Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 09.01.2019 01 Uruchomiony przez Oliwka (administrator) OLIWKA-KOMPUTER (11-01-2019 19:24:18) Uruchomiony z C:\Users\Oliwka\Downloads Załadowane profile: Oliwka (Dostępne profile: Oliwka) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Windows\SysWOW64\srvany.exe () C:\Windows\KMService.exe (McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-19] (AVAST Software) HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-3846079345-1508119535-3097016961-1001\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.) HKU\S-1-5-21-3846079345-1508119535-3097016961-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd) HKU\S-1-5-21-3846079345-1508119535-3097016961-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3846079345-1508119535-3097016961-1001\...\MountPoints2: {3ead4b88-a656-11e4-9177-00262d50ae51} - F:\setup.exe HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS) HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (On2.com) HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (On2.com) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\Windows\System32\iedkcs32.dll [2010-11-20] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-19] (Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\Windows\SysWOW64\iedkcs32.dll [2010-11-20] (Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\70.1.973.110\Installer\chrmstp.exe [2019-01-04] (AVAST Software) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2018-11-27] (McAfee, LLC.) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corp.) Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-06-06] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe (McAfee, Inc.) GroupPolicy: Ograniczenia - Windows Defender <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{AECD1EC4-F8EB-4942-8EE1-90282331A7A4}: [DhcpNameServer] 192.168.88.1 Tcpip\..\Interfaces\{C6932D04-A4AF-418C-A9F6-47351404523C}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{DE80A237-A243-457D-A554-3A48D9BBA6F9}: [DhcpNameServer] 192.168.1.1 0.0.0.0 HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.0.108,1] Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-3846079345-1508119535-3097016961-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security) BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security) Toolbar: HKU\S-1-5-21-3846079345-1508119535-3097016961-1001 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-01-13] (Nero AG) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default [2019-01-11] CHR Extension: (Dokumenty) - C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15] CHR Extension: (Dysk Google) - C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05] CHR Extension: (YouTube) - C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-14] CHR Extension: (Google Search) - C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06] CHR Extension: (Avast SafePrice | Porównania, promocje, kupony) - C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-29] CHR Extension: (Dokumenty Google offline) - C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-04] CHR Extension: (Avast Online Security) - C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-19] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-29] CHR Extension: (DealGrabbers) - C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodnioamilbagojfgmclajhflgeenpkf [2016-06-08] CHR Extension: (Chrome Media Router) - C:\Users\Oliwka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-29] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-12-19] (AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-19] (AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-23] (AVAST Software) S3 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-03-20] (CyberLink) S3 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [323336 2013-03-20] (CyberLink) R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2018-05-15] () [Brak podpisu cyfrowego] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.569\McCHSvc.exe [404376 2017-05-25] (McAfee, Inc.) S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) S2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [352688 2018-11-27] (McAfee, LLC.) S2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [352688 2018-11-27] (McAfee, LLC.) R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2018-11-27] (McAfee, LLC.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-12-19] (AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-12-19] (AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-12-19] (AVAST Software) R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-12-19] (AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-12-19] (AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-12-19] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-12-19] (AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-12-19] (AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-12-19] (AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-12-19] (AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-12-19] (AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-12-19] (AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-12-19] (AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-12-19] (AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-12-19] (AVAST Software) R3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [311424 2009-05-22] (AVerMedia TECHNOLOGIES, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-01-27] (DT Soft Ltd) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-03-19] (CyberLink Corp.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-01-11 19:24 - 2019-01-11 19:24 - 000019198 _____ C:\Users\Oliwka\Downloads\FRST.txt 2019-01-11 19:23 - 2019-01-11 19:24 - 000000000 ____D C:\FRST 2019-01-11 19:22 - 2019-01-11 19:22 - 002425856 _____ (Farbar) C:\Users\Oliwka\Downloads\FRST64.exe 2019-01-11 19:11 - 2018-12-19 18:45 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2019-01-05 21:38 - 2013-09-13 22:08 - 000070554 _____ C:\Users\Oliwka\Desktop\Obraz 2013-06-25.jpeg 2019-01-04 19:47 - 2019-01-04 19:47 - 000374229 _____ C:\Users\Oliwka\Downloads\Tom 2, Nr 1 - 07. M. Zalas, M. Ingaldi_22_25.pdf 2019-01-02 13:18 - 2019-01-02 13:18 - 000000000 ____D C:\Program Files\McAfee 2018-12-19 18:45 - 2018-12-19 18:44 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2018-12-19 18:45 - 2018-12-19 18:44 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3d07444f6e4637e3.tmp ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-01-11 19:17 - 2016-05-28 00:42 - 000086992 _____ C:\Users\Oliwka\AppData\Local\GDIPFONTCACHEV1.DAT 2019-01-11 19:17 - 2015-01-22 22:20 - 000000000 ____D C:\Program Files (x86)\Opera 2019-01-11 19:16 - 2009-07-14 05:45 - 000014592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-01-11 19:16 - 2009-07-14 05:45 - 000014592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-01-11 19:12 - 2015-01-22 21:43 - 000001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2019-01-11 19:11 - 2017-04-13 17:13 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2019-01-11 19:06 - 2015-01-22 21:32 - 000000000 ____D C:\Users\Oliwka 2019-01-11 19:06 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-01-11 19:04 - 2017-06-06 12:25 - 000000000 ____D C:\ProgramData\McAfee Security Scan 2019-01-11 19:04 - 2015-06-01 21:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2019-01-11 19:04 - 2009-07-14 19:09 - 000000000 ___RD C:\Users\Public\Recorded TV 2019-01-11 19:04 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat 2019-01-11 19:03 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration 2019-01-08 21:37 - 2017-09-14 19:00 - 000350208 ___SH C:\Users\Oliwka\Desktop\Thumbs.db 2019-01-08 19:34 - 2017-10-05 14:50 - 000000000 ____D C:\Users\Oliwka\Desktop\studia 2019-01-06 19:01 - 2016-05-16 06:31 - 000000258 _____ C:\Windows\Tasks\HP Photo Creations Messager.job 2019-01-06 18:22 - 2009-07-14 05:45 - 000354424 _____ C:\Windows\system32\FNTCACHE.DAT 2019-01-04 17:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF 2019-01-04 17:03 - 2018-04-23 08:16 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2019-01-04 17:03 - 2018-04-23 08:16 - 000002392 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk 2019-01-02 17:37 - 2017-06-06 12:04 - 000000000 ____D C:\Program Files (x86)\McAfee 2019-01-02 13:19 - 2017-06-06 12:18 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk 2019-01-02 13:19 - 2017-06-06 12:18 - 000001102 _____ C:\Users\Public\Desktop\True Key.lnk 2019-01-02 13:19 - 2017-06-06 11:54 - 000000000 ____D C:\ProgramData\McAfee 2019-01-02 13:17 - 2009-07-14 18:55 - 001104772 _____ C:\Windows\system32\perfh015.dat 2019-01-02 13:17 - 2009-07-14 18:55 - 000282816 _____ C:\Windows\system32\perfc015.dat 2019-01-02 13:17 - 2009-07-14 06:13 - 000006248 _____ C:\Windows\system32\PerfStringBackup.INI 2018-12-20 00:05 - 2015-01-22 21:36 - 000003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-12-20 00:05 - 2015-01-22 21:36 - 000003354 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-12-19 22:13 - 2018-01-12 14:30 - 000000000 ____D C:\Users\Oliwka\Desktop\zdjęcia iphone 7 oliwia 2018-12-19 22:12 - 2018-09-09 11:27 - 000000000 ____D C:\Users\Oliwka\Desktop\łódź egipt 2018-12-19 18:59 - 2015-01-22 21:37 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-12-19 18:59 - 2015-01-22 21:37 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-12-19 18:47 - 2018-01-11 20:15 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2018-12-19 18:47 - 2018-01-11 20:15 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbb4c17a654535a9e.tmp 2018-12-19 18:45 - 2017-11-19 12:32 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2018-12-19 18:45 - 2017-11-19 12:32 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2170a89764998739.tmp 2018-12-19 18:45 - 2015-01-22 21:42 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2018-12-19 18:45 - 2015-01-22 21:42 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe93b6b8eb9a533fd.tmp 2018-12-19 18:45 - 2015-01-22 21:42 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2018-12-19 18:45 - 2015-01-22 21:42 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswcde10732ddf711fe.tmp 2018-12-19 18:45 - 2015-01-22 21:42 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2018-12-19 18:45 - 2015-01-22 21:42 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe8f2e35eb4a08e65.tmp 2018-12-19 18:45 - 2015-01-22 21:42 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2018-12-19 18:45 - 2015-01-22 21:42 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswdb0b3e36a0bce422.tmp 2018-12-19 18:45 - 2015-01-22 21:42 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2018-12-19 18:45 - 2015-01-22 21:42 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3739c67210a5f056.tmp 2018-12-19 18:45 - 2015-01-22 21:42 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2018-12-19 18:45 - 2015-01-22 21:42 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbe1b7f6f8c938233.tmp 2018-12-19 18:45 - 2015-01-22 21:42 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2018-12-19 18:45 - 2015-01-22 21:42 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8692fa88610d5ba6.tmp 2018-12-19 18:44 - 2017-04-13 17:13 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys 2018-12-19 18:44 - 2017-04-13 17:13 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8ed1d116a4682c98.tmp 2018-12-19 18:44 - 2017-04-13 17:13 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2018-12-19 18:44 - 2017-04-13 17:13 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9cde48b553e62db3.tmp 2018-12-19 18:44 - 2017-04-13 17:13 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys 2018-12-19 18:44 - 2017-04-13 17:13 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7761ed35bc527467.tmp 2018-12-19 18:44 - 2017-04-13 17:13 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys 2018-12-19 18:44 - 2017-04-13 17:13 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\asw74cf9c109ecd61e0.tmp 2018-12-19 18:44 - 2015-01-22 21:42 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2018-12-19 18:44 - 2015-01-22 21:42 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1705a99c490fda75.tmp ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-08-01 13:32 - 2016-08-01 13:32 - 000004608 _____ () C:\Users\Oliwka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-08 21:29 - 2015-03-08 21:29 - 000000000 _____ () C:\Users\Oliwka\AppData\Local\{D1F717CE-B077-4434-A2FD-99800CA1E8F0} Niektóre pliki w TEMP: ==================== 2017-03-22 23:16 - 2017-03-22 23:16 - 014456872 _____ (Microsoft Corporation) C:\Users\Oliwka\AppData\Local\Temp\vc_redist.x86.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2019-01-04 17:21 ==================== Koniec FRST.txt ============================