Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21.11.2018
- Uruchomiony przez Adrian PC (administrator) ADRIAN (21-11-2018 17:51:05)
- Uruchomiony z C:\Users\Adrian PC\Desktop
- Załadowane profile: Adrian PC & Administrator (Dostępne profile: Adrian PC & Administrator)
- Platform: Windows 8 (X64) Język: Polski (Polska)
- Internet Explorer Wersja 10 (Domyślna przeglądarka: Chrome)
- Tryb startu: Normal
- Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Procesy (filtrowane) =================
- (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
- (AMD) C:\Windows\System32\atiesrxx.exe
- (AMD) C:\Windows\System32\atieclxx.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
- (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
- (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
- (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
- () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
- () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
- (Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
- (Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
- (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
- (Intel Corporation) C:\Windows\System32\hkcmd.exe
- () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
- (Intel Corporation) C:\Windows\System32\igfxpers.exe
- (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
- (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
- (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
- (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
- (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
- (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
- (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
- (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
- (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
- (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
- () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17516_none_6276a5b950d43361\TiWorker.exe
- (Microsoft Corporation) C:\Windows\System32\msiexec.exe
- ==================== Rejestr (filtrowane) ===========================
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
- HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
- HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-21] (Realtek Semiconductor)
- HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-21] (Realtek Semiconductor)
- HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
- HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
- HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-21] (AVAST Software)
- HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-05] (Advanced Micro Devices, Inc.)
- Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
- HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] (Atheros Communications)
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\Run: [GG] => C:\Users\Adrian PC\AppData\Local\GG\Application\gghub.exe [4078144 2015-11-06] (GG Network S.A.)
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.)
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd)
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\Run: [Flvto Youtube Downloader] => "C:\Users\Adrian PC\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.Redesign.exe" /minimize
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\MountPoints2: {0de1b757-baa8-11e8-bea2-74867a48659a} - "E:\HiSuiteDownLoader.exe"
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\MountPoints2: {0de1b7aa-baa8-11e8-bea2-74867a48659a} - "E:\HiSuiteDownLoader.exe"
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\MountPoints2: {1050cd2f-cfaa-11e7-be94-74867a48659a} - "F:\HiSuiteDownLoader.exe"
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\MountPoints2: {97ecb3d2-50dd-11e7-be87-74867a48659a} - "E:\HiSuiteDownLoader.exe"
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\MountPoints2: {f277ed90-a954-11e5-be75-74867a48659a} - "E:\setup.exe"
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\...\MountPoints2: {fb7359d1-854b-11e8-be9c-74867a48659a} - "E:\HiSuiteDownLoader.exe"
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
- Startup: C:\Users\Adrian PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2015-12-03]
- ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-01-01]
- ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
- ==================== Internet (filtrowane) ====================
- (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
- Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
- Tcpip\..\Interfaces\{6EEAC7BF-4E0A-445F-89DE-41BA57897C81}: [DhcpNameServer] 192.168.0.1
- Internet Explorer:
- ==================
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
- HKU\S-1-5-21-3593565133-1213687148-1192349871-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
- HKU\S-1-5-21-3593565133-1213687148-1192349871-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
- HKU\S-1-5-21-3593565133-1213687148-1192349871-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
- SearchScopes: HKU\S-1-5-21-3593565133-1213687148-1192349871-1001 -> DefaultScope {A0F6A96A-5A40-43A1-A50A-DE6351D9C67D} URL =
- BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2013-02-28] (Qualcomm Atheros Commnucations)
- BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
- BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-10-28] (FreeDownloadManager.ORG)
- FireFox:
- ========
- FF DefaultProfile: 0wz1ix6w.default
- FF ProfilePath: C:\Users\Adrian PC\AppData\Roaming\Mozilla\Firefox\Profiles\0wz1ix6w.default [2018-11-21]
- FF Homepage: Mozilla\Firefox\Profiles\0wz1ix6w.default -> hxxps://www.google.com/
- FF Extension: (Avast SafePrice) - C:\Users\Adrian PC\AppData\Roaming\Mozilla\Firefox\Profiles\0wz1ix6w.default\Extensions\sp@avast.com.xpi [2018-04-15]
- FF Extension: (Avast Online Security) - C:\Users\Adrian PC\AppData\Roaming\Mozilla\Firefox\Profiles\0wz1ix6w.default\Extensions\wrc@avast.com.xpi [2018-07-21]
- FF Extension: (Adblock Plus) - C:\Users\Adrian PC\AppData\Roaming\Mozilla\Firefox\Profiles\0wz1ix6w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-08-03] [Przestarzałe]
- FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nie znaleziono
- FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-21] ()
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-21] ()
- FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
- FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-01] (Intel Corporation)
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
- FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
- Chrome:
- =======
- CHR DefaultProfile: Default
- CHR HomePage: Default -> hxxps://www.google.pl/
- CHR StartupUrls: Default -> "hxxps://www.google.pl/"
- CHR Profile: C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default [2018-11-21]
- CHR Extension: (Prezentacje) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
- CHR Extension: (Free Download Manager) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2018-08-02]
- CHR Extension: (Dokumenty) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
- CHR Extension: (Dysk Google) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
- CHR Extension: (YouTube) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-02]
- CHR Extension: (Adobe Acrobat) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-11]
- CHR Extension: (Arkusze) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
- CHR Extension: (Dokumenty Google offline) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
- CHR Extension: (AdBlock) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-15]
- CHR Extension: (EasyHome Homestyler) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2017-08-03]
- CHR Extension: (Planner 5D) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2017-08-03]
- CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
- CHR Extension: (Gmail) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-02]
- CHR Extension: (Chrome Media Router) - C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-21]
- CHR Profile: C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-10-08]
- CHR Profile: C:\Users\Adrian PC\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-08]
- CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nie znaleziono>
- CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>
- ==================== Usługi (filtrowane) ====================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-21] (AVAST Software)
- R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations) [Brak podpisu cyfrowego]
- R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-21] (AVAST Software)
- S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd)
- R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-08-23] () [Brak podpisu cyfrowego]
- R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
- R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Brak podpisu cyfrowego]
- S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
- R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
- R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego]
- R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego]
- R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
- R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-18] (Realtek Semiconductor)
- R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS)
- S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
- R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-03-02] (Atheros) [Brak podpisu cyfrowego]
- S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
- S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
- ===================== Sterowniki (filtrowane) ======================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36520 2012-09-14] (Advanced Micro Devices, Inc.)
- R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201240 2018-11-21] (AVAST Software)
- R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230344 2018-11-21] (AVAST Software)
- R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201768 2018-11-21] (AVAST Software)
- R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346592 2018-11-21] (AVAST Software)
- R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59496 2018-11-21] (AVAST Software)
- R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239608 2018-11-21] (AVAST Software)
- S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46384 2018-11-21] (AVAST Software)
- R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2018-11-21] (AVAST Software)
- R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163208 2018-11-21] (AVAST Software)
- R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111800 2018-11-21] (AVAST Software)
- R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87432 2018-11-21] (AVAST Software)
- R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028680 2018-11-21] (AVAST Software)
- R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469272 2018-11-21] (AVAST Software)
- R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208472 2018-11-21] (AVAST Software)
- R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380464 2018-11-21] (AVAST Software)
- S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
- R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
- R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
- S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
- S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
- R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-05] (Disc Soft Ltd)
- R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2016-01-05] (Disc Soft Ltd)
- S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Huawei Technologies Co., Ltd.)
- U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-08-23] (Huawei Technologies Co., Ltd.)
- R3 MEIx64; C:\WINDOWS\System32\drivers\TeeDriverx64.sys [99800 2013-06-01] (Intel Corporation)
- S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-03-05] (Synaptics Incorporated)
- R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [31984 2013-03-05] (Synaptics Incorporated)
- S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
- S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
- R1 ESProtectionDriver; \??\C:\WINDOWS\system32\drivers\mbae64.sys [X]
- S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
- S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]
- ==================== NetSvcs (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ==================== Jeden miesiąc - utworzone pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-11-21 17:51 - 2018-11-21 17:51 - 000021579 _____ C:\Users\Adrian PC\Desktop\FRST.txt
- 2018-11-21 17:50 - 2018-11-21 17:51 - 000000000 ____D C:\FRST
- 2018-11-21 17:44 - 2018-11-21 17:44 - 002416640 _____ (Farbar) C:\Users\Adrian PC\Desktop\FRST64.exe
- 2018-11-21 17:35 - 2018-11-21 17:36 - 000286760 _____ C:\WINDOWS\Minidump\112118-46500-01.dmp
- 2018-11-21 17:35 - 2018-11-21 17:35 - 803470330 _____ C:\WINDOWS\MEMORY.DMP
- 2018-11-21 17:35 - 2018-11-21 17:35 - 000000000 ____D C:\WINDOWS\Minidump
- 2018-11-21 17:19 - 2018-11-21 17:19 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
- 2018-11-18 14:51 - 2018-11-18 14:51 - 000000000 ____D C:\Users\Adrian PC\Desktop\3333
- 2018-11-18 12:26 - 2018-11-18 12:26 - 000000000 ____D C:\Users\Adrian PC\AppData\Local\UnityModManagerNet
- 2018-11-02 12:22 - 2018-11-02 12:22 - 000000875 _____ C:\Users\Public\Desktop\BatteryMon.lnk
- 2018-11-02 12:22 - 2018-11-02 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BatteryMon
- 2018-11-01 19:00 - 2018-11-01 19:00 - 000000000 ____D C:\Users\Adrian PC\AppData\Local\Ndemic Creations
- 2018-10-31 21:59 - 2018-10-31 21:59 - 000000000 ____D C:\Users\Adrian PC\AppData\LocalLow\Oxymoron Games
- 2018-10-23 19:44 - 2018-11-21 17:18 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
- ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
- (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
- 2018-11-21 17:50 - 2015-11-27 23:16 - 000000000 ____D C:\ProgramData\Malwarebytes
- 2018-11-21 17:45 - 2013-10-23 15:10 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
- 2018-11-21 17:42 - 2012-07-26 10:51 - 000795984 _____ C:\WINDOWS\system32\perfh015.dat
- 2018-11-21 17:42 - 2012-07-26 10:51 - 000160066 _____ C:\WINDOWS\system32\perfc015.dat
- 2018-11-21 17:42 - 2012-07-26 08:28 - 001796820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
- 2018-11-21 17:42 - 2012-07-26 06:37 - 000000000 ____D C:\WINDOWS\Inf
- 2018-11-21 17:36 - 2012-07-26 08:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
- 2018-11-21 17:32 - 2018-03-13 18:06 - 000004566 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
- 2018-11-21 17:32 - 2017-08-03 12:39 - 000003482 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
- 2018-11-21 17:32 - 2017-08-03 12:39 - 000003354 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
- 2018-11-21 17:32 - 2017-08-03 09:27 - 000004424 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
- 2018-11-21 17:32 - 2016-10-04 13:00 - 000003176 _____ C:\WINDOWS\System32\Tasks\{B37897C6-252B-4F79-BD55-1D1FD307DEF2}
- 2018-11-21 17:32 - 2015-12-03 17:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
- 2018-11-21 17:32 - 2015-11-25 18:55 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
- 2018-11-21 17:32 - 2015-11-25 15:25 - 000003990 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
- 2018-11-21 17:32 - 2015-11-25 15:25 - 000003440 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
- 2018-11-21 17:32 - 2015-11-25 15:25 - 000003200 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
- 2018-11-21 17:26 - 2012-07-26 09:12 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
- 2018-11-21 17:26 - 2012-07-26 09:12 - 000000000 ____D C:\WINDOWS\system32\Macromed
- 2018-11-21 17:23 - 2018-01-08 05:53 - 000239608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
- 2018-11-21 17:23 - 2017-03-16 14:49 - 000003910 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
- 2018-11-21 17:19 - 2017-11-20 17:32 - 000201240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
- 2018-11-21 17:19 - 2015-11-25 16:54 - 000469272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
- 2018-11-21 17:19 - 2015-11-25 16:54 - 000380464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
- 2018-11-21 17:19 - 2015-11-25 16:54 - 000208472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
- 2018-11-21 17:19 - 2015-11-25 16:54 - 000163208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
- 2018-11-21 17:19 - 2015-11-25 16:54 - 000111800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
- 2018-11-21 17:19 - 2015-11-25 16:54 - 000087432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
- 2018-11-21 17:19 - 2015-11-25 16:54 - 000046384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
- 2018-11-21 17:18 - 2017-03-16 14:49 - 000346592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
- 2018-11-21 17:18 - 2017-03-16 14:49 - 000230344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
- 2018-11-21 17:18 - 2017-03-16 14:49 - 000201768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
- 2018-11-21 17:18 - 2017-03-16 14:49 - 000059496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
- 2018-11-21 17:18 - 2015-11-25 16:54 - 001028680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
- 2018-11-18 12:28 - 2018-08-29 17:15 - 000000000 ____D C:\Users\Adrian PC\Desktop\UnityModManager
- 2018-11-17 15:01 - 2018-10-11 15:45 - 000000000 ____D C:\Users\Adrian PC\AppData\Roaming\AIMP
- 2018-11-17 14:42 - 2015-11-25 18:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
- 2018-11-13 12:50 - 2012-07-26 09:12 - 000000000 ___HD C:\Program Files\WindowsApps
- 2018-11-13 12:50 - 2012-07-26 09:12 - 000000000 ____D C:\WINDOWS\AUInstallAgent
- 2018-11-11 23:24 - 2014-12-16 16:52 - 000000000 ____D C:\GRY
- 2018-11-10 23:17 - 2017-08-03 12:40 - 000002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2018-11-10 23:17 - 2017-08-03 12:40 - 000002191 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2018-11-06 21:30 - 2015-12-15 20:39 - 000000000 ____D C:\Users\Adrian PC\AppData\Roaming\Free Download Manager
- 2018-11-02 12:22 - 2018-09-30 10:13 - 000000000 ____D C:\Program Files\BatteryMon
- 2018-11-02 12:17 - 2018-08-15 11:56 - 000000000 ____D C:\Users\Adrian PC\AppData\Local\ElevatedDiagnostics
- 2018-11-02 12:08 - 2013-10-23 15:02 - 000000000 ____D C:\ProgramData\PCDr
- 2018-11-01 21:21 - 2017-12-17 22:25 - 000000000 ____D C:\Program Files\Malwarebytes
- 2018-11-01 18:55 - 2015-12-01 22:18 - 000000000 ____D C:\Users\Adrian PC\AppData\Roaming\qBittorrent
- 2018-10-23 20:02 - 2016-01-05 18:34 - 000000000 ____D C:\Users\Adrian PC\AppData\Local\CrashDumps
- 2018-10-23 19:57 - 2017-08-03 00:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
- 2018-10-23 19:57 - 2017-08-03 00:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
- 2018-10-23 19:43 - 2015-11-25 16:48 - 000000000 ____D C:\ProgramData\AVAST Software
- 2018-10-22 12:42 - 2015-11-25 17:03 - 000000000 ____D C:\Users\Adrian PC\AppData\Roaming\GG
- 2018-10-22 12:35 - 2015-11-25 17:03 - 000000000 ____D C:\Users\Adrian PC\AppData\Local\GG
- ==================== Pliki w katalogu głównym wybranych folderów =======
- 2017-07-07 23:36 - 2017-10-22 21:17 - 000004608 _____ () C:\Users\Adrian PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
- 2017-09-21 23:36 - 2017-09-21 23:36 - 000004096 ____H () C:\Users\Adrian PC\AppData\Local\keyfile3.drm
- Niektóre pliki w TEMP:
- ====================
- 2017-09-14 22:04 - 2017-09-14 22:04 - 010581280 _____ () C:\Users\Adrian PC\AppData\Local\Temp\HPPSdr.exe
- ==================== Bamital & volsnap ======================
- (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
- C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
- C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
- C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
- C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
- LastRegBack: 2018-11-16 19:32
- ==================== Koniec FRST.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement