHR Notifications: Default - & gt; hxxps://web.skype.com
CHR DefaultSearchKeyword: Default - & gt; google.pl_
CHR Extension: (Prezentacje) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-29]
CHR Extension: (Just Black) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-02-16]
CHR Extension: (Dokumenty) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-29]
CHR Extension: (Dysk Google) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Bloker reklam AdGuard) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2020-12-23]
CHR Extension: (YouTube) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-29]
CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-28]
CHR Extension: (Arkusze) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-02]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\mikol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Usługi (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. - & gt; Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc. - & gt; Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7878680 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56904 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8553552 2020-03-26] (BattlEye Innovations e.K. - & gt; )
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [980224 2015-07-08] (Broadcom Corporation - & gt; Broadcom Corporation.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation - & gt; NVIDIA)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-10-08] (Malwarebytes Inc - & gt; Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2533952 2021-02-10] (Electronic Arts, Inc. - & gt; Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3479624 2021-02-10] (Electronic Arts, Inc. - & gt; Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-15] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher - & gt; Microsoft Corporation)

===================== Sterowniki (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 - & gt; Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 - & gt; Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-31] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-25] (Avast Software s.r.o. - & gt; AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Brak podpisu cyfrowego]
S3 Ctxusbr; C:\WINDOWS\System32\drivers\ctxusbr.sys [67552 2018-05-17] (Citrix Systems, Inc. - & gt; Citrix Systems, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-04-11] (Disc Soft Ltd - & gt; Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-04-11] (Disc Soft Ltd - & gt; Disc Soft Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-08] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-10-22] (Malwarebytes Inc - & gt; Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher - & gt; Apple Inc.)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James - & gt; Scarlet.Crush Productions)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [51400 2016-01-28] (SteelSeries ApS - & gt; SteelSeries ApS)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher - & gt; Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows - & gt; Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows - & gt; Microsoft Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

==================== Jeden miesiąc (utworzone) (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-03-03 17:01 - 2021-03-03 17:02 - 000023922 _____ C:\Users\mikol\Downloads\FRST.txt
2021-03-03 17:01 - 2021-03-03 17:01 - 002301440 _____ (Farbar) C:\Users\mikol\Downloads\FRST64.exe
2021-03-03 17:01 - 2021-03-03 17:01 - 000000000 ____D C:\Users\mikol\Downloads\FRST-OlderVersion
2021-03-03 16:38 - 2021-03-03 16:38 - 000000000 _____ C:\Users\mikol\Downloads\Niepotwierdzony 361595.crdownload
2021-03-02 21:49 - 2021-03-02 21:50 - 000000000 ____D C:\AdwCleaner
2021-03-02 21:49 - 2021-03-02 21:49 - 008463216 _____ (Malwarebytes) C:\Users\mikol\Downloads\adwcleaner_8.1.exe
2021-02-28 17:53 - 2021-02-28 17:58 - 000000000 ____D C:\Users\mikol\Downloads\Little.Nightmares.II-CODEX
2021-02-25 09:35 - 2021-02-25 09:35 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-25 09:35 - 2021-02-25 09:35 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-11 21:01 - 2021-02-11 21:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-11 21:01 - 2021-02-11 21:01 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-11 21:01 - 2021-02-11 21:01 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-11 21:01 - 2021-02-11 21:01 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-11 21:00 - 2021-02-11 21:00 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-02 19:03 - 2021-02-02 19:03 - 000000141 _____ C:\Users\mikol\Desktop\oplaty.txt

==================== Jeden miesiąc (zmodyfikowane) ==================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-03-03 17:01 - 2018-12-13 20:57 - 000000000 ____D C:\FRST
2021-03-03 17:00 - 2020-11-28 12:56 - 000003244 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b3a381835049
2021-03-03 17:00 - 2020-11-05 19:44 - 000003496 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-03 17:00 - 2020-11-05 19:44 - 000003438 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-03 17:00 - 2020-11-05 19:44 - 000003272 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-03 17:00 - 2020-11-05 19:44 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-03-03 17:00 - 2019-06-06 20:40 - 000000000 ____D C:\Users\mikol\AppData\Local\Citrix
2021-03-03 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-03 15:20 - 2020-11-05 19:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-03 14:32 - 2020-11-05 19:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-03-03 13:54 - 2018-08-29 21:20 - 000000000 ____D C:\ProgramData\Riot Games
2021-03-03 13:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-03 13:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-03 13:08 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-03 08:17 - 2018-08-29 21:08 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-03 08:17 - 2018-08-29 21:07 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-03-03 08:17 - 2017-12-18 14:59 - 000000000 __SHD C:\Users\mikol\IntelGraphicsProfiles
2021-03-02 21:34 - 2020-11-02 11:53 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-02 21:34 - 2018-09-03 17:34 - 000000000 ____D C:\Users\mikol\AppData\Local\CrashDumps
2021-03-02 21:34 - 2018-09-03 13:15 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-02 21:34 - 2018-08-30 17:06 - 000000000 ____D C:\Users\mikol\AppData\Roaming\uTorrent
2021-03-02 21:32 - 2020-03-30 17:40 - 000000000 ____D C:\Users\mikol\AppData\Local\Battle.net
2021-03-02 21:31 - 2020-03-30 17:44 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2021-03-02 19:56 - 2020-03-30 17:36 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-03-02 18:18 - 2018-09-07 19:49 - 000000000 ____D C:\Users\mikol\AppData\Local\Spotify
2021-03-02 16:42 - 2018-09-07 19:49 - 000000000 ____D C:\Users\mikol\AppData\Roaming\Spotify
2021-02-28 17:54 - 2020-12-08 21:12 - 000000000 ____D C:\Users\mikol\AppData\LocalLow\uTorrent
2021-02-28 17:51 - 2019-04-01 20:50 - 000000000 ____D C:\Users\mikol\AppData\Local\BitTorrentHelper
2021-02-28 11:18 - 2020-06-11 12:33 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-27 11:17 - 2020-11-05 19:44 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-26 21:27 - 2018-08-30 17:08 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-26 21:22 - 2020-11-05 19:46 - 001767980 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-26 21:22 - 2019-12-07 16:09 - 000785530 _____ C:\WINDOWS\system32\perfh015.dat
2021-02-26 21:22 - 2019-12-07 16:09 - 000152390 _____ C:\WINDOWS\system32\perfc015.dat
2021-02-26 21:17 - 2020-11-05 19:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-26 21:17 - 2020-11-05 19:36 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-26 17:31 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-25 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-25 09:41 - 2017-12-18 15:08 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-25 09:35 - 2020-10-22 20:07 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-25 09:35 - 2020-04-20 20:26 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-25 09:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-25 09:35 - 2019-01-14 18:07 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-25 09:35 - 2019-01-08 22:10 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-25 09:35 - 2019-01-08 22:10 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-25 09:35 - 2019-01-08 22:10 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-25 09:35 - 2018-10-28 11:49 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-25 09:35 - 2018-08-30 17:10 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-25 09:35 - 2018-08-30 17:10 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-25 09:35 - 2018-08-30 17:10 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-25 09:35 - 2018-08-30 17:10 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-25 09:35 - 2018-08-30 17:10 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-25 09:35 - 2018-08-30 17:10 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-24 10:42 - 2018-09-05 19:23 - 000000000 ____D C:\Program Files (x86)\Origin
2021-02-23 08:14 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-15 08:17 - 2020-09-30 08:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-12 08:19 - 2020-11-05 19:36 - 000258584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-11 22:11 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-11 22:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-11 22:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-11 22:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-11 22:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-11 22:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-11 22:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-11 22:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-11 22:11 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-11 22:11 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-11 20:48 - 2018-08-30 17:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 20:45 - 2018-08-30 17:11 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-05 20:03 - 2020-09-30 08:19 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Pliki w katalogu głównym wybranych folderów ========

2018-08-29 22:47 - 2018-08-29 22:47 - 000000017 _____ () C:\Users\mikol\AppData\Local\resmon.resmoncfg

==================== SigCheckExt =========================

2006-12-01 22:37 - 2006-12-01 22:37 - 000904704 _____ (Microsoft Corporation) C:\msdia80.dll
2021-03-03 17:01 - 2021-03-03 17:01 - 002301440 _____ (Farbar) C:\Users\mikol\Downloads\FRST64.exe

==================== SigCheck ============================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale pl-PL
inherit {globalsettings}
default {current}
resumeobject {cca3efb2-1f95-11eb-9a58-f5481ba171b2}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0

Windows Boot Loader
-------------------
identifier {b509d25d-580e-11e5-a9b5-d8b6769e48b7}
device ramdisk=[C:]\Recovery\b509d25d-580e-11e5-a9b5-d8b6769e48b7\Winre.wim,{b509d25e-580e-11e5-a9b5-d8b6769e48b7}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\b509d25d-580e-11e5-a9b5-d8b6769e48b7\Winre.wim,{b509d25e-580e-11e5-a9b5-d8b6769e48b7}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale pl-PL
inherit {bootloadersettings}
recoverysequence {eb90defe-1f95-11eb-aad2-b8bd9a1e3774}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {cca3efb2-1f95-11eb-9a58-f5481ba171b2}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {eb90defe-1f95-11eb-aad2-b8bd9a1e3774}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{eb90deff-1f95-11eb-aad2-b8bd9a1e3774}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale pl-PL
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{eb90deff-1f95-11eb-aad2-b8bd9a1e3774}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {cca3efb2-1f95-11eb-9a58-f5481ba171b2}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale pl-PL
inherit {resumeloadersettings}
recoverysequence {eb90defe-1f95-11eb-aad2-b8bd9a1e3774}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostyka pami©ci systemu Windows
locale pl-PL
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {b509d25e-580e-11e5-a9b5-d8b6769e48b7}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\b509d25d-580e-11e5-a9b5-d8b6769e48b7\boot.sdi

Device options
--------------
identifier {eb90deff-1f95-11eb-aad2-b8bd9a1e3774}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Koniec FRST.txt ========================