Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 21.01.2018 Uruchomiony przez Asia (administrator) ASIA-KOMPUTER (27-01-2018 20:44:13) Uruchomiony z C:\Users\Asia\Downloads Załadowane profile: Asia (Dostępne profile: Asia) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe (Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (WiperSoft) C:\Program Files\WiperSoft\WiperSoft.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [StartCCC] => C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-07-15] (Advanced Micro Devices, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-10] (AVAST Software) HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-10-31] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [295512 2018-01-26] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-3864108792-3241854129-238959929-1000\...\Run: [Spotify] => C:\Users\Asia\AppData\Roaming\Spotify\Spotify.exe [21099408 2018-01-26] (Spotify Ltd) HKU\S-1-5-21-3864108792-3241854129-238959929-1000\...\Run: [uTorrent] => C:\Users\Asia\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2018-01-10] (BitTorrent Inc.) HKU\S-1-5-21-3864108792-3241854129-238959929-1000\...\Run: [Spotify Web Helper] => C:\Users\Asia\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-26] (Spotify Ltd) HKU\S-1-5-21-3864108792-3241854129-238959929-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-3864108792-3241854129-238959929-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-3864108792-3241854129-238959929-1000\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-3864108792-3241854129-238959929-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2010-11-20] (Microsoft Corporation) HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1 BootExecute: autocheck autochk * sdnclean.exe GroupPolicy: Ograniczenia - Chrome <==== UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{8898909A-C0E6-42AF-81A4-DADA9736206D}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA HKU\S-1-5-21-3864108792-3241854129-238959929-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3864108792-3241854129-238959929-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://windowsmx.pl/Win7_by_MalcolmX HKU\S-1-5-21-3864108792-3241854129-238959929-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-21-3864108792-3241854129-238959929-1000 -> DefaultScope {637D6E3C-DF93-48A5-8362-159A8AC56B11} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}&meta= SearchScopes: HKU\S-1-5-21-3864108792-3241854129-238959929-1000 -> {637D6E3C-DF93-48A5-8362-159A8AC56B11} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}&meta= BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-19] (AVAST Software) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.pl/ CHR StartupUrls: Default -> "hxxps://www.google.pl/" CHR Session Restore: Default -> [funkcja włączona] CHR Profile: C:\Users\Asia\AppData\Local\Google\Chrome\User Data\Default [2018-01-27] CHR Extension: (Dysk Google) - C:\Users\Asia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-12] CHR Extension: (YouTube) - C:\Users\Asia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-12] CHR Extension: (AVG SafePrice) - C:\Users\Asia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-01-26] CHR Extension: (Floral Blue) - C:\Users\Asia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mndpkoimnhcijdanbkehgccnadibcceg [2018-01-24] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Asia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-12] CHR Extension: (Gmail) - C:\Users\Asia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-12] CHR Extension: (Chrome Media Router) - C:\Users\Asia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-10] CHR HKLM\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [276992 2015-07-15] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5906816 2018-01-10] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-10] (AVAST Software) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [301720 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5957472 2018-01-26] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-10-31] (AVG Technologies CZ, s.r.o.) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.) S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.) R2 Themes; C:\Windows\system32\themeservice.dll [37376 2013-12-31] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-12-31] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 amdhub30; C:\Windows\system32\drivers\amdhub30.sys [85160 2012-08-15] (Advanced Micro Devices, INC.) S3 amdxhc; C:\Windows\system32\drivers\amdxhc.sys [177832 2012-08-15] (Advanced Micro Devices, INC.) S3 asmthub3; C:\Windows\system32\drivers\asmthub3.sys [111360 2013-06-24] (ASMedia Technology Inc) S3 asmtxhci; C:\Windows\system32\drivers\asmtxhci.sys [334592 2013-06-24] (ASMedia Technology Inc) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [158224 2018-01-10] (AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [255584 2018-01-10] (AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157376 2018-01-10] (AVAST Software) R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276696 2018-01-10] (AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50344 2018-01-10] (AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [118144 2018-01-10] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42824 2018-01-10] (AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [123880 2018-01-10] (AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [99528 2018-01-10] (AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70832 2018-01-10] (AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783104 2018-01-10] (AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [390256 2018-01-10] (AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [151328 2018-01-10] (AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [294680 2018-01-10] (AVAST Software) S3 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [150672 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgbdisk; C:\Windows\System32\drivers\avgbdiskx.sys [135872 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriverx.sys [249232 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgbidsh; C:\Windows\System32\drivers\avgbidshx.sys [151024 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgblog; C:\Windows\System32\drivers\avgblogx.sys [270344 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgbuniv; C:\Windows\System32\drivers\avgbunivx.sys [43992 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [35264 2018-01-26] (AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [116344 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [91976 2018-01-26] (AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [63280 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [775552 2018-01-26] (AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [382720 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgStm; C:\Windows\System32\drivers\avgStm.sys [143776 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [287128 2018-01-26] (AVG Technologies CZ, s.r.o.) S3 b06diag; C:\Windows\system32\drivers\bxdiagx.sys [75816 2012-03-08] (Broadcom Corporation) S3 BFN7x86; C:\Windows\system32\drivers\Xeno7x86.sys [130152 2012-02-22] (Bigfoot Networks, Inc.) S3 BFNVis32; C:\Windows\system32\drivers\XenoVx86.sys [130152 2012-02-22] (Bigfoot Networks, Inc.) S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [150568 2012-02-22] (Broadcom Corporation) S3 bxois; C:\Windows\system32\drivers\bxois.sys [435240 2012-02-22] (Broadcom Corporation) S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [11008 2007-11-03] (Intel Corp.) S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [500736 2008-09-11] (Intel Corp.) S3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65152 2012-08-07] (Etron Technology Inc) S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc) S3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [88832 2012-08-07] (Etron Technology Inc) S3 FLxHCIc; C:\Windows\system32\drivers\FLxHCIc.sys [205552 2012-11-02] (Fresco Logic) S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [61168 2012-11-02] (Fresco Logic) S3 FTDIBUS; C:\Windows\system32\drivers\ftdibus.sys [62216 2012-04-13] (FTDI Ltd.) S3 HWA; C:\Windows\System32\Drivers\HWA.sys [53376 2008-09-29] (Intel Corp.) S3 IFCoEMP; C:\Windows\system32\drivers\ifM60x32.sys [334096 2012-04-21] (Intel(R) Corporation) S3 IFCoEVB; C:\Windows\system32\drivers\ifP60X32.sys [69392 2012-04-21] (Intel(R) Corporation) S3 ioatdma1; C:\Windows\System32\Drivers\qd16032.sys [36552 2009-11-16] (Intel Corporation) S3 ioatdma2; C:\Windows\System32\Drivers\qd26032.sys [37576 2009-11-16] (Intel Corporation) R0 iusb3hcs; C:\Windows\System32\drivers\iusb3hcs.sys [16880 2013-07-18] (Intel Corporation) S3 iusb3hub; C:\Windows\system32\drivers\iusb3hub.sys [351288 2012-10-16] (Intel Corporation) S3 iusb3xhc; C:\Windows\system32\drivers\iusb3xhc.sys [796216 2012-10-16] (Intel Corporation) S3 MEI; C:\Windows\system32\drivers\HECI.sys [55104 2012-07-13] (Intel Corporation) S3 nusb3hub; C:\Windows\system32\drivers\nusb3hub.sys [62208 2010-11-19] (Renesas Electronics Corporation) S3 nusb3xhc; C:\Windows\system32\drivers\nusb3xhc.sys [141568 2010-11-19] (Renesas Electronics Corporation) R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [293080 2017-09-12] (Realsil Semiconductor Corporation) S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [91016 2012-08-27] (Renesas Electronics Corporation) S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [181128 2012-08-27] (Renesas Electronics Corporation) S3 Ser2plx86; C:\Windows\system32\drivers\ser2pl.sys [132608 2012-07-27] (Prolific Technology Inc.) S3 silabenm; C:\Windows\system32\drivers\silabenm.sys [47176 2012-12-11] (Silicon Laboratories) S3 silabser; C:\Windows\system32\drivers\silabser.sys [63104 2012-12-11] (Silicon Laboratories) S3 tihub3; C:\Windows\system32\drivers\tihub3.sys [108392 2012-07-23] (Texas Instruments Incorporated) S3 tixhci; C:\Windows\system32\drivers\tixhci.sys [327016 2012-07-23] (Texas Instruments Incorporated) S3 uagp35; C:\Windows\system32\drivers\sisagpx.sys [58400 2009-08-01] (Silicon Integrated Systems Corporation) S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [9600 2008-09-15] (Intel Corp.) S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [193024 2013-08-12] (VIA Technologies, Inc.) S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [239104 2013-08-12] (VIA Technologies, Inc.) S3 catchme; \??\C:\Users\Asia\AppData\Local\Temp\catchme.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X] R1 ESProtectionDriver; \??\C:\Windows\system32\drivers\mbae.sys [X] R2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X] S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X] S3 MBAMProtection; system32\DRIVERS\mbam.sys [X] S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X] S3 MBAMWebProtection; system32\DRIVERS\mwac.sys [X] U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [588504 2017-09-12] (Realsil Semiconductor Corporation) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-01-27 20:43 - 2018-01-27 20:43 - 000083996 _____ C:\Users\Asia\Downloads\Addition_11-12-2017 02.06.01.txt 2018-01-27 20:43 - 2018-01-27 20:43 - 000048333 _____ C:\Users\Asia\Downloads\FRST_11-12-2017 02.06.01.txt 2018-01-27 20:40 - 2018-01-27 20:40 - 000005011 _____ C:\Users\Asia\Downloads\s.txt 2018-01-27 20:39 - 2018-01-27 20:39 - 000000000 ____D C:\Users\Asia\AppData\Local\CrashDumps 2018-01-27 20:28 - 2018-01-27 20:32 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2018-01-27 20:28 - 2018-01-27 20:29 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy 2 2018-01-27 20:28 - 2018-01-27 20:28 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2018-01-27 20:28 - 2018-01-27 20:28 - 000002083 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2018-01-27 20:28 - 2018-01-27 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2018-01-27 20:28 - 2017-05-23 09:22 - 000030128 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean.exe 2018-01-27 20:27 - 2018-01-27 20:27 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\Asia\Downloads\spybotsd-2.6.46.exe 2018-01-27 20:26 - 2018-01-27 20:26 - 001727652 _____ ( ) C:\Users\Asia\Downloads\Spybot-Search-Destroy-12546-AsystentPobierania_2593198790.exe 2018-01-27 20:19 - 2018-01-27 20:19 - 000000887 _____ C:\Users\Asia\Desktop\WiperSoft.lnk 2018-01-27 20:19 - 2018-01-27 20:19 - 000000000 ____D C:\Users\Asia\AppData\Roaming\WiperSoft 2018-01-27 20:19 - 2018-01-27 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiperSoft 2018-01-27 20:18 - 2018-01-27 20:19 - 000000000 ____D C:\Program Files\WiperSoft 2018-01-27 20:18 - 2018-01-27 20:18 - 002011760 _____ (WiperSoft) C:\Users\Asia\Downloads\WiperSoft-installer.exe 2018-01-27 15:12 - 2018-01-27 15:12 - 000000000 ____D C:\ProgramData\SWCUTemp 2018-01-27 15:08 - 2018-01-27 20:11 - 000035390 _____ C:\Windows\ntbtlog.txt 2018-01-27 15:08 - 2018-01-27 15:10 - 000437472 _____ C:\Windows\system32\FNTCACHE.DAT 2018-01-27 10:48 - 2018-01-27 11:03 - 003927160 _____ (Google) C:\Users\Asia\Downloads\chrome_cleanup_tool.exe 2018-01-27 10:36 - 2018-01-27 10:36 - 000000000 ____D C:\Users\Asia\AppData\Local\VirtualStore 2018-01-26 23:49 - 2018-01-26 23:49 - 000000000 ____D C:\Program Files\Malwarebytes 2018-01-26 23:39 - 2018-01-26 23:40 - 082358616 _____ (Malwarebytes ) C:\Users\Asia\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3707.exe 2018-01-26 21:47 - 2018-01-26 21:47 - 000000000 ____D C:\Users\Asia\AppData\Roaming\AVG 2018-01-26 21:42 - 2018-01-26 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2018-01-26 21:41 - 2018-01-26 21:41 - 000000000 ____D C:\Program Files\Common Files\AVG 2018-01-26 21:40 - 2018-01-26 21:41 - 000382720 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys 2018-01-26 21:40 - 2018-01-26 21:41 - 000116344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2018-01-26 21:40 - 2018-01-26 21:37 - 000287128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys 2018-01-26 21:40 - 2018-01-26 21:37 - 000150672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys 2018-01-26 21:40 - 2018-01-26 21:37 - 000143776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2018-01-26 21:40 - 2018-01-26 21:37 - 000091976 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2018-01-26 21:40 - 2018-01-26 21:37 - 000063280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2018-01-26 21:40 - 2018-01-26 21:37 - 000035264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys 2018-01-26 21:40 - 2018-01-26 21:34 - 000775552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2018-01-26 21:40 - 2018-01-26 21:33 - 000043992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbunivx.sys 2018-01-26 21:39 - 2018-01-26 21:33 - 000270344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblogx.sys 2018-01-26 21:39 - 2018-01-26 21:33 - 000249232 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriverx.sys 2018-01-26 21:39 - 2018-01-26 21:33 - 000151024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidshx.sys 2018-01-26 21:39 - 2018-01-26 21:33 - 000135872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiskx.sys 2018-01-26 21:38 - 2018-01-26 21:35 - 000306960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2018-01-26 21:31 - 2018-01-26 21:31 - 000000000 ____D C:\Users\Asia\Doctor Web 2018-01-26 21:31 - 2018-01-26 21:31 - 000000000 ____D C:\ProgramData\Doctor Web 2018-01-26 21:23 - 2018-01-26 23:53 - 000000000 ____D C:\Program Files\AVG 2018-01-26 21:23 - 2018-01-26 21:27 - 164799160 _____ C:\Users\Asia\Downloads\launch.exe 2018-01-26 21:14 - 2018-01-26 21:14 - 000000000 ___HD C:\$AV_ASW 2018-01-26 20:41 - 2018-01-26 20:41 - 000015733 _____ C:\ComboFix.txt 2018-01-26 20:19 - 2011-06-26 07:45 - 000256000 _____ C:\Windows\PEV.exe 2018-01-26 20:19 - 2010-11-07 18:20 - 000208896 _____ C:\Windows\MBR.exe 2018-01-26 20:19 - 2009-04-20 05:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2018-01-26 20:19 - 2000-08-31 01:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2018-01-26 20:19 - 2000-08-31 01:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2018-01-26 20:19 - 2000-08-31 01:00 - 000098816 _____ C:\Windows\sed.exe 2018-01-26 20:19 - 2000-08-31 01:00 - 000080412 _____ C:\Windows\grep.exe 2018-01-26 20:19 - 2000-08-31 01:00 - 000068096 _____ C:\Windows\zip.exe 2018-01-26 20:18 - 2018-01-27 11:29 - 000000000 ____D C:\ComboFix 2018-01-26 20:16 - 2018-01-26 21:14 - 000000000 ____D C:\Qoobox 2018-01-26 20:15 - 2018-01-26 20:38 - 000000000 ____D C:\Windows\erdnt 2018-01-26 20:15 - 2018-01-26 20:15 - 005660870 ____R (Swearware) C:\Users\Asia\Downloads\ComboFix.exe 2018-01-26 20:13 - 2018-01-27 20:13 - 000000000 ____D C:\Program Files\9-lab 2018-01-26 20:13 - 2018-01-26 20:13 - 000000000 ____D C:\Users\Asia\AppData\Roaming\9-lab 2018-01-26 20:13 - 2018-01-26 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool 2018-01-26 20:13 - 2018-01-26 20:13 - 000000000 ____D C:\ProgramData\9-lab 2018-01-26 20:12 - 2018-01-26 20:13 - 006551872 _____ C:\Users\Asia\Downloads\rmtool-setup-x86.exe 2018-01-26 19:58 - 2018-01-26 19:58 - 000000000 ____D C:\NPE 2018-01-26 19:56 - 2018-01-26 19:56 - 000000000 ____D C:\ProgramData\SMR520 2018-01-26 19:55 - 2018-01-26 20:08 - 000000000 ____D C:\Users\Asia\AppData\Local\NPE 2018-01-26 19:55 - 2018-01-26 19:56 - 000000000 ____D C:\ProgramData\Norton 2018-01-26 19:55 - 2018-01-26 19:55 - 009522368 _____ (Symantec Corporation) C:\Users\Asia\Downloads\NPE.exe 2018-01-26 19:52 - 2018-01-27 20:12 - 000000000 ____D C:\Users\Asia\AppData\Local\AvgSetupLog 2018-01-26 19:52 - 2018-01-26 23:54 - 000000000 ____D C:\Users\Asia\AppData\Local\Avg 2018-01-26 19:52 - 2018-01-26 23:52 - 000000000 ____D C:\ProgramData\Avg 2018-01-26 19:51 - 2018-01-26 19:51 - 003646984 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Asia\Downloads\AVG_Protection_Free_698.exe 2018-01-26 19:42 - 2018-01-27 10:04 - 000000000 ____D C:\AdwCleaner 2018-01-26 19:41 - 2018-01-26 19:42 - 008206624 _____ (Malwarebytes) C:\Users\Asia\Downloads\adwcleaner_7.0.7.0.exe 2018-01-26 19:37 - 2018-01-26 19:37 - 001787590 _____ ( ) C:\Users\Asia\Downloads\AdwCleaner 7.0.7.0_1551961154.exe 2018-01-24 22:00 - 2018-01-24 22:00 - 000024816 _____ (Wiper Software) C:\Windows\system32\wiperrm.exe 2018-01-24 22:00 - 2018-01-24 22:00 - 000000000 ____D C:\Users\Asia\AppData\Local\CrashRpt 2018-01-24 21:56 - 2018-01-24 21:57 - 000017847 _____ C:\Users\Asia\Downloads\Addition.txt 2018-01-24 21:55 - 2018-01-27 20:45 - 000019318 _____ C:\Users\Asia\Downloads\FRST.txt 2018-01-24 21:55 - 2018-01-27 20:44 - 000000000 ____D C:\FRST 2018-01-24 21:52 - 2018-01-24 21:52 - 001754112 _____ (Farbar) C:\Users\Asia\Downloads\FRST.exe 2018-01-24 21:22 - 2018-01-24 21:22 - 001790024 _____ (Malwarebytes) C:\Users\Asia\Downloads\JRT.exe 2018-01-24 15:05 - 2018-01-24 15:05 - 000000000 _____ C:\Windows\system32\last.dump 2018-01-13 00:07 - 2018-01-13 00:07 - 000000000 ____D C:\Users\Asia\AppData\LocalLow\Temp 2018-01-12 21:22 - 2018-01-12 21:22 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2018-01-10 19:45 - 2018-01-10 19:44 - 000305840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2018-01-10 19:45 - 2018-01-10 19:44 - 000118144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-01-27 20:08 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-01-27 15:11 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf 2018-01-27 11:12 - 2017-09-12 21:50 - 000000000 ____D C:\Users\Asia\AppData\Local\Spotify 2018-01-27 11:11 - 2017-09-12 21:49 - 000000000 ____D C:\Users\Asia\AppData\Roaming\Spotify 2018-01-27 11:07 - 2017-12-04 12:14 - 000000000 ____D C:\Users\Asia\AppData\LocalLow\uTorrent 2018-01-27 11:07 - 2017-09-12 22:24 - 000000000 ____D C:\Users\Asia\AppData\Roaming\uTorrent 2018-01-27 10:50 - 2017-09-12 21:35 - 000000000 ____D C:\Users\Asia\AppData\Local\Google 2018-01-27 10:35 - 2017-09-12 20:02 - 000000000 ____D C:\Users\Asia 2018-01-27 09:33 - 2017-09-12 20:52 - 000000000 ____D C:\Windows\Panther 2018-01-26 20:33 - 2009-07-14 03:04 - 000000215 _____ C:\Windows\system.ini 2018-01-26 19:54 - 2017-09-13 11:28 - 000000000 ____D C:\Program Files\Common Files\Adobe 2018-01-24 17:54 - 2017-09-12 22:41 - 000000000 ___RD C:\Users\Asia\OneDrive 2018-01-24 16:09 - 2017-09-13 11:54 - 000000000 ____D C:\Users\Asia\AppData\Roaming\vlc 2018-01-10 20:07 - 2017-09-13 11:27 - 000000000 ____D C:\ProgramData\Adobe 2018-01-10 19:58 - 2017-09-12 21:35 - 000002151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-01-10 19:46 - 2017-09-12 22:16 - 000390256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2018-01-10 19:46 - 2017-09-12 22:16 - 000123880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2018-01-10 19:44 - 2017-11-19 20:12 - 000158224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2018-01-10 19:44 - 2017-09-12 22:16 - 000783104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2018-01-10 19:44 - 2017-09-12 22:16 - 000294680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2018-01-10 19:44 - 2017-09-12 22:16 - 000151328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2018-01-10 19:44 - 2017-09-12 22:16 - 000099528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2018-01-10 19:44 - 2017-09-12 22:16 - 000070832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2018-01-10 19:44 - 2017-09-12 22:16 - 000042824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2018-01-10 19:43 - 2017-09-12 22:16 - 000276696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys 2018-01-10 19:43 - 2017-09-12 22:16 - 000255584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys 2018-01-10 19:43 - 2017-09-12 22:16 - 000157376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys 2018-01-10 19:43 - 2017-09-12 22:16 - 000050344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe [2013-12-31 00:09] - [2013-12-31 12:54] - 002616320 _____ (Microsoft Corporation) E0FD1E1B9256C27A88FD14023E77FA88 C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => MD5 jest poprawne C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-01-27 15:39 ==================== Koniec FRST.txt ============================