Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 09.12.2018 Uruchomiony przez Rafal (administrator) RAFAL-KOMPUTER (11-12-2018 20:22:00) Uruchomiony z C:\Users\Rafal\Desktop Załadowane profile: Rafal (Dostępne profile: Rafal) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-22] (AVAST Software) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-1867143850-1759161432-540520143-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd) HKU\S-1-5-21-1867143850-1759161432-540520143-1000\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia) HKU\S-1-5-21-1867143850-1759161432-540520143-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [1456128 2018-11-23] (Adobe Systems Incorporated) HKU\S-1-5-21-1867143850-1759161432-540520143-1000\...\MountPoints2: {2f13466b-5526-11e7-b432-d85de2a17860} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-1867143850-1759161432-540520143-1000\...\MountPoints2: {2f13467f-5526-11e7-b432-d85de2a17860} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-1867143850-1759161432-540520143-1000\...\MountPoints2: {30399a09-102e-11e6-80fc-d85de2a17860} - F:\SETUP.EXE HKU\S-1-5-21-1867143850-1759161432-540520143-1000\...\MountPoints2: {edca4b76-ce88-11e5-8bc9-d85de2a17860} - E:\NokiaPCIA_Autorun.exe Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 10.1.1.254 Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{092A0D09-58C2-490F-A83A-F8F1BB6D1312}: [DhcpNameServer] 10.1.1.254 Tcpip\..\Interfaces\{4B45E60E-E21A-4D66-98F3-D2FDA0F8656B}: [DhcpNameServer] 82.163.142.7 Internet Explorer: ================== HKU\S-1-5-21-1867143850-1759161432-540520143-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1867143850-1759161432-540520143-1000 -> {ielnksrch} URL = hxxp://www.bing.com/search?q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1867143850-1759161432-540520143-1000 -> Brak nazwy - {00011268-E188-40DF-A514-835FCD78B1BF} - Brak pliku Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Rafal\AppData\Roaming\Mozilla\Firefox\Profiles\x5ex765w.default-1457259605917 [2018-12-11] FF Extension: (Avast Online Security) - C:\Users\Rafal\AppData\Roaming\Mozilla\Firefox\Profiles\x5ex765w.default-1457259605917\Extensions\wrc@avast.com.xpi [2018-11-23] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-09] () FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-09] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1867143850-1759161432-540520143-1000: en.pixelplan.pl/PIXELPLANWebViewer -> C:\Users\Rafal\AppData\Roaming\Pixelplan\Pixelplan O4C Viewer Web\1.3.6\npPIXELPLANWebViewer.dll [2013-12-11] (Pixelplan S.C.) ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-22] (AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-22] (AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] () S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor) R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-06-10] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5892608 2015-12-29] (Broadcom Corporation) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-11-22] (AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-11-22] (AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-11-22] (AVAST Software) R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-11-22] (AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-11-22] (AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-11-28] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-11-22] (AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-11-22] (AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-11-22] (AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-11-22] (AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-11-22] (AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-11-22] (AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-11-22] (AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-11-22] (AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-11-22] (AVAST Software) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-02] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-02] (Disc Soft Ltd) S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-12-03] (Malwarebytes) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation) S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [506072 2014-06-20] (Realsil Semiconductor Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-12-11 20:22 - 2018-12-11 20:22 - 000013565 _____ C:\Users\Rafal\Desktop\FRST.txt 2018-12-11 19:57 - 2018-12-11 20:22 - 000000000 ____D C:\FRST 2018-12-11 19:52 - 2018-12-11 19:54 - 002417152 _____ (Farbar) C:\Users\Rafal\Desktop\FRST64.exe 2018-12-09 18:57 - 2018-12-09 18:57 - 006351872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2018-12-03 13:49 - 2018-12-03 13:49 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-11-23 12:33 - 2018-12-03 13:48 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-11-22 16:56 - 2018-11-22 16:56 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2018-11-11 19:32 - 2018-11-11 19:32 - 000000000 ____D C:\Users\Rafal\AppData\Local\mbamtray 2018-11-11 19:32 - 2018-11-11 19:32 - 000000000 ____D C:\Users\Rafal\AppData\Local\mbam 2018-11-11 19:31 - 2018-11-11 19:31 - 000001871 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-11-11 19:31 - 2018-11-11 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-12-11 20:03 - 2009-07-14 05:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-12-11 20:03 - 2009-07-14 05:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-12-11 19:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF 2018-12-11 19:30 - 2016-11-18 11:53 - 000000000 ____D C:\Users\Rafal\AppData\LocalLow\Mozilla 2018-12-11 16:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-12-10 21:13 - 2017-03-18 08:07 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2018-12-10 11:32 - 2015-12-30 17:28 - 000000000 ____D C:\Users\Rafal\AppData\Roaming\uTorrent 2018-12-10 10:09 - 2018-03-28 20:18 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update 2018-12-10 10:09 - 2018-03-14 09:55 - 000004574 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-12-10 10:09 - 2016-03-05 10:14 - 000002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2018-12-10 10:09 - 2016-01-27 21:50 - 000004412 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-12-10 10:09 - 2016-01-11 08:40 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software 2018-12-10 10:09 - 2016-01-05 10:25 - 000003890 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1451985942 2018-12-10 10:09 - 2016-01-05 10:21 - 000003126 _____ C:\Windows\System32\Tasks\{437BD90E-0EB1-4B30-AC07-B81C1B966695} 2018-12-10 10:09 - 2015-12-30 17:14 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2018-12-10 10:09 - 2015-12-30 16:34 - 000003722 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2018-12-10 10:09 - 2015-12-30 16:34 - 000003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon 2018-12-10 10:09 - 2015-12-30 16:22 - 000003110 _____ C:\Windows\System32\Tasks\{AF451035-8781-48D3-BACC-1740F074A65E} 2018-12-10 10:09 - 2015-12-30 16:14 - 000003106 _____ C:\Windows\System32\Tasks\{29D187B5-699F-42BA-A891-62013FFA9CF5} 2018-12-10 10:09 - 2015-12-29 17:21 - 000003126 _____ C:\Windows\System32\Tasks\{82596D61-F45D-4D85-8BDB-14477D9302E8} 2018-12-10 10:09 - 2015-12-29 17:18 - 000003126 _____ C:\Windows\System32\Tasks\{97AD977D-9287-483D-A483-F122412E6AFC} 2018-12-09 18:58 - 2016-01-27 21:50 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-12-09 18:58 - 2016-01-27 21:50 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-12-09 18:57 - 2016-01-27 21:50 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-12-09 18:57 - 2016-01-27 21:50 - 000000000 ____D C:\Windows\system32\Macromed 2018-12-03 13:52 - 2018-04-05 09:20 - 000000000 ____D C:\Users\Rafal\AppData\Local\AVAST Software 2018-12-03 13:48 - 2016-01-22 12:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-12-03 13:48 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-12-02 20:06 - 2018-03-12 20:29 - 000000000 ____D C:\Users\Rafal\AppData\Roaming\GG 2018-11-28 08:10 - 2018-04-05 09:22 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2018-11-28 08:10 - 2018-04-05 09:22 - 000002402 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk 2018-11-28 07:55 - 2018-01-05 09:05 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2018-11-24 20:11 - 2015-12-30 17:13 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-11-22 16:56 - 2017-11-21 20:49 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2018-11-22 16:56 - 2016-01-11 08:40 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2018-11-22 16:56 - 2016-01-11 08:40 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2018-11-22 16:56 - 2016-01-11 08:40 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2018-11-22 16:56 - 2016-01-11 08:40 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2018-11-22 16:56 - 2016-01-11 08:40 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2018-11-22 16:56 - 2016-01-11 08:40 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2018-11-22 16:56 - 2016-01-11 08:40 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2018-11-22 16:55 - 2017-03-18 08:07 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys 2018-11-22 16:55 - 2017-03-18 08:07 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2018-11-22 16:55 - 2017-03-18 08:07 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys 2018-11-22 16:55 - 2017-03-18 08:07 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys 2018-11-22 16:55 - 2016-06-17 20:48 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2018-11-22 16:55 - 2016-01-11 08:40 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2018-11-11 19:38 - 2017-12-26 12:00 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2018-11-11 17:46 - 2011-04-12 14:21 - 000740348 _____ C:\Windows\system32\perfh015.dat 2018-11-11 17:46 - 2011-04-12 14:21 - 000155890 _____ C:\Windows\system32\perfc015.dat 2018-11-11 17:46 - 2009-07-14 06:13 - 001669190 _____ C:\Windows\system32\PerfStringBackup.INI ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-03-01 16:50 - 2016-03-01 16:50 - 000003227 _____ () C:\Users\Rafal\AppData\Local\unins000.dat 2016-03-01 16:50 - 2016-03-01 16:50 - 000707672 _____ () C:\Users\Rafal\AppData\Local\unins000.exe 2016-03-01 16:50 - 2016-03-01 16:50 - 000011761 _____ () C:\Users\Rafal\AppData\Local\unins000.msg ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-12-09 20:25 ==================== Koniec FRST.txt ============================