Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 18-10-2017 01 Uruchomiony przez User (administrator) USER-KOMPUTER (20-10-2017 17:31:17) Uruchomiony z C:\Users\User\Desktop Załadowane profile: User (Dostępne profile: User) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe () C:\Program Files\Nokia\Nokia Internet Modem\NokiaInternetModem_AppStart.exe () C:\Program Files\hicloud\update_server\startUp.exe () C:\Program Files\hicloud\update_server\SPUpDateServer.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe () C:\ProgramData\DatacardService\HWDeviceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12023664 2014-03-14] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation) HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKLM\...\Run: [NokiaInternetModem_AppStart.exe] => C:\Program Files\Nokia\Nokia Internet Modem\NokiaInternetModem.exe [198344 2010-09-08] (Nokia) HKLM\...\Run: [SPUpDateServerrun] => C:\Program Files\hicloud\update_server\startUp.exe [15232 2015-06-15] () HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-20] (AVAST Software) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\Run: [Internet Manager] => C:\Program Files\T-Mobile\InternetManager_H\Internet Manager.exe [84560 2013-12-19] () HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: E - E:\LaunchU3.exe -a HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {06372c7e-23b5-11e5-b922-fcaa14181d9c} - E:\AutoRun.exe HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {06372c8a-23b5-11e5-b922-fcaa14181d9c} - E:\AutoRun.exe HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {29baf1fa-a567-11e5-bc9a-fcaa14181d9c} - G:\AutoRun.exe HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {5639b504-56c0-11e5-9fb5-fcaa14181d9c} - E:\AutoRun.exe HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {723da3cc-72a2-11e7-b2f6-fcaa14181d9c} - E:\LaunchU3.exe -a HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {898430a8-3690-11e5-8057-fcaa14181d9c} - F:\AutoRun.exe HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {93ef3696-5894-11e5-a141-fcaa14181d9c} - E:\AutoRun.exe HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {99177047-7967-11e4-8e9e-806e6f6e6963} - D:\Run.exe HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {9badaff4-56c7-11e5-99d6-fcaa14181d9c} - G:\AutoRun.exe HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {ad2bd705-a30a-11e5-a540-fcaa14181d9c} - E:\AutoRun.exe HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {b6644680-61e8-11e5-a273-fcaa14181d9c} - E:\AutoRun.exe HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\...\MountPoints2: {e5403b88-b9d6-11e5-98ef-fcaa14181d9c} - E:\AutoRun.exe Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.lnk [2016-03-10] ShortcutTarget: thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{0E706B44-BCD5-41A1-972D-E24178DFDC10}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{15101DC8-FFA5-4CC1-B5B7-5817F6FE3140}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Internet Explorer: ================== HKU\S-1-5-21-2499238779-4251963565-3416558980-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-20] (AVAST Software) FireFox: ======== FF DefaultProfile: aznnyn2a.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\aznnyn2a.default [2017-10-20] FF NewTab: Mozilla\Firefox\Profiles\aznnyn2a.default -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\aznnyn2a.default -> Google FF DefaultSearchUrl: Mozilla\Firefox\Profiles\aznnyn2a.default -> hxxps://www.google.com/search?bcutc=sp-006 FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\aznnyn2a.default -> Google FF SelectedSearchEngine: Mozilla\Firefox\Profiles\aznnyn2a.default -> Google FF Homepage: Mozilla\Firefox\Profiles\aznnyn2a.default -> hxxps://www.google.com/?bcutc=sp-006 FF Keyword.URL: Mozilla\Firefox\Profiles\aznnyn2a.default -> hxxps://www.google.com/search?bcutc=sp-006 FF Extension: (DuckDuckGo Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\aznnyn2a.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2017-10-13] FF Extension: (Avast Online Security) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\aznnyn2a.default\Extensions\wrc@avast.com.xpi [2017-10-20] FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\aznnyn2a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\aznnyn2a.default\searchplugins\google-avast.xml [2017-10-20] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-16] () FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-16] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-16] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin: shipin7 -> C:\Program Files\hicloud\PCPlayer\npSP7WebVideoPlugin.dll [2016-05-09] () FF Plugin: shipin7safebox -> C:\Program Files\hicloud\PCPlayer\npSafePlugin.dll [2016-05-09] () FF Plugin: shipin7update -> C:\Program Files\hicloud\PCPlayer\npUpdataPlugin.dll [2016-05-09] () Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-10-01] CHR Extension: (Prezentacje Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-16] CHR Extension: (Dokumenty Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-16] CHR Extension: (Arkusze Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-16] CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-16] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-08] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-21] CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-08] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5828816 2017-10-20] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-20] (AVAST Software) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279144 2015-12-11] (Intel Corporation) R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [276048 2013-10-28] () R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [291432 2015-12-11] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [595968 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [642520 2013-08-27] (Intel(R) Corporation) S2 Internet Manager. RunOuc; C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [678480 2013-12-19] () R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S2 PLAY ONLINE. RunOuc; C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe [651856 2013-10-26] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-09-10] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [255624 2017-10-20] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157416 2017-10-20] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276736 2017-10-20] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50384 2017-10-20] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42856 2017-10-20] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [124952 2017-10-20] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [99560 2017-10-20] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70864 2017-10-20] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777952 2017-10-20] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [499560 2017-10-20] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [149824 2017-10-20] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [297840 2017-10-20] (AVAST Software) S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [101504 2013-11-30] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27776 2013-11-30] (Huawei Technologies Co., Ltd.) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [208896 2013-11-30] (Huawei Technologies Co., Ltd.) S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [108032 2013-12-10] (Huawei Technologies Co., Ltd.) S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [316544 2013-12-10] (Huawei Technologies Co., Ltd.) R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [502120 2014-04-11] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2014-04-11] (Intel Corporation) R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2014-02-21] (Intel Corporation) R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [364528 2014-02-21] (Intel Corporation) R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [800240 2014-02-21] (Intel Corporation) R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [85464 2013-09-16] (Intel Corporation) R3 mf; C:\Windows\System32\DRIVERS\mf.sys [114176 2009-07-14] (Microsoft Corporation) S3 nokia_cs1x_cdc_acm; C:\Windows\System32\DRIVERS\nokia_cs1x_cdc_acm.sys [85888 2010-04-22] (Nokia) S3 nokia_cs1x_cpo; C:\Windows\System32\DRIVERS\nokia_cs1x_cpo.sys [9856 2010-04-22] (Nokia) R3 nokia_cs1x_dc_enum; C:\Windows\System32\DRIVERS\nokia_cs1x_dc_enum.sys [81408 2010-04-22] (Nokia) R2 NPF; C:\Program Files\hicloud\PCPlayer\npf.sys [36600 2016-05-04] (Riverbed Technology, Inc.) S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1348240 2013-03-05] (Realtek Semiconductor Corporation ) R3 StnPport; C:\Windows\System32\DRIVERS\StnPport.sys [83456 2012-08-27] () R3 StnSport; C:\Windows\System32\DRIVERS\StnSport.sys [118784 2012-08-27] () S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-10-20 17:31 - 2017-10-20 17:31 - 000016127 _____ C:\Users\User\Desktop\FRST.txt 2017-10-20 17:26 - 2017-10-20 17:31 - 000000000 ____D C:\FRST 2017-10-20 17:26 - 2017-10-20 17:26 - 001798656 _____ (Farbar) C:\Users\User\Desktop\FRST.exe 2017-10-20 17:24 - 2017-10-20 17:24 - 000000000 ____D C:\ProgramData\SWCUTemp 2017-10-20 17:19 - 2017-10-20 17:19 - 000777952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000499560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000304816 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-10-20 17:19 - 2017-10-20 17:19 - 000297840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000276736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000255624 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000157416 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000149824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000124952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000099560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000070864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000050384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000042856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-10-20 17:19 - 2017-10-20 17:19 - 000002043 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-10-20 17:19 - 2017-10-20 17:19 - 000000000 ____D C:\Users\User\AppData\Roaming\AVAST Software 2017-10-20 17:19 - 2017-10-20 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2017-10-20 17:19 - 2017-10-20 17:19 - 000000000 ____D C:\Program Files\AVAST Software 2017-10-20 17:18 - 2017-10-20 17:18 - 007161304 _____ (AVAST Software) C:\Users\User\Desktop\avast_free_antivirus_setup_online.exe 2017-10-20 17:06 - 2017-10-20 17:06 - 000000000 ____D C:\Users\User\Desktop\KR2014 2017-10-17 14:04 - 2017-10-17 14:04 - 000773852 _____ C:\Users\User\Desktop\Faktura 19_09_17.PDF 2017-10-17 14:04 - 2017-10-17 14:04 - 000141038 _____ C:\Users\User\Desktop\Faktura 48_17_MA.PDF 2017-10-17 13:59 - 2017-10-17 13:59 - 000084749 _____ C:\Users\User\Desktop\Faktura VAT nr F_000072_17_MG(1).pdf 2017-10-17 12:57 - 2017-10-17 12:57 - 000062968 _____ C:\Users\User\Desktop\FS198-KK-2017.pdf 2017-10-12 13:10 - 2017-10-12 13:10 - 000183656 _____ C:\Users\User\Desktop\Sendit-Protokol-12-10-2017.pdf 2017-10-12 13:10 - 2017-10-12 13:10 - 000073609 _____ C:\Users\User\Desktop\Sendit-LP-000112171-000000116.pdf 2017-10-03 12:21 - 2017-10-03 12:21 - 000023256 _____ C:\Users\User\Desktop\ZWROTY.pdf 2017-10-03 12:14 - 2017-10-03 12:25 - 000013502 _____ C:\Users\User\Desktop\ZWROTY.odt ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-10-20 17:30 - 2009-07-14 06:34 - 000028896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-10-20 17:30 - 2009-07-14 06:34 - 000028896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-10-20 17:27 - 2011-04-12 07:08 - 000740732 _____ C:\Windows\system32\perfh015.dat 2017-10-20 17:27 - 2011-04-12 07:08 - 000155804 _____ C:\Windows\system32\perfc015.dat 2017-10-20 17:27 - 2010-11-20 23:01 - 001671648 _____ C:\Windows\system32\PerfStringBackup.INI 2017-10-20 17:27 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf 2017-10-20 17:24 - 2016-11-18 13:57 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla 2017-10-20 17:23 - 2014-12-01 16:48 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles 2017-10-20 17:23 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-10-20 17:22 - 2016-01-07 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-10-20 17:22 - 2016-01-07 13:35 - 000000000 ____D C:\Program Files\7-Zip 2017-10-20 17:19 - 2015-07-11 12:23 - 000000000 ____D C:\ProgramData\AVAST Software 2017-10-20 13:29 - 2009-07-14 06:53 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-10-20 12:54 - 2016-03-10 19:26 - 000000000 ____D C:\Users\User\AppData\Roaming\FileZilla 2017-10-16 10:26 - 2015-07-30 11:52 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2017-10-16 10:26 - 2015-07-30 11:52 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2017-10-16 10:26 - 2015-07-30 11:52 - 000000000 ____D C:\Windows\system32\Macromed 2017-10-16 10:15 - 2016-11-22 13:30 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2017-10-16 10:15 - 2015-07-11 10:41 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2017-10-06 10:07 - 2016-11-18 12:51 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-09-26 10:26 - 2017-06-16 15:20 - 000002111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-26 10:26 - 2017-06-16 15:20 - 000002099 _____ C:\Users\Public\Desktop\Google Chrome.lnk Niektóre pliki w TEMP: ==================== 2016-07-27 15:35 - 2016-07-27 15:35 - 002612600 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\DefaultPack.EXE 2006-05-24 06:10 - 2006-05-24 06:10 - 000455600 ____R (Macrovision Corporation) C:\Users\User\AppData\Local\Temp\_isB125.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-10-20 10:21 ==================== Koniec FRST.txt ============================