Dziekuje! Czy teraz wszystko jest ok?
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 25-02-2017
Uruchomiony przez Sylwia (administrator) MACBOOK (26-02-2017 14:19:21)
Uruchomiony z C:\Users\Sylwia\Desktop
Załadowane profile: Sylwia (Dostępne profile: defaultuser0 & Sylwia)
Platform: Windows 10 Pro Wersja 1607 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Windows\System32\AppleOSSMgr.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(Microsoft Corporation) C:\Windows\System32\LicensingUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Rejestr (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [Apple_KbdMgr] = & gt; C:\Program Files\Boot Camp\Bootcamp.exe [2713448 2016-03-31] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] = & gt; C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-25] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] = & gt; C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2015-01-29] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] = & gt; C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.)
HKU\S-1-5-21-1529594689-296068204-1904029774-1001\...\Run: [CCleaner Monitoring] = & gt; C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-1529594689-296068204-1904029774-1001\...\Run: [Skype] = & gt; C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [] = & gt; [X]
ShellIconOverlayIdentifiers: [ DropboxExt01] - & gt; {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] - & gt; {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] - & gt; {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] - & gt; {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] - & gt; {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] - & gt; {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] - & gt; {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] - & gt; {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] - & gt; {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] - & gt; {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-25] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] - & gt; {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] - & gt; {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] - & gt; {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] - & gt; {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] - & gt; {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] - & gt; {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] - & gt; {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] - & gt; {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] - & gt; {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] - & gt; {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} = & gt; C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7d5be8d6-dc1e-42b9-a664-d9869a80d9f3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{89a0e7f6-9717-4779-937c-a519a71d0fb1}: [DhcpNameServer] 212.2.96.51 212.2.96.52
Internet Explorer:
==================
BHO-x32: Microsoft OneDrive for Business Browser Helper - & gt; {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - & gt; C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-07-13] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - & gt; C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - & gt; C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp - & gt; C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf - & gt; C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - & gt; C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 - & gt; C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default [2017-02-26]
CHR Extension: (Dokumenty Google) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-26]
CHR Extension: (Dysk Google) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-26]
CHR Extension: (YouTube) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-26]
CHR Extension: (uBlock Origin) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-02-08]
CHR Extension: (Dark Reader) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2016-09-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-26]
CHR Extension: (Morpheon Dark) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2016-09-26]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-26]
CHR Extension: (Chrome Media Router) - C:\Users\Sylwia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]
==================== Usługi (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [205600 2016-03-31] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-25] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-25] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-21] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-21] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655744 2012-09-22] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Sterowniki (filtrowane) ======================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R3 AppleCamera; C:\Windows\system32\DRIVERS\AppleCamera.sys [1934320 2016-03-02] (Apple Inc.)
R3 applemtp; C:\Windows\System32\drivers\applemtp.sys [49152 2015-10-01] (Apple Inc.)
R3 AppleSDR; C:\Windows\system32\DRIVERS\AppleSDR.sys [12800 2015-10-01] (Apple Inc.)
S3 AppleSPIDevice; C:\Windows\System32\drivers\AppleSPIDevice.sys [27136 2015-10-01] (Apple Inc.)
S3 AppleSPIKeyboard; C:\Windows\System32\drivers\AppleSPIKeyboard.sys [26336 2015-10-01] (Apple Inc.)
S0 AppleSSD; C:\Windows\System32\drivers\AppleSSD.sys [94944 2016-03-04] (Apple Inc.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309784 2017-02-25] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-02-25] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-02-25] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-02-25] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-02-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126088 2017-02-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-02-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [74680 2017-02-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [991496 2017-02-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-02-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-02-25] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337080 2017-02-25] (AVAST Software)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [10821880 2015-12-02] (Broadcom Corporation)
R3 CirrusLFD; C:\Windows\system32\DRIVERS\CSLFD.sys [89168 2016-03-02] (Cirrus Logic Inc.)
R3 CirrusUFD; C:\Windows\system32\DRIVERS\CSUFD.sys [13496 2016-03-02] (Cirrus Logic Inc.)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2016-03-02] (Intel Corporation)
S3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2016-03-02] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [101880 2016-03-02] (Intel Corporation)
S3 iaLPSS_UART; C:\Windows\System32\drivers\iaLPSS_UART.sys [143600 2016-03-02] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2017-02-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2017-02-26 09:38 - 2017-02-26 14:19 - 00018682 _____ C:\Users\Sylwia\Desktop\FRST.txt
2017-02-26 09:37 - 2017-02-25 23:13 - 02423296 _____ (Farbar) C:\Users\Sylwia\Desktop\FRST64.exe
2017-02-25 23:14 - 2017-02-26 14:19 - 00000000 ____D C:\FRST
2017-02-25 21:03 - 2017-02-25 21:03 - 00000000 _____ C:\Users\Sylwia\AppData\Local\{9CDE06A1-5B1C-4511-937B-7C8CC5626A86}
2017-02-25 20:37 - 2017-02-26 14:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-25 20:36 - 2017-02-25 20:47 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-02-25 20:36 - 2017-02-25 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-02-25 20:36 - 2017-02-25 20:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-25 20:36 - 2017-02-25 20:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-02-25 20:36 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-25 20:36 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-02-25 20:36 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2017-02-25 20:27 - 2017-02-25 20:27 - 00079596 _____ C:\Users\Sylwia\Documents\cc_20170225_202747.reg
2017-02-25 20:26 - 2017-02-25 20:47 - 00000914 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-25 20:26 - 2017-02-25 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-25 20:20 - 2017-02-25 20:20 - 00000089 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2017-02-25 20:08 - 2017-02-25 20:08 - 04015056 _____ C:\Users\Sylwia\Desktop\adwcleaner_6.043.exe
2017-02-25 20:04 - 2017-02-25 20:04 - 00000000 ___HD C:\$AV_ASW
2017-02-25 20:02 - 2017-02-25 20:02 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-02-25 20:02 - 2017-02-25 20:02 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-02-25 20:02 - 2017-02-25 20:02 - 00309784 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-02-25 20:02 - 2017-02-25 20:02 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-02-25 20:02 - 2017-02-25 20:02 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-02-25 20:02 - 2017-02-25 20:02 - 00003994 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-02-18 22:04 - 2017-02-18 22:06 - 00000000 ____D C:\Users\Sylwia\Desktop\najnowsze estime
2017-02-18 18:09 - 2017-02-22 09:20 - 00000000 ____D C:\Users\Sylwia\Desktop\fo gorz
2017-02-18 17:48 - 2017-02-18 20:02 - 50600448 ____H C:\Users\Sylwia\Desktop\~WRL3000.tmp
2017-02-18 09:03 - 2017-02-18 09:03 - 00012330 ____H C:\Users\Sylwia\Desktop\~WRL1267.tmp
2017-02-17 14:08 - 2017-02-17 14:08 - 00000000 ____D C:\Users\Sylwia\Desktop\do prezentacji
2017-02-08 17:15 - 2017-02-08 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-07 21:37 - 2017-02-07 21:42 - 00032768 ____H C:\Users\Sylwia\Desktop\~WRL3927.tmp
2017-02-07 21:03 - 2017-02-08 10:49 - 00069632 ____H C:\Users\Sylwia\Desktop\~WRL3219.tmp
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-03 22:37 - 2017-02-03 22:37 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-02-03 22:37 - 2017-02-03 22:37 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-31 16:08 - 2017-01-31 15:14 - 06593536 _____ C:\Users\Sylwia\Documents\Prezentacja_investment_.ppt
2017-01-31 15:14 - 2017-01-31 16:41 - 06594560 _____ C:\Users\Sylwia\Prezentacja_investment_.ppt
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2017-02-26 14:16 - 2016-09-26 17:47 - 04616052 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-26 14:16 - 2016-07-16 23:05 - 02107662 _____ C:\Windows\system32\perfh015.dat
2017-02-26 14:16 - 2016-07-16 23:05 - 00565234 _____ C:\Windows\system32\perfc015.dat
2017-02-26 14:12 - 2016-09-26 17:54 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-26 14:12 - 2016-09-26 17:54 - 00000000 __SHD C:\Users\Sylwia\IntelGraphicsProfiles
2017-02-26 14:12 - 2016-09-26 17:39 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-26 09:44 - 2016-07-16 07:04 - 00524288 _____ C:\Windows\system32\config\BBI
2017-02-26 09:29 - 2016-11-18 00:14 - 00000000 ____D C:\Users\Sylwia\AppData\LocalLow\Temp
2017-02-26 09:29 - 2016-09-26 20:03 - 00002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-26 09:18 - 2016-09-26 17:39 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-02-25 23:51 - 2016-09-26 17:45 - 00000000 ____D C:\Users\Sylwia
2017-02-25 23:48 - 2016-10-30 20:32 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\Skype
2017-02-25 23:16 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-02-25 21:05 - 2016-10-21 21:03 - 00000000 ___RD C:\Users\Sylwia\Dropbox
2017-02-25 20:48 - 2016-10-30 08:03 - 00002030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-02-25 20:48 - 2016-09-26 20:26 - 00002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-02-25 20:48 - 2016-09-26 20:26 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-02-25 20:48 - 2016-09-26 20:26 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-02-25 20:48 - 2016-09-26 20:26 - 00002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-02-25 20:48 - 2016-09-26 17:54 - 00000652 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2017-02-25 20:48 - 2016-09-26 17:51 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-02-25 20:47 - 2016-11-06 09:14 - 00001692 _____ C:\Users\Public\Desktop\Brother Utilities.lnk
2017-02-25 20:47 - 2016-10-25 21:16 - 00000286 _____ C:\Users\Sylwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KINGSTON (D).lnk
2017-02-25 20:47 - 2016-10-03 06:55 - 00001155 _____ C:\Users\Public\Desktop\Mobile Partner.lnk
2017-02-25 20:47 - 2016-09-26 17:47 - 00002418 _____ C:\Users\Sylwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-25 20:26 - 2016-11-05 19:18 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\uTorrent
2017-02-25 20:26 - 2016-09-26 21:16 - 00000000 ____D C:\ProgramData\Foxit Software
2017-02-25 20:26 - 2016-09-26 18:39 - 00000000 ____D C:\Windows\Panther
2017-02-25 20:24 - 2016-09-26 21:16 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2017-02-25 20:20 - 2016-09-26 17:50 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-25 20:02 - 2016-10-30 08:03 - 00991496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-02-25 20:02 - 2016-10-30 08:03 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-02-25 20:02 - 2016-10-30 08:03 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148804935346804
2017-02-25 20:02 - 2016-10-30 08:03 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-02-25 20:02 - 2016-10-30 08:03 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-02-25 20:02 - 2016-10-30 08:03 - 00126088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-02-25 20:02 - 2016-10-30 08:03 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-02-25 20:02 - 2016-10-30 08:03 - 00074680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-02-25 20:02 - 2016-10-30 08:03 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-02-25 18:39 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-25 18:39 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-02-23 18:40 - 2016-09-27 19:36 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 18:37 - 2016-09-27 19:36 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 09:43 - 2016-10-30 20:32 - 00000000 ____D C:\ProgramData\Skype
2017-02-22 13:01 - 2016-09-26 17:45 - 00000000 ____D C:\Users\Sylwia\AppData\Local\Packages
2017-02-22 09:06 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-02-17 18:15 - 2016-11-06 09:13 - 00008051 _____ C:\Windows\BRRBCOM.INI
2017-02-12 11:55 - 2016-09-26 20:45 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\vlc
2017-02-11 19:21 - 2016-12-17 17:49 - 00000000 ____D C:\Users\Sylwia\Desktop\Nowy folder (2)
2017-02-08 17:15 - 2016-10-21 21:01 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 00:25 - 2016-10-30 20:32 - 00000000 ___RD C:\Program Files (x86)\Skype
==================== Pliki w katalogu głównym wybranych folderów =======
2017-02-25 21:03 - 2017-02-25 21:03 - 0000000 _____ () C:\Users\Sylwia\AppData\Local\{9CDE06A1-5B1C-4511-937B-7C8CC5626A86}
==================== Bamital & volsnap ======================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\services.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe = & gt; Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll = & gt; Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys = & gt; Plik podpisany cyfrowo
LastRegBack: 2017-02-25 00:05
==================== Koniec FRST.txt ============================